Better password security for new users
This commit is contained in:
56
models.py
56
models.py
@@ -34,7 +34,11 @@ class User(UserMixin, db.Model):
|
||||
is_active = db.Column(db.Boolean, default=True)
|
||||
profile_picture = db.Column(db.String(255))
|
||||
preferred_view = db.Column(db.String(10), default='grid', nullable=False) # 'grid' or 'list'
|
||||
room_permissions = relationship('RoomMemberPermission', back_populates='user')
|
||||
room_permissions = relationship(
|
||||
'RoomMemberPermission',
|
||||
back_populates='user',
|
||||
cascade='all, delete-orphan'
|
||||
)
|
||||
|
||||
def set_password(self, password):
|
||||
self.password_hash = generate_password_hash(password)
|
||||
@@ -50,10 +54,10 @@ class Room(db.Model):
|
||||
name = db.Column(db.String(100), nullable=False)
|
||||
description = db.Column(db.Text)
|
||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
|
||||
# Relationships
|
||||
creator = db.relationship('User', backref='created_rooms', foreign_keys=[created_by])
|
||||
creator = db.relationship('User', backref=db.backref('created_rooms', cascade='all, delete-orphan'), foreign_keys=[created_by])
|
||||
members = db.relationship('User', secondary=room_members, backref=db.backref('rooms', lazy='dynamic'))
|
||||
member_permissions = relationship('RoomMemberPermission', back_populates='room', cascade='all, delete-orphan')
|
||||
files = db.relationship('RoomFile', back_populates='room', cascade='all, delete-orphan')
|
||||
@@ -65,7 +69,7 @@ class Room(db.Model):
|
||||
class RoomMemberPermission(db.Model):
|
||||
__tablename__ = 'room_member_permissions'
|
||||
room_id = db.Column(db.Integer, db.ForeignKey('room.id'), primary_key=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), primary_key=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), primary_key=True)
|
||||
can_view = db.Column(db.Boolean, default=True, nullable=False)
|
||||
can_download = db.Column(db.Boolean, default=False, nullable=False)
|
||||
can_upload = db.Column(db.Boolean, default=False, nullable=False)
|
||||
@@ -86,13 +90,13 @@ class RoomFile(db.Model):
|
||||
type = db.Column(db.String(10), nullable=False) # 'file' or 'folder'
|
||||
size = db.Column(db.Integer) # in bytes, null for folders
|
||||
modified = db.Column(db.Float) # timestamp
|
||||
uploaded_by = db.Column(db.Integer, db.ForeignKey('user.id'))
|
||||
uploaded_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'))
|
||||
uploaded_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
deleted = db.Column(db.Boolean, default=False) # New field for deleted status
|
||||
deleted_by = db.Column(db.Integer, db.ForeignKey('user.id')) # New field for tracking who deleted the file
|
||||
deleted_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'))
|
||||
deleted_at = db.Column(db.DateTime) # New field for tracking when the file was deleted
|
||||
uploader = db.relationship('User', backref='uploaded_files', foreign_keys=[uploaded_by])
|
||||
deleter = db.relationship('User', backref='deleted_room_files', foreign_keys=[deleted_by])
|
||||
uploader = db.relationship('User', backref=db.backref('uploaded_files', cascade='all, delete-orphan'), foreign_keys=[uploaded_by])
|
||||
deleter = db.relationship('User', backref=db.backref('deleted_room_files', cascade='all, delete-orphan'), foreign_keys=[deleted_by])
|
||||
room = db.relationship('Room', back_populates='files')
|
||||
starred_by = db.relationship('User', secondary='user_starred_file', backref='starred_files')
|
||||
|
||||
@@ -102,7 +106,7 @@ class RoomFile(db.Model):
|
||||
class UserStarredFile(db.Model):
|
||||
__tablename__ = 'user_starred_file'
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
file_id = db.Column(db.Integer, db.ForeignKey('room_file.id'), nullable=False)
|
||||
starred_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
|
||||
@@ -123,13 +127,13 @@ class TrashedFile(db.Model):
|
||||
type = db.Column(db.String(10), nullable=False) # 'file' or 'folder'
|
||||
size = db.Column(db.Integer) # in bytes, null for folders
|
||||
modified = db.Column(db.Float) # timestamp
|
||||
uploaded_by = db.Column(db.Integer, db.ForeignKey('user.id'))
|
||||
uploaded_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'))
|
||||
uploaded_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
deleted_by = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
deleted_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
deleted_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
room = db.relationship('Room', backref='trashed_files')
|
||||
uploader = db.relationship('User', foreign_keys=[uploaded_by], backref='uploaded_trashed_files')
|
||||
deleter = db.relationship('User', foreign_keys=[deleted_by], backref='deleted_trashed_files') # Changed from deleted_files to deleted_trashed_files
|
||||
uploader = db.relationship('User', foreign_keys=[uploaded_by], backref=db.backref('uploaded_trashed_files', cascade='all, delete-orphan'))
|
||||
deleter = db.relationship('User', foreign_keys=[deleted_by], backref=db.backref('deleted_trashed_files', cascade='all, delete-orphan'))
