aboutsummaryrefslogtreecommitdiff
path: root/src/web
diff options
context:
space:
mode:
Diffstat (limited to 'src/web')
-rw-r--r--src/web/forms.py29
-rw-r--r--src/web/lib/user_utils.py8
-rw-r--r--src/web/models/user.py7
-rw-r--r--src/web/templates/admin/create_user.html3
-rw-r--r--src/web/templates/admin/dashboard.html2
-rw-r--r--src/web/templates/login.html6
-rw-r--r--src/web/templates/opml.xml1
-rw-r--r--src/web/templates/profile.html3
-rw-r--r--src/web/views/admin.py2
-rw-r--r--src/web/views/user.py77
10 files changed, 56 insertions, 82 deletions
diff --git a/src/web/forms.py b/src/web/forms.py
index 49f879ec..90e90584 100644
--- a/src/web/forms.py
+++ b/src/web/forms.py
@@ -48,7 +48,7 @@ class SignupForm(Form):
email = EmailField(lazy_gettext("Email"),
[validators.Length(min=6, max=35),
validators.Required(
- lazy_gettext("Please enter your email address."))])
+ lazy_gettext("Please enter your email address (for account activation, won't be stored)."))])
password = PasswordField(lazy_gettext("Password"),
[validators.Required(lazy_gettext("Please enter a password.")),
validators.Length(min=6, max=100)])
@@ -60,9 +60,6 @@ class SignupForm(Form):
if ucontr.read(nickname=self.nickname.data).count():
self.nickname.errors.append('Nickname already taken')
validated = False
- if ucontr.read(email=self.email.data).count():
- self.email.errors.append('Email already taken')
- validated = False
return validated
@@ -88,10 +85,10 @@ class SigninForm(RedirectForm):
"""
Sign in form (connection to newspipe).
"""
- email_or_nickmane = TextField("Email or nickname",
- [validators.Length(min=3, max=35),
- validators.Required(
- lazy_gettext("Please enter your email address or nickname."))])
+ nickmane = TextField("Nickname",
+ [validators.Length(min=3, max=35),
+ validators.Required(
+ lazy_gettext("Please enter your nickname."))])
password = PasswordField(lazy_gettext('Password'),
[validators.Required(lazy_gettext("Please enter a password.")),
validators.Length(min=6, max=100)])
@@ -105,16 +102,14 @@ class SigninForm(RedirectForm):
validated = super().validate()
ucontr = UserController()
try:
- user = ucontr.get(**{'__or__':
- {'email': self.email_or_nickmane.data,
- 'nickname': self.email_or_nickmane.data}})
+ user = ucontr.get(nickname=self.nickmane.data)
except NotFound:
- self.email_or_nickmane.errors.append(
- 'Wrong email address or nickname')
+ self.nickmane.errors.append(
+ 'Wrong nickname')
validated = False
else:
if not user.is_active:
- self.email_or_nickmane.errors.append('Account not active')
+ self.nickmane.errors.append('Account not active')
validated = False
if not ucontr.check_password(user, self.password.data):
self.password.errors.append('Wrong password')
@@ -129,9 +124,6 @@ class UserForm(Form):
"""
nickname = TextField(lazy_gettext("Nickname"),
[validators.Required(lazy_gettext("Please enter your nickname."))])
- email = EmailField(lazy_gettext("Email"),
- [validators.Length(min=6, max=35),
- validators.Required(lazy_gettext("Please enter your email."))])
password = PasswordField(lazy_gettext("Password"))
automatic_crawling = BooleanField(lazy_gettext("Automatic crawling"),
default=True)
@@ -153,9 +145,6 @@ class ProfileForm(Form):
"""
nickname = TextField(lazy_gettext("Nickname"),
[validators.Required(lazy_gettext("Please enter your nickname."))])
- email = EmailField(lazy_gettext("Email"),
- [validators.Length(min=6, max=35),
- validators.Required(lazy_gettext("Please enter your email."))])
password = PasswordField(lazy_gettext("Password"))
password_conf = PasswordField(lazy_gettext("Password Confirmation"))
automatic_crawling = BooleanField(lazy_gettext("Automatic crawling"),
diff --git a/src/web/lib/user_utils.py b/src/web/lib/user_utils.py
index dfeb8dfa..f78a6ed6 100644
--- a/src/web/lib/user_utils.py
+++ b/src/web/lib/user_utils.py
@@ -5,19 +5,19 @@ import conf
from bootstrap import application
-def generate_confirmation_token(email):
+def generate_confirmation_token(nickname):
serializer = URLSafeTimedSerializer(application.config['SECRET_KEY'])
- return serializer.dumps(email, salt=application.config['SECURITY_PASSWORD_SALT'])
+ return serializer.dumps(nickname, salt=application.config['SECURITY_PASSWORD_SALT'])
def confirm_token(token):
serializer = URLSafeTimedSerializer(application.config['SECRET_KEY'])
try:
- email = serializer.loads(
+ nickname = serializer.loads(
token,
salt=application.config['SECURITY_PASSWORD_SALT'],
max_age=conf.TOKEN_VALIDITY_PERIOD
)
except:
