fix reset password

README.md

@@ -14,7 +14,7 @@ This repository contains the code for the EZGG LAN Manager.
 
 ### Step 1: Preparing Database
 
-To prepare the database, apply the SQL file located in `sql/create_database.sql` to your database server. This is easily accomplished with the MYSQL Workbench, but it can be also done by pipeing the file into the mariadb-server executable.
+To prepare the database, apply the SQL file located in `sql/create_database.sql` followed by `sql/tournament_patch.sql` to your database server. This is easily accomplished with the MYSQL Workbench, but it can be also done by pipeing the file into the mariadb-server executable.
 
 Optionally, you can now execute the script `create_demo_database_content.py`, found in `src/ezgg_lan_manager/helpers`. Be aware that it can be buggy sometimes, especially if you overwrite existing data.
 
@@ -43,3 +43,4 @@ FLUSH PRIVILEGES;
 ```
 3. Make sure to **NOT** use the default passwords!
 4. Apply the `create_database.sql` when starting the MariaDB container for the first time.
+5. Apply the `tournament_patch.sql` when starting the MariaDB container for the first time.

VERSION

@@ -1 +1 @@
-0.2.0
+0.2.1

sql/users_patch.sql

@@ -0,0 +1,3 @@
+ALTER TABLE users
+ADD COLUMN user_fallback_password VARCHAR(255) DEFAULT NULL
+AFTER user_password;

src/ezgg_lan_manager/pages/ForgotPassword.py

@@ -27,7 +27,7 @@ class ForgotPasswordPage(Component):
         user = await user_service.get_user(self.email_input.text.strip())
         if user is not None:
             new_password = "".join(choices(user_service.ALLOWED_USER_NAME_SYMBOLS, k=16))
-            user.user_password = sha256(new_password.encode(encoding="utf-8")).hexdigest()
+            user.user_fallback_password = sha256(new_password.encode(encoding="utf-8")).hexdigest()
             await user_service.update_user(user)
             await mailing_service.send_email(
                 subject=f"Dein neues Passwort für {lan_info.name}",

src/ezgg_lan_manager/pages/TournamentDetailsPage.py

@@ -4,7 +4,7 @@ from from_root import from_root
 from rio import Column, Component, event, TextStyle, Text, Row, Image, Spacer, ProgressCircle, Button, Checkbox, ThemeContextSwitcher, Link, Revealer, PointerEventListener, \
     PointerEvent, Rectangle, Color
 
-from src.ezgg_lan_manager import ConfigurationService, TournamentService, UserService
+from src.ezgg_lan_manager import ConfigurationService, TournamentService, UserService, TicketingService
 from src.ezgg_lan_manager.components.MainViewContentBox import MainViewContentBox
 from src.ezgg_lan_manager.components.TournamentDetailsInfoRow import TournamentDetailsInfoRow
 from src.ezgg_lan_manager.types.DateUtil import weekday_to_display_text
@@ -53,13 +53,18 @@ class TournamentDetailsPage(Component):
         if not self.user:
             return
 
-        try:
-            await self.session[TournamentService].register_user_for_tournament(self.user.user_id, self.tournament.id)
-            self.is_success = True
-            self.message = f"Erfolgreich angemeldet!"
-        except Exception as e:
+        user_ticket = await self.session[TicketingService].get_user_ticket(self.user.user_id)
+        if user_ticket is None:
             self.is_success = False
-            self.message = f"Fehler: {e}"
+            self.message = "Turnieranmeldung nur mit Ticket"
+        else:
+            try:
+                await self.session[TournamentService].register_user_for_tournament(self.user.user_id, self.tournament.id)
+                self.is_success = True
+                self.message = f"Erfolgreich angemeldet!"
+            except Exception as e:
+                self.is_success = False
+                self.message = f"Fehler: {e}"
         self.loading = False
         await self.on_populate()
 

src/ezgg_lan_manager/services/DatabaseService.py

@@ -75,14 +75,15 @@ class DatabaseService:
             user_name=data[1],
             user_mail=data[2],
             user_password=data[3],
-            user_first_name=data[4],
-            user_last_name=data[5],
-            user_birth_day=data[6],
-            is_active=bool(data[7]),
-            is_team_member=bool(data[8]),
-            is_admin=bool(data[9]),
-            created_at=data[10],
-            last_updated_at=data[11]
+            user_fallback_password=data[4],
+            user_first_name=data[5],
+            user_last_name=data[6],
+            user_birth_day=data[7],
+            is_active=bool(data[8]),
+            is_team_member=bool(data[9]),
+            is_admin=bool(data[10]),
+            created_at=data[11],
+            last_updated_at=data[12]
         )
 
     @staticmethod
@@ -185,10 +186,10 @@ class DatabaseService:
             async with conn.cursor(aiomysql.Cursor) as cursor:
                 try:
                     await cursor.execute(
-                        "UPDATE users SET user_name=%s, user_mail=%s, user_password=%s, user_first_name=%s, "
-                        "user_last_name=%s, user_birth_date=%s, is_active=%s, is_team_member=%s, is_admin=%s "
-                        "WHERE (user_id=%s)",
-                        (user.user_name, user.user_mail.lower(), user.user_password,
+                        "UPDATE users SET user_name=%s, user_mail=%s, user_password=%s, user_fallback_password=%s,"
+                        "user_first_name=%s, user_last_name=%s, user_birth_date=%s, is_active=%s, is_team_member=%s,"
+                        " is_admin=%s WHERE (user_id=%s)",
+                        (user.user_name, user.user_mail.lower(), user.user_password, user.user_fallback_password,
                          user.user_first_name, user.user_last_name, user.user_birth_day,
                          user.is_active, user.is_team_member, user.is_admin,
                          user.user_id)

src/ezgg_lan_manager/services/MailingService.py

@@ -45,7 +45,7 @@ class MailingService:
         return f"""
         Hallo {user.user_name},
         
-        deinem Account wurden {added_balance} € hinzugefügt. Dein neues Guthaben beträgt nun {total_balance} €.
+        deinem Account wurden {added_balance:.2f} € hinzugefügt. Dein neues Guthaben beträgt nun {total_balance:.2f} €.
         
         Wenn du zu dieser Aufladung Fragen hast, stehen wir dir in unserem Discord Server oder per Mail an {self._configuration_service.get_lan_info().organizer_mail} zur Verfügung.
         

src/ezgg_lan_manager/services/UserService.py

@@ -59,9 +59,12 @@ class UserService:
 
     async def is_login_valid(self, user_name_or_mail: str, password_clear_text: str) -> bool:
         user = await self.get_user(user_name_or_mail)
+        user_password_hash = sha256(password_clear_text.encode(encoding="utf-8")).hexdigest()
         if not user:
             return False
-        return user.user_password == sha256(password_clear_text.encode(encoding="utf-8")).hexdigest()
+        if user.user_fallback_password and user.user_fallback_password == user_password_hash:
+            return True
+        return user.user_password == user_password_hash
 
 
     def _check_for_disallowed_char(self, name: str) -> Optional[str]:

src/ezgg_lan_manager/types/User.py

@@ -9,6 +9,7 @@ class User:
     user_name: str
     user_mail: str
     user_password: str
+    user_fallback_password: Optional[str]
     user_first_name: Optional[str]
     user_last_name: Optional[str]
     user_birth_day: Optional[date]