else:
connect_user(user)
# :TODO:maethor:120528: Remplacer la clé pour qu'elle ne puisse plus être utilisée
- return redirect(url_for('home'))
+ flash(u"Veuillez mettre à jour votre mot de passe", 'info')
+ return redirect(url_for('user_password'), username=user['name'])
#---------------
# User settings
-@app.route('/user/settings/<username>')
+@app.route('/user/<username>')
def show_user(username):
if username != session.get('username'):
abort(401)
+ return render_template('show_user.html')
+
+@app.route('/user/settings/<username>', methods=['GET', 'POST'])
+def user_settings(username):
+ if username != session.get('username'):
+ abort(401)
+ if request.method == 'POST':
+ g.db.execute('update users set email = ?, name = ?, organization = ? where id = ?',
+ [request.form['email'], request.form['name'], request.form['organization'], session['userid']])
+ g.db.commit()
+ disconnect_user()
+ flash(u'Votre profil a été mis à jour !', 'success')
+ return redirect(url_for('login'))
+ return render_template('user_settings.html')
+
+@app.route('/user/password/<username>', methods=['GET', 'POST'])
+def user_password(username):
+ if username != session.get('username'):
+ abort(401)
+ if request.method == 'POST':
+ if request.form['password'] == request.form['password2']:
+ # :TODO:maethor:120528: Chiffrer le mot de passe !
+ g.db.execute('update users set password = ? where id = ?', [request.form['password'], session['userid']])
+ g.db.commit()
+ flash(u'Votre mot de passe a été mis à jour.', 'success')
+ else:
+ flash(u'Les mots de passe sont différents.', 'error')
return render_template('user_settings.html')
#------------
id INTEGER primary key autoincrement,
email TEXT unique not null,
password TEXT not null,
- name TEXT,
+ name unique TEXT,
organization TEXT,
is_admin INTEGER default 0 not null,
key TEXT
<a href="#" class="btn dropdown-toggle" data-toggle="dropdown"><b class="caret"></b></a>
<ul class="dropdown-menu pull-right">
<li><a href=""><i class="icon-comment"></i> Votes en attente</a></li>
- <li><a href="{{ url_for('show_user', username=session.username) }}"><i class="icon-cog"></i> Paramètres</a></li>
+ <li><a href="{{ url_for('user_settings', username=session.username) }}"><i class="icon-cog"></i> Paramètres</a></li>
<li class="divider"></li>
<li><a href="{{ url_for('logout') }}"><i class="icon-off"></i> Déconnexion</a></li>
</ul>
--- /dev/null
+{% extends "layout.html" %}
+{% block body %}
+<h2>{{ session.username }}</h2>
+<div class="span8">
+ <dl>
+ <dt>Email :
+ <dd>{{ session.email }}
+ <dt>Association :
+ <dd>{{ session.organization }}
+ <dt>Groupes :
+ <dd><em>à venir</em>
+</div>
+{% endblock %}
+
{% extends "layout.html" %}
{% block body %}
<h2>{{ session.username }}</h2>
+<div class="row">
+ <div class="span6 well">
+ <form class="form-horizontal" action="{{ url_for('user_settings', username=session.username) }}" method="post">
+ <fieldset><legend>Mise à jour du profil utilisateur</legend>
+ <div class="alert"><strong>Attention :</strong> À l'issue de ce formulaire, vous devrez vous reconnecter</div>
+ <div class="control-group">
+ <label class="control-label" for="email">E-mail</label>
+ <div class="controls">
+ <input type="text" name="email" id="email" value="{{ session.email }}"/>
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="name">Nom</label>
+ <div class="controls">
+ <input type="text" name="name" id="name" value="{{ session.username }}" />
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="organization">Association</label>
+ <div class="controls">
+ <input type="text" name="organization" id="organization" value="{{ session.organization }}"/>
+ </div>
+ </div>
+ <!--<label for="password">Mot de passe</label>
+ <input type="password" name="password" id="password" />-->
+ <div class="form-actions">
+ <input type="submit" class="btn btn-primary" value="Enregistrer" />
+ <input type="reset" class="btn" value="Annuler" />
+ </div>
+ </fieldset>
+ </form>
+ </div>
+
+ <div class="span5 well">
+ <form class="form-horizontal" action="{{ url_for('user_password', username=session.username) }}" method="post">
+ <fieldset><legend>Modification du mot de passe</legend>
+ <div class="control-group">
+ <label class="control-label" for="password">Mot de passe</label>
+ <div class="controls">
+ <input type="password" name="password" id="password" />
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="password2">Confirmation</label>
+ <div class="controls">
+ <input type="password" name="password2" id="password2" />
+ </div>
+ </div>
+ <div class="form-actions">
+ <input type="submit" class="btn btn-primary" value="Enregistrer" />
+ <input type="reset" class="btn" value="Annuler" />
+ </div>
+ </fieldset>
+ </form>
+ </div>
+</div>
{% endblock %}