def user_login():
if request.method == 'GET':
return render_template('user/login.html')
else:
_login = request.form['login']
_password = request.form['password']
tmp = db.find_one("USERS", "login", _login)
if tmp and tmp["login"] == "admin" and Utils.check_password(tmp["password"], _password):
login_user(UserModel(tmp))
flash("Hello mr. Super Admin! Have a nice day")
elif tmp:
if tmp["blocked"] == 1:
flash("Permission denied. Your account has been blocked")
return render_template('user/login.html')
else:
if Utils.check_password(tmp["password"], _password):
if tmp["active"] == 1:
login_user(UserModel(tmp))
flash("Welcome " + current_user.login + ". You are logged in!")
else:
_mail_content = "localhost:5000" + url_for(
'userController.user_activate') + '?login='******'&code=' + \
tmp["activation_code"]
send_activation_code(tmp["email"], _mail_content)
flash("Check your email for activation link. If you are too lazy or "
"used fake e-mail just use this link: " + _mail_content)
else:
flash("Incorrect (incomplete) login or password")
return render_template('user/login.html')
else:
flash("Incorrect user login")
return render_template('user/login.html')
return redirect(url_for('index'))
def take_admin():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.is_admin=0'
db.cypher.execute(query)
flash("User removed successfully")
else:
flash("Admin rights revoked")
return redirect(url_for('userController.admin_panel'))
def give_admin():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.is_admin=1'
db.cypher.execute(query)
flash("Admin rights granted")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def remove_user():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" delete node'
db.cypher.execute(query)
flash("User removed successfully")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def take_admin():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.is_admin=0'
db.cypher.execute(query)
flash("User removed successfully")
else:
flash("Admin rights revoked")
return redirect(url_for('userController.admin_panel'))
def give_admin():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.is_admin=1'
db.cypher.execute(query)
flash("Admin rights granted")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def remove_user():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" delete node'
db.cypher.execute(query)
flash("User removed successfully")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def unlock_account():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.active=' + str(
1) + ', node.blocked=' + str(0)
db.cypher.execute(query)
flash("User unblocked successfully")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def unlock_account():
_login = request.args.get('login')
tmp = db.find_one("USERS", "login", _login)
if tmp:
query = 'MATCH (node:USERS) where node.login="******" set node.active=' + str(
1) + ', node.blocked=' + str(0)
db.cypher.execute(query)
flash("User unblocked successfully")
else:
flash("User not found")
return redirect(url_for('userController.admin_panel'))
def user_activate():
login = request.args.get('login')
code = request.args.get('code')
tmp = db.find_one("USERS", "login", login)
if tmp["blocked"] == 1:
flash("Permission denied. Your account has been blocked")
elif tmp["active"] == 1:
flash(login + "your account has already been activated.")
elif tmp["activation_code"] == code:
query = 'MATCH (node:USERS) where node.login="******" set node.active=' + str(1)
db.cypher.execute(query)
query = 'MATCH (node:USERS) where node.login="******" remove node.activation_code'
db.cypher.execute(query)
flash("Congrats " + login + " You have just activated your account.")
else:
flash("Incomplete or incorrect data!")
return redirect(url_for('index'))
def user_activate():
login = request.args.get('login')
code = request.args.get('code')
tmp = db.find_one("USERS", "login", login)
if tmp["blocked"] == 1:
flash("Permission denied. Your account has been blocked")
elif tmp["active"] == 1:
flash(login + "your account has already been activated.")
elif tmp["activation_code"] == code:
query = 'MATCH (node:USERS) where node.login="******" set node.active=' + str(
1)
db.cypher.execute(query)
query = 'MATCH (node:USERS) where node.login="******" remove node.activation_code'
db.cypher.execute(query)
flash("Congrats " + login + " You have just activated your account.")
else:
flash("Incomplete or incorrect data!")
return redirect(url_for('index'))
def user_register():
if current_user.is_anonymous():
if request.method == 'GET':
return render_template('user/register.html')
else:
_activation_code = Utils.random_string(16)
_first_name = request.form['fname']
_last_name = request.form['lname']
_email = request.form['email']
_login = request.form['login']
_password = Utils.hash_password(request.form['password'])
tmp = db.find_one("USERS", "login", _login)
if tmp:
print(tmp + " A")
flash("Login exists")
return render_template('user/register.html')
print(tmp)
_user = Node(
"USERS",
first_name=_first_name,
last_name=_last_name,
email=_email,
login=_login,
password=_password,
activation_code=_activation_code,
_group="None",
active=0,
is_admin=0,
blocked=0,
)
db.create(_user)
_mail_content = "localhost:5000" + url_for(
'userController.user_activate'
) + '?login='******'&code=' + _activation_code
send_activation_code(_email, _mail_content)
flash(
"Check your email for activation link. If you are too lazy or used fake e-mail just use this link: "
+ _mail_content)
else:
flash("Cant create new account while logged in?")
return redirect(url_for('index'))
def user_register():
if current_user.is_anonymous():
if request.method == 'GET':
return render_template('user/register.html')
else:
_activation_code = Utils.random_string(16)
_first_name = request.form['fname']
_last_name = request.form['lname']
_email = request.form['email']
_login = request.form['login']
_password = Utils.hash_password(request.form['password'])
tmp = db.find_one("USERS", "login", _login)
if tmp:
print(tmp + " A")
flash("Login exists")
return render_template('user/register.html')
print(tmp)
_user = Node("USERS", first_name=_first_name,
last_name=_last_name,
email=_email,
login=_login,
password=_password,
activation_code=_activation_code,
_group="None",
active=0,
is_admin=0,
blocked=0,
)
db.create(_user)
_mail_content = "localhost:5000" + url_for(
'userController.user_activate') + '?login='******'&code=' + _activation_code
send_activation_code(_email, _mail_content)
flash(
"Check your email for activation link. If you are too lazy or used fake e-mail just use this link: " + _mail_content)
else:
flash("Cant create new account while logged in?")
return redirect(url_for('index'))
def user_login():
if request.method == 'GET':
return render_template('user/login.html')
else:
_login = request.form['login']
_password = request.form['password']
tmp = db.find_one("USERS", "login", _login)
if tmp and tmp["login"] == "admin" and Utils.check_password(
tmp["password"], _password):
login_user(UserModel(tmp))
flash("Hello mr. Super Admin! Have a nice day")
elif tmp:
if tmp["blocked"] == 1:
flash("Permission denied. Your account has been blocked")
return render_template('user/login.html')
else:
if Utils.check_password(tmp["password"], _password):
if tmp["active"] == 1:
login_user(UserModel(tmp))
flash("Welcome " + current_user.login +
". You are logged in!")
else:
_mail_content = "localhost:5000" + url_for(
'userController.user_activate') + '?login='******'&code=' + \
tmp["activation_code"]
send_activation_code(tmp["email"], _mail_content)
flash(
"Check your email for activation link. If you are too lazy or "
"used fake e-mail just use this link: " +
_mail_content)
else:
flash("Incorrect (incomplete) login or password")
return render_template('user/login.html')
else:
flash("Incorrect user login")
return render_template('user/login.html')
return redirect(url_for('index'))