Added change username and password functionality

Author: CodeConfidant

app/routes.py

@@ -79,4 +79,47 @@ def del_user():
             user_db.drop_row("Username", username)
             user_db.close_db()
             flash(str("User {0} successfully deleted!").format(username))
-            return render_template("index.html", title='Home')
+            return render_template("index.html", title='Home')
+
+@app.route('/change_password', methods = ['POST', 'GET'])
+def change_password():
+    if (request.method == 'POST'):
+        username = request.form['username']
+        password = request.form['password']
+        new_password = request.form['new_password']
+        user_db.open_db()
+        row = user_db.get_row("Username", username)
+
+        try:
+            if (row != None and row["Username"] == username and sha512_crypt.verify(password, row["Password"]) == True):
+                user_db.update_row("Password", sha512_crypt.hash(new_password), "Username", username)
+                user_db.close_db()
+                flash("Password changed successfully!")
+                return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+            else:
+                user_db.close_db()
+                flash("Password change failed! The current password provided is incorrect!")
+                return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+        except:
+            user_db.close_db()
+            flash("Password change failed! The current password provided is incorrect!")
+            return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+
+@app.route('/change_username', methods = ['POST', 'GET'])
+def change_username():
+    if (request.method == 'POST'):
+        username = request.form['username']
+        new_username = request.form['new_username']
+        user_db.open_db()
+
+        if (user_db.get_row("Username", new_username) == None):
+            user_db.update_row("Username", new_username, "Username", username)
+            row = user_db.get_row("Username", new_username)
+            user_db.close_db()
+            flash("Username changed successfully!")
+            return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])
+        else:
+            row = user_db.get_row("Username", username)
+            user_db.close_db()
+            flash("Username change failed! That username already exists!")
+            return render_template("account.html", title='Account', email=row["Email"], username=row["Username"], type=row["Type"])

app/templates/account.html

@@ -10,5 +10,23 @@ <h1>Account Info</h1>
             <input type="hidden" id="username" name="username" value="{{ username }}">
             <input type="submit" value="Delete Account">
         </form>
+
+        <h2>Change Username</h2>
+        <form action="{{ url_for('change_username') }}" method="POST" accept-charset="UTF-8" autocomplete="off" autofocus="off" enctype="multipart/form-data">
+            <input type="hidden" id="username" name="username" value="{{ username }}" required/></br>
+            <label for="new_username">New Username</label>
+            <input type="text" id="new_username" name="new_username" size="32" minlength="8" maxlength="32" required/></br>
+            <input type="submit" value="Submit"/>
+        </form>
+
+        <h2>Change Password</h2>
+        <form action="{{ url_for('change_password') }}" method="POST" accept-charset="UTF-8" autocomplete="off" autofocus="off" enctype="multipart/form-data">
+            <input type="hidden" id="username" name="username" value="{{ username }}" required/></br>
+            <label for="password">Password</label>
+            <input type="password" id="password" name="password" size="32" minlength="8" maxlength="32" required/></br>
+            <label for="new_password">New Password</label>
+            <input type="password" id="new_password" name="new_password" size="32" minlength="8" maxlength="32" required/></br>
+            <input type="submit" value="Submit"/>
+        </form>
     </div>
 {% endblock %}

app/templates/login.html

@@ -4,8 +4,8 @@
     <div class="box">
         <h1>Login</h1>
         <form action="{{ url_for('login_user') }}" method="POST">
-            <p> {{ form.username.label }} <br> {{ form.username(size=32, autocomplete="off", autofocus="off") }}</p>
-            <p> {{ form.password.label }} <br> {{ form.password(size=32, autocomplete="off", autofocus="off") }}</p>
+            <p> {{ form.username.label }} <br> {{ form.username(size=32, minlength="8", maxlength="32", autocomplete="off", autofocus="off") }}</p>
+            <p> {{ form.password.label }} <br> {{ form.password(size=32, minlength="8", maxlength="32", autocomplete="off", autofocus="off") }}</p>
             <p> {{ form.submit() }} </p>
         </form>
     </div>

app/templates/register.html

@@ -5,8 +5,8 @@
         <h1>Register</h1>
         <form action="{{ url_for('register_user') }}" method="POST">
             <p> {{ form.email.label }} <br> {{ form.email(size=32, autocomplete="off", autofocus="off") }}</p>
-            <p> {{ form.username.label }} <br> {{ form.username(size=32, autocomplete="off", autofocus="off") }}</p>
-            <p> {{ form.password.label }} <br> {{ form.password(size=32, autocomplete="off", autofocus="off") }}</p>
+            <p> {{ form.username.label }} <br> {{ form.username(size=32, minlength="8", maxlength="32", autocomplete="off", autofocus="off") }}</p>
+            <p> {{ form.password.label }} <br> {{ form.password(size=32, minlength="8", maxlength="32", autocomplete="off", autofocus="off") }}</p>
             <p> {{ form.submit() }} </p>
         </form>
     </div>