master
Aevann1 2021-12-30 07:43:49 +02:00
parent 89798803af
commit 86bd050174
13 changed files with 27 additions and 17 deletions

File diff suppressed because one or more lines are too long

View File

@ -138,7 +138,7 @@ def login_post():
session["lo_user"] = account.id
session["login_nonce"] = account.login_nonce
check_for_alts(account.id)
if account.id != PW_ID: check_for_alts(account.id)
redir = request.values.get("redirect", "/").replace("/logged_out", "").strip()
@ -389,6 +389,9 @@ def post_forgot():
def get_reset():
user_id = request.values.get("id")
if user_id == PW_ID: abort(403)
timestamp = int(request.values.get("time",0))
token = request.values.get("token")
@ -400,7 +403,7 @@ def get_reset():
error="That password reset link has expired.")
user = g.db.query(User).filter_by(id=user_id).first()
if not validate_hash(f"{user_id}+{timestamp}+forgot+{user.login_nonce}", token):
abort(400)
@ -424,6 +427,8 @@ def post_reset(v):
user_id = request.values.get("user_id")
if user_id == PW_ID: abort(403)
timestamp = int(request.values.get("time"))
token = request.values.get("token")

View File

@ -581,6 +581,8 @@ def verifiedcolor(v):
@validate_formkey
def settings_security_post(v):
if request.values.get("new_password"):
if v.id == PW_ID: abort(403)
if request.values.get("new_password") != request.values.get("cnf_password"):
return render_template("settings_security.html", v=v, error="Passwords do not match.")

View File

@ -15,7 +15,7 @@
{% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %}
<style>
html {
@ -39,7 +39,7 @@
{% endif %}
{% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %}
</head>

View File

@ -7,7 +7,7 @@
<script src="/static/assets/js/bootstrap.js?a=3"></script>
{% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %}
<style>
@ -32,7 +32,7 @@
{% endif %}
{% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %}
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

View File

@ -6,7 +6,7 @@
{% block content %}
{% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %}
<style>
html {
@ -30,7 +30,7 @@
{% endif %}
{% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %}
<div class="row justify-content-around">

View File

@ -18,7 +18,7 @@
{% endblock %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

View File

@ -14,7 +14,7 @@
<title>2-Step Login - {{'SITE_NAME' | app_config}}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head>

View File

@ -34,7 +34,7 @@
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %}
<style>
html {

View File

@ -39,10 +39,10 @@
{% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %}
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

View File

@ -31,7 +31,7 @@
<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}Sign up - {{'SITE_NAME' | app_config}}{% endif %}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head>

View File

@ -32,7 +32,7 @@
<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head>

View File

@ -26,7 +26,7 @@
{% block stylesheets %}
{% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %}
<style>
html {
@ -50,7 +50,7 @@
{% endif %}
{% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33">
<link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %}
{% endblock %}