return False
- return email
+ return nickname
diff --git a/src/web/models/user.py b/src/web/models/user.py
index 460958e0..e0f86328 100644
--- a/src/web/models/user.py
+++ b/src/web/models/user.py
@@ -2,9 +2,9 @@
# -*- coding: utf-8 -*-
# newspipe - A Web based news aggregator.
-# Copyright (C) 2010-2016 Cédric Bonhomme - https://www.cedricbonhomme.org
+# Copyright (C) 2010-2018 Cédric Bonhomme - https://www.cedricbonhomme.org
#
-# For more information : https://github.com/Newspipe/Newspipe
+# For more information : https://github.com/newspipe/newspipe
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
@@ -46,7 +46,6 @@ class User(db.Model, UserMixin, RightMixin):
"""
id = db.Column(db.Integer, primary_key=True)
nickname = db.Column(db.String(), unique=True)
- email = db.Column(db.String(254), index=True, unique=True)
pwdhash = db.Column(db.String())
automatic_crawling = db.Column(db.Boolean(), default=True)
@@ -74,7 +73,7 @@ class User(db.Model, UserMixin, RightMixin):
@staticmethod
def _fields_base_write():
- return {'login', 'password', 'email'}
+ return {'login', 'password'}
@staticmethod
def _fields_base_read():
diff --git a/src/web/templates/admin/create_user.html b/src/web/templates/admin/create_user.html
index 5afa22b2..40aad468 100644
--- a/src/web/templates/admin/create_user.html
+++ b/src/web/templates/admin/create_user.html
@@ -12,9 +12,6 @@
{{ form.nickname.label }}
{{ form.nickname(class_="form-control") }} {% for error in form.nickname.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
- {{ form.email.label }}
- {{ form.email(class_="form-control") }} {% for error in form.email.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
-
{{ form.password.label }}
{{ form.password(class_="form-control") }} {% for error in form.password.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
diff --git a/src/web/templates/admin/dashboard.html b/src/web/templates/admin/dashboard.html
index 19c67b8e..a710e1be 100644
--- a/src/web/templates/admin/dashboard.html
+++ b/src/web/templates/admin/dashboard.html
@@ -10,7 +10,6 @@
<tr>
<th>#</th>
<th>{{ _('Nickname') }}</th>
- <th>{{ _('Email') }}</th>
<th>{{ _('Member since') }}</th>
<th>{{ _('Last seen') }}</th>
<th>{{ _('Actions') }}</th>
@@ -28,7 +27,6 @@
{% endif %}
{% if user.id == current_user.id %}&nbsp;(It's you!){% endif %}
</td>
- <td><a href="mailto:{{ user.email }}">{{ user.email }}</a></td>
<td class="date">{{ user.date_created | datetime }}</td>
<td class="date">{{ user.last_seen | datetime }}</td>
<td>
diff --git a/src/web/templates/login.html b/src/web/templates/login.html
index 4bbb28f9..d2724ac3 100644
--- a/src/web/templates/login.html
+++ b/src/web/templates/login.html
@@ -7,9 +7,9 @@
{{ form.hidden_tag() }}
<div class="form-group">
- {{ form.email_or_nickmane(class_="form-control", placeholder=_('Your email or nickname')) }}
+ {{ form.nickmane(class_="form-control", placeholder=_('Your nickname')) }}
</div>
- {% for message in form.email_or_nickmane.errors %}
+ {% for message in form.nickmane.errors %}
<div class="alert alert-warning" role="alert">{{ message }}</div>
{% endfor %}
@@ -24,7 +24,5 @@
</form>
</div>
<a href="/signup" class="btn btn-default">{{ _('Sign up') }}</a>
- &nbsp;
- <a href="{{ url_for('user.recover') }}" class="btn btn-default">{{ _('Forgot password') }}</a>
</div><!-- /.container -->
{% endblock %}
diff --git a/src/web/templates/opml.xml b/src/web/templates/opml.xml
index 5f65329e..3862772d 100644
--- a/src/web/templates/opml.xml
+++ b/src/web/templates/opml.xml
@@ -6,7 +6,6 @@
<dateCreated>{{ now | datetime }}</dateCreated>
<dateModified>{{ now | datetime }}</dateModified>
<ownerName>{{ user.nickname }}</ownerName>
- <ownerEmail>{{ user.email }}</ownerEmail>
</head>
<body>
{% for feed in user.feeds %} <outline title="{{ feed.title|escape }}" text="{{ feed.title|escape }}" description="{{ feed.description|escape }}" {% if feed.category_id != None %}category="/{{ categories[feed.category_id].name }}"{% endif %} xmlUrl="{{ feed.link|escape }}" htmlUrl="{{ feed.site_link|escape }}" />
diff --git a/src/web/templates/profile.html b/src/web/templates/profile.html
index 58d907ef..523e7c3c 100644
--- a/src/web/templates/profile.html
+++ b/src/web/templates/profile.html
@@ -22,9 +22,6 @@
{{ form.nickname.label }}
{{ form.nickname(class_="form-control") }} {% for error in form.nickname.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
- {{ form.email.label }}
- {{ form.email(class_="form-control") }} {% for error in form.email.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
-
{{ form.password.label }}
{{ form.password(class_="form-control") }} {% for error in form.password.errors %} <span style="color: red;">{{ error }}<br /></span>{% endfor %}
