Create change password and email feature

Author: AMZheleva21

My_path_team9/student/forms.py

@@ -1,7 +1,7 @@
 from flask_wtf import FlaskForm
 from wtforms import RadioField, SelectField, SelectMultipleField, widgets, SubmitField
 from wtforms import StringField, PasswordField, SubmitField
-from wtforms.validators import DataRequired, Length, EqualTo
+from wtforms.validators import DataRequired, Length, EqualTo, Email, Optional
 from wtforms.validators import URL
 
 class MultiCheckboxField(SelectMultipleField):
@@ -114,9 +114,15 @@ class SurveyForm(FlaskForm):
 
 
 class SettingsForm(FlaskForm):
-    username = StringField('New Username', validators=[DataRequired(), Length(min=3, max=64)])
-    submit = SubmitField('Update')
-
+    username = StringField('Username', validators=[DataRequired()])
+    email = StringField('Email', validators=[DataRequired(), Email()])
+    current_password = PasswordField('Current Password', validators=[Optional()])
+    new_password = PasswordField('New Password', validators=[Optional()])
+    confirm_password = PasswordField('Confirm New Password', validators=[
+        Optional(),
+        EqualTo('new_password', message='Passwords must match')
+    ])
+    submit = SubmitField('Save Changes')
 class VideoSubmissionForm(FlaskForm):
     video_link = StringField('Video Link', validators=[
         DataRequired(), URL(), Length(max=500)

My_path_team9/student/routes.py

@@ -15,18 +15,39 @@ def settings():
     if current_user.role != 'student':
         return "Access denied", 403
 
-    form = SettingsForm()
+    form = SettingsForm(obj=current_user)
 
     if form.validate_on_submit():
-        existing_user = User.query.filter_by(username=form.username.data).first()
-        if existing_user and existing_user.id != current_user.id:
-            flash('This username is already taken.', 'warning')
-        else:
-            current_user.username = form.username.data
-            db.session.commit()
-            flash('Username updated successfully.', 'success')
+        # Check for username/email conflicts
+        if User.query.filter(User.username == form.username.data, User.id != current_user.id).first():
+            flash('Username already taken.', 'warning')
             return redirect(url_for('student.settings'))
 
+        if User.query.filter(User.email == form.email.data, User.id != current_user.id).first():
+            flash('Email already in use.', 'warning')
+            return redirect(url_for('student.settings'))
+
+        current_user.username = form.username.data
+        current_user.email = form.email.data
+
+        # Change password only if fields are filled
+        if form.new_password.data:
+            if not form.current_password.data:
+                flash('Current password is required to change your password.', 'warning')
+            elif not current_user.verify_password(form.current_password.data):
+                flash('Current password is incorrect.', 'danger')
+            else:
+                try:
+                    current_user.password = form.new_password.data
+                    flash('Password changed successfully.', 'success')
+                except ValueError as ve:
+                    flash(str(ve), 'danger')
+                    return redirect(url_for('student.settings'))
+
+        db.session.commit()
+        flash('Profile updated successfully.', 'success')
+        return redirect(url_for('student.settings'))
+
     return render_template('settings.html', form=form, current_user=current_user)
 
 @student_bp.route('/survey', methods=['GET', 'POST'])

My_path_team9/student/templates/settings.html

@@ -1,26 +1,60 @@
-{% extends "base.html" %}
+{% extends 'base.html' %}
 
-{% block title %}Profile Settings{% endblock %}
+{% block title %}Settings{% endblock %}
 
 {% block content %}
-<div class="container">
-    <h2 class="mb-4">Update Your Profile</h2>
-    <div class="card">
-        <form method="POST" action="">
-            {{ form.hidden_tag() }}
-
-            <div class="mb-3">
-                <label for="username" class="form-label">New Username</label>
-                {{ form.username(class="form-control", id="username") }}
-                {% for error in form.username.errors %}
-                    <div class="text-danger">{{ error }}</div>
-                {% endfor %}
-            </div>
-
-            <div class="mb-3">
-                {{ form.submit(class="btn btn-primary") }}
-            </div>
-        </form>
+<div class="container mt-4">
+  <h2>Settings</h2>
+
+  <!-- Flash messages -->
+  {% with messages = get_flashed_messages(with_categories=true) %}
+    {% if messages %}
+      {% for category, message in messages %}
+        <div class="alert alert-{{ category }} alert-dismissible fade show" role="alert">
+          {{ message }}
+          <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+      {% endfor %}
+    {% endif %}
+  {% endwith %}
+
+  <form method="POST">
+    {{ form.hidden_tag() }}
+
+    <div class="mb-3">
+      {{ form.username.label(class="form-label") }}
+      {{ form.username(class="form-control") }}
     </div>
+
+    <div class="mb-3">
+      {{ form.email.label(class="form-label") }}
+      {{ form.email(class="form-control") }}
+    </div>
+
+    <hr>
+
+    <h5>Change Password</h5>
+    <div class="mb-3">
+      {{ form.current_password.label(class="form-label") }}
+      {{ form.current_password(class="form-control") }}
+    </div>
+    <div class="mb-3">
+      {{ form.new_password.label(class="form-label") }}
+      {{ form.new_password(class="form-control") }}
+    </div>
+    <div class="mb-3">
+      {{ form.confirm_password.label(class="form-label") }}
+      {{ form.confirm_password(class="form-control") }}
+    </div>
+
+    <button type="submit" class="btn btn-primary mt-3">{{ form.submit.label.text }}</button>
+  </form>
 </div>
 {% endblock %}
+{% with messages = get_flashed_messages(with_categories=true) %}
+  {% if messages %}
+    {% for category, message in messages %}
+      <div class="alert alert-{{ category }}">{{ message }}</div>
+    {% endfor %}
+  {% endif %}
+{% endwith %}