|
||||
|
||||
def __repr__(self):
|
||||
return f'<TrashedFile {self.name} ({self.type}) from {self.original_path}>'
|
||||
@@ -197,10 +201,10 @@ class Conversation(db.Model):
|
||||
name = db.Column(db.String(100), nullable=False)
|
||||
description = db.Column(db.Text)
|
||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
|
||||
# Relationships
|
||||
creator = db.relationship('User', backref='created_conversations', foreign_keys=[created_by])
|
||||
creator = db.relationship('User', backref=db.backref('created_conversations', cascade='all, delete-orphan'), foreign_keys=[created_by])
|
||||
members = db.relationship('User', secondary=conversation_members, backref=db.backref('conversations', lazy='dynamic'))
|
||||
messages = db.relationship('Message', back_populates='conversation', cascade='all, delete-orphan')
|
||||
|
||||
@@ -212,11 +216,11 @@ class Message(db.Model):
|
||||
content = db.Column(db.Text, nullable=False)
|
||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
conversation_id = db.Column(db.Integer, db.ForeignKey('conversation.id'), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
|
||||
# Relationships
|
||||
conversation = db.relationship('Conversation', back_populates='messages')
|
||||
user = db.relationship('User', backref='messages')
|
||||
user = db.relationship('User', backref=db.backref('messages', cascade='all, delete-orphan'))
|
||||
attachments = db.relationship('MessageAttachment', back_populates='message', cascade='all, delete-orphan')
|
||||
|
||||
def __repr__(self):
|
||||
@@ -284,14 +288,14 @@ class Event(db.Model):
|
||||
__tablename__ = 'events'
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
event_type = db.Column(db.String(50), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=True)
|
||||
timestamp = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
|
||||
details = db.Column(db.JSON) # Store additional event-specific data
|
||||
ip_address = db.Column(db.String(45)) # IPv6 addresses can be up to 45 chars
|
||||
user_agent = db.Column(db.String(255))
|
||||
|
||||
# Relationships
|
||||
user = db.relationship('User', backref='events')
|
||||
user = db.relationship('User', backref=db.backref('events', cascade='all, delete-orphan'))
|
||||
|
||||
def __repr__(self):
|
||||
return f'<Event {self.event_type} by User {self.user_id} at {self.timestamp}>'
|
||||
@@ -316,14 +320,14 @@ class Notif(db.Model):
|
||||
__tablename__ = 'notifs'
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
notif_type = db.Column(db.String(50), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
sender_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
sender_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=True)
|
||||
timestamp = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
|
||||
read = db.Column(db.Boolean, default=False, nullable=False)
|
||||
details = db.Column(db.JSON) # Store additional notification-specific data
|
||||
|
||||
# Relationships
|
||||
user = db.relationship('User', foreign_keys=[user_id], backref='notifications')
|
||||
user = db.relationship('User', foreign_keys=[user_id], backref=db.backref('notifications', cascade='all, delete-orphan'))
|
||||
sender = db.relationship('User', foreign_keys=[sender_id], backref='sent_notifications')
|
||||
|
||||
def __repr__(self):
|
||||
@@ -337,11 +341,11 @@ class EmailTemplate(db.Model):
|
||||
body = db.Column(db.Text, nullable=False)
|
||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
updated_at = db.Column(db.DateTime, default=datetime.utcnow, onupdate=datetime.utcnow)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
created_by = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
is_active = db.Column(db.Boolean, default=True)
|
||||
|
||||
# Relationships
|
||||
creator = db.relationship('User', backref='created_email_templates', foreign_keys=[created_by])
|
||||
creator = db.relationship('User', backref=db.backref('created_email_templates', cascade='all, delete-orphan'), foreign_keys=[created_by])
|
||||
|
||||
def __repr__(self):
|
||||
return f'<EmailTemplate {self.name}>'
|
||||
@@ -368,14 +372,14 @@ class Mail(db.Model):
|
||||
class PasswordSetupToken(db.Model):
|
||||
__tablename__ = 'password_setup_tokens'
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id'), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete='CASCADE'), nullable=False)
|
||||
token = db.Column(db.String(100), unique=True, nullable=False)
|
||||
created_at = db.Column(db.DateTime, default=datetime.utcnow)
|
||||
expires_at = db.Column(db.DateTime, nullable=False)
|
||||
used = db.Column(db.Boolean, default=False)
|
||||
|
||||
# Relationships
|
||||
user = db.relationship('User', backref='password_setup_tokens')
|
||||
user = db.relationship('User', backref=db.backref('password_setup_tokens', cascade='all, delete-orphan'))
|
||||
|
||||
def is_valid(self):
|
||||
return not self.used and datetime.utcnow() < self.expires_at
|
||||
|
||||
Reference in New Issue
Block a user