From c3870505eae16c886c1b5e3e9c2716f672089348 Mon Sep 17 00:00:00 2001 From: Aevann Date: Wed, 27 Sep 2023 00:57:33 +0300 Subject: [PATCH] use get_user whenever possible instead of repeating code --- files/routes/login.py | 10 +++------- files/routes/settings.py | 14 +++----------- files/routes/users.py | 16 ++++------------ 3 files changed, 10 insertions(+), 30 deletions(-) diff --git a/files/routes/login.py b/files/routes/login.py index d7b9bfc08..75513782d 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -377,15 +377,11 @@ def post_forgot(): if not email_regex.fullmatch(email): return render_template("login/forgot_password.html", error="Invalid email!"), 400 - - username = username.lstrip('@').replace('\\', '').replace('_', '\_').replace('%', '').strip() + user = get_user(username, graceful=True) + email = email.replace('\\', '').replace('_', '\_').replace('%', '').strip() - user = g.db.query(User).filter( - User.username.ilike(username), - User.email.ilike(email)).one_or_none() - - if user: + if user and user.email.lower() == email.lower(): now = int(time.time()) token = generate_hash(f"{user.id}+{now}+forgot+{user.login_nonce}") url = f"{SITE_FULL}/reset?id={user.id}&time={now}&token={token}" diff --git a/files/routes/settings.py b/files/routes/settings.py index c0140aca9..e5db1f14d 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -732,7 +732,7 @@ def settings_name_change(v): new_name = request.values.get("name").strip() - if new_name==v.username: + if new_name == v.username: abort(400, "You didn't change anything") if v.patron: @@ -743,17 +743,9 @@ def settings_name_change(v): if not used_regex.fullmatch(new_name): abort(400, "This isn't a valid username.") - search_name = new_name.replace('\\', '').replace('_','\_').replace('%','') + existing = get_user(new_name, graceful=True) - x = g.db.query(User).filter( - or_( - User.username.ilike(search_name), - User.original_username.ilike(search_name), - User.prelock_username.ilike(search_name), - ) - ).one_or_none() - - if x and x.id != v.id: + if existing and existing.id != v.id: abort(400, f"Username `{new_name}` is already in use.") v.username = new_name diff --git a/files/routes/users.py b/files/routes/users.py index 1698b122b..40fa37c21 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -710,20 +710,12 @@ def is_available(name): name = name.strip() - if len(name)<3 or len(name)>25: - return {name:False} + if len(name) < 3 or len(name) > 25: + return {name: False} - name2 = name.replace('\\', '').replace('_','\_').replace('%','') + existing = get_user(name, graceful=True) - x = g.db.query(User).filter( - or_( - User.username.ilike(name2), - User.original_username.ilike(name2), - User.prelock_username.ilike(name2), - ) - ).one_or_none() - - if x: + if existing: return {name: False} else: return {name: True}