Commit a7da8071 authored by Floréal Cabanettes's avatar Floréal Cabanettes

Change password hash algorithm + refactor settings contants

parent 9e1136ea
......@@ -4,7 +4,8 @@ import json
import hashlib
from flask import Flask, render_template, request, jsonify, Response
from flask_mongoengine import MongoEngine
from settings import db_name, site_name, timezone, locale
from flask_bcrypt import Bcrypt
from settings import DB_NAME, SITE_NAME, TIMEZONE, LOCALE
from werkzeug.exceptions import NotFound
from flask_babel import Babel
from flask_babel import gettext as _
......@@ -19,20 +20,21 @@ from model.user import User
app = Flask(__name__)
app.config['MONGODB_DB'] = db_name
app.config['BABEL_DEFAULT_LOCALE'] = locale
app.config['BABEL_DEFAULT_TIMEZONE'] = timezone
app.config['MONGODB_DB'] = DB_NAME
app.config['BABEL_DEFAULT_LOCALE'] = LOCALE
app.config['BABEL_DEFAULT_TIMEZONE'] = TIMEZONE
app.register_blueprint(register)
app.register_blueprint(panel)
babel = Babel(app)
db = MongoEngine(app)
crypt = Bcrypt(app)
@app.context_processor
def inject_default_data():
return dict({
"locale": locale,
"locales": [locale],
"locale": LOCALE,
"locales": [LOCALE],
})
......@@ -50,7 +52,7 @@ def home():
# categories=[{"name": "Plat principal"}, {"name": "Entrée"}],
# author={"name": "Floréal", "id": "1"})
# recipe.save()
return render_template("web/basisnav.html", title=_("Panel") + " | " + site_name)
return render_template("web/basisnav.html", title=_("Panel") + " | " + SITE_NAME)
@app.route('/login', methods=["GET", "POST"])
......@@ -62,12 +64,12 @@ def login():
email = request.args.get("email")
if "after" in request.args and request.args.get("after") is not None:
after = request.args.get("after")
return render_template("web/login.html", email=email, after=after, title=_("Login") + " | " + site_name)
return render_template("web/login.html", email=email, after=after, title=_("Login") + " | " + SITE_NAME)
@app.errorhandler(NotFound)
def error_handle_not_found(e):
return render_template("404.html", title=site_name)
return render_template("404.html", title=SITE_NAME)
if __name__ == "__main__":
......
......@@ -2,7 +2,7 @@
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from settings import mail
from settings import MAIL
import smtplib
......@@ -11,7 +11,7 @@ def send_mail(to, subject, message):
msg = MIMEMultipart()
# setup the parameters of the message
msg['From'] = mail["from"]
msg['From'] = MAIL["from"]
msg['To'] = to
msg['Subject'] = subject
......@@ -19,12 +19,12 @@ def send_mail(to, subject, message):
msg.attach(MIMEText(message, 'plain'))
# create server
server = smtplib.SMTP(f'{mail["server"]}: {mail["port"]}')
server = smtplib.SMTP(f'{MAIL["server"]}: {MAIL["port"]}')
server.starttls()
# Login Credentials for sending the mail
server.login(mail["username"], mail["password"])
server.login(MAIL["username"], MAIL["password"])
# send the message via the server.
server.sendmail(msg['From'], msg['To'], msg.as_string())
......
db_name = "recipen"
categories = ["Entrée", "Plat principal", "Dessert", "Accompagnements", "Base", "Biscuits & Friandises",
DB_NAME = "recipen"
CATEGORIES = ["Entrée", "Plat principal", "Dessert", "Accompagnements", "Base", "Biscuits & Friandises",
"Pain & Viennoiserie", "Divers"]
site_name = "Recipen"
locale = "fr"
timezone = "Europe/Paris"
SITE_NAME = "Recipen"
LOCALE = "en"
TIMEZONE = "Europe/Paris"
# PLEASE FILL MAIL SETTINGS TO MAKE REGISTER PAGE WORKING
mail = {
MAIL = {
"server": "",
"username": "",
"from": "",
"password": "",
"port": 587
}
PASSWORD_HASH_ROUNDS = 12
from flask import Blueprint, render_template
from flask_babel import gettext as _
from settings import site_name
from settings import SITE_NAME
page = Blueprint('panel', __name__)
@page.route('/panel')
def panel_home():
return render_template("panel/basis.html", title=_("Panel") + " | " + site_name)
\ No newline at end of file
return render_template("panel/basis.html", title=_("Panel") + " | " + SITE_NAME)
\ No newline at end of file
......@@ -2,9 +2,10 @@ import json
import hashlib
from flask import Blueprint, render_template, request, Response, jsonify
from flask_babel import gettext as _
from flask_bcrypt import generate_password_hash
from mongoengine.errors import NotUniqueError
from settings import site_name
from settings import SITE_NAME, PASSWORD_HASH_ROUNDS
from mail import send_mail
from model.user import User
......@@ -14,7 +15,7 @@ page = Blueprint('register', __name__)
@page.route('/register', methods=['GET'])
def register_page():
return render_template("web/register.html", title=_("Register") + " | " + site_name)
return render_template("web/register.html", title=_("Register") + " | " + SITE_NAME)
@page.route('/register', methods=['POST'])
......@@ -27,14 +28,15 @@ def register():
nb_user = User.objects().count()
if nb_user == 0:
role = "admin"
password = generate_password_hash(data["password"], PASSWORD_HASH_ROUNDS)
user = User(name=data["name"], email=data["email"],
password=hashlib.sha3_512(data["password"].encode()).hexdigest(), role=role, active=False)
password=password, role=role, active=False)
try:
user.save()
token = "?token=" + hashlib.md5((data["name"] + data["email"]).encode()).hexdigest() + "&mail=" + data["email"]
send_mail(data["email"], f"{site_name} - " + _("please activate your account"),
send_mail(data["email"], f"{SITE_NAME} - " + _("please activate your account"),
_("Welcome %s,\n\nPlease click on this link to activate your account on %s:\n") %
(data["name"], site_name) + request.url_root + "activate" + token)
(data["name"], SITE_NAME) + request.url_root + "activate" + token)
return jsonify(success=True,
message=_("User successfully created. Please check your mail to validate your account."))
except NotUniqueError:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment