darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-05-04 08:01:34 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
feba58f441f0517e3e8df93d2eece6fdef7dfa97
notifications-admin/app/main/dao/users_dao.py
Rebecca Law bb1db0c345 When the user request a reset password link, the user.state is set to request_password_reset. 
Which means the user will only be able to reset their password, and not sign-in.
Once the user resets the password the user state is set to active once more.
If the link is used a second time they will be redirected to the index page with a message
that the link in the email is not longer valid.
2016-01-11 12:23:08 +00:00

75 lines
1.6 KiB
Python
Raw Blame History

from datetime import datetime
from sqlalchemy.orm import load_only
from app import db, login_manager
from app.models import User
from app.main.encryption import hashpw
@login_manager.user_loader
def load_user(user_id):
return get_user_by_id(user_id)
def insert_user(user):
user.password = hashpw(user.password)
db.session.add(user)
db.session.commit()
# TODO Would be better to have a generic get and update for user
# something that replicates the sql functionality.
def get_user_by_id(id):
return User.query.filter_by(id=id).first()
def get_all_users():
return User.query.all()
def get_user_by_email(email_address):
return User.query.filter_by(email_address=email_address).first()
def increment_failed_login_count(id):
user = User.query.filter_by(id=id).first()
user.failed_login_count += 1
db.session.commit()
def activate_user(id):
user = get_user_by_id(id)
user.state = 'active'
db.session.add(user)
db.session.commit()
def update_email_address(id, email_address):
user = get_user_by_id(id)
user.email_address = email_address
db.session.add(user)
db.session.commit()
def update_mobile_number(id, mobile_number):
user = get_user_by_id(id)
user.mobile_number = mobile_number
db.session.add(user)
db.session.commit()
def update_password(user, password):
user.password = hashpw(password)
user.password_changed_at = datetime.now()
user.state = 'active'
db.session.add(user)
db.session.commit()
def request_password_reset(email):
user = get_user_by_email(email)
user.state = 'request_password_reset'
db.session.add(user)
db.session.commit()
Reference in New Issue View Git Blame Copy Permalink