diff --git a/src/web/views/admin.py b/src/web/views/admin.py
index c9aa0977..07c4f974 100644
--- a/src/web/views/admin.py
+++ b/src/web/views/admin.py
@@ -61,7 +61,6 @@ def process_user_form(user_id=None):
# Edit a user
user_contr.update({'id': user_id},
{'nickname': form.nickname.data,
- 'email': form.email.data,
'password': form.password.data,
'automatic_crawling': form.automatic_crawling.data})
user = user_contr.get(id=user_id)
@@ -70,7 +69,6 @@ def process_user_form(user_id=None):
else:
# Create a new user (by the admin)
user = user_contr.create(nickname=form.nickname.data,
- email=form.email.data,
pwdhash=generate_password_hash(form.password.data),
automatic_crawling=form.automatic_crawling.data,
is_admin=False,
diff --git a/src/web/views/user.py b/src/web/views/user.py
index 6890b0e4..fdcde238 100644
--- a/src/web/views/user.py
+++ b/src/web/views/user.py
@@ -60,9 +60,9 @@ def management():
flash(gettext('File not allowed.'), 'danger')
else:
try:
- nb = import_opml(current_user.email, data.read())
+ nb = import_opml(current_user.nickname, data.read())
if conf.CRAWLING_METHOD == "classic":
- misc_utils.fetch(current_user.email, None)
+ misc_utils.fetch(current_user.id, None)
flash(str(nb) + ' ' + gettext('feeds imported.'),
"success")
flash(gettext("Downloading articles..."), 'info')
@@ -76,7 +76,7 @@ def management():
flash(gettext('File not allowed.'), 'danger')
else:
try:
- nb = import_json(current_user.email, data.read())
+ nb = import_json(current_user.nickname, data.read())
flash(gettext('Account imported.'), "success")
except:
flash(gettext("Impossible to import the account."),
@@ -112,7 +112,6 @@ def profile():
try:
user_contr.update({'id': current_user.id},
{'nickname': form.nickname.data,
- 'email': form.email.data,
'password': form.password.data,
'automatic_crawling': form.automatic_crawling.data,
'is_public_profile': form.is_public_profile.data,
@@ -151,11 +150,11 @@ def confirm_account(token=None):
Confirm the account of a user.
"""
user_contr = UserController()
- user, email = None, None
+ user, nickname = None, None
if token != "":
- email = confirm_token(token)
- if email:
- user = user_contr.read(email=email).first()
+ nickname = confirm_token(token)
+ if nickname:
+ user = user_contr.read(nickname=nickname).first()
if user is not None:
user_contr.update({'id': user.id}, {'is_active': True})
flash(gettext('Your account has been confirmed.'), 'success')
@@ -164,34 +163,34 @@ def confirm_account(token=None):
return redirect(url_for('login'))
-@user_bp.route('/recover', methods=['GET', 'POST'])
-def recover():
- """
- Enables the user to recover its account when he has forgotten
- its password.
- """
- form = RecoverPasswordForm()
- user_contr = UserController()
-
- if request.method == 'POST':
- if form.validate():
- user = user_contr.get(email=form.email.data)
- characters = string.ascii_letters + string.digits
- password = "".join(random.choice(characters)
- for x in range(random.randint(8, 16)))
- user.set_password(password)
- user_contr.update({'id': user.id}, {'password': password})
-
- # Send the confirmation email
- try:
- notifications.new_password_notification(user, password)
- flash(gettext('New password sent to your address.'), 'success')
- except Exception as error:
- flash(gettext('Problem while sending your new password: '
- '%(error)s', error=error), 'danger')
-
- return redirect(url_for('login'))
- return render_template('recover.html', form=form)
-
- if request.method == 'GET':
- return render_template('recover.html', form=form)
+# @user_bp.route('/recover', methods=['GET', 'POST'])
+# def recover():
+# """
+# Enables the user to recover its account when he has forgotten
+# its password.
+# """
+# form = RecoverPasswordForm()
+# user_contr = UserController()
+#
+# if request.method == 'POST':
+# if form.validate():
+# user = user_contr.get(email=form.email.data)
+# characters = string.ascii_letters + string.digits
+# password = "".join(random.choice(characters)
+# for x in range(random.randint(8, 16)))
+# user.set_password(password)
+# user_contr.update({'id': user.id}, {'password': password})
+#
+# # Send the confirmation email
+# try:
+# notifications.new_password_notification(user, password)
+# flash(gettext('New password sent to your address.'), 'success')
+# except Exception as error:
+# flash(gettext('Problem while sending your new password: '
+# '%(error)s', error=error), 'danger')
+#
+# return redirect(url_for('login'))
+# return render_template('recover.html', form=form)
+#
+# if request.method == 'GET':
+# return render_template('recover.html', form=form)
bgstack15