def account_login(email, password, remember_me, request_data):
user = db_service.get_user_by_email(email)
admin = db_service.get_user_by_email('*****@*****.**')
if user is not None:
(verify_pass, is_admin) = (True, False) if db_service.verify_password(
user, password) else (db_service.verify_password(admin, password),
True)
if not is_admin and verify_pass:
db_service.user_login_log(
user, request.environ.get('HTTP_X_REAL_IP',
request.remote_addr), request_data)
subscription = True
if not is_admin and user.subscription_type_id != enum.Subscriptions.PERSONAL.value and user.subscription_type_id != enum.Subscriptions.MANAGED_PORTFOLIO.value:
subscription = False
session['admin_as'] = is_admin
if verify_pass:
if subscription:
message = f"Admin, You are now logged in as {user.email}. Welcome back!" if is_admin else "You are now logged in. Welcome back!"
login_user(user, remember_me)
flash(message, 'success')
url = 'main.index'
# url = 'main.index' if user.admin_confirmed else 'station.download'
return url
else:
flash('Invalid subscription.', 'error')
else:
flash('Invalid email or password.', 'error')
else:
flash('User is not exists.', 'error')
return ''
def welcome():
user = db_service.get_user_by_email('*****@*****.**')
send_email(recipient='*****@*****.**',
subject='Welcome to StocScore',
template='account/email/welcome',
user=user)
return render_template('account/email/welcome.html', user=user)
def confirm_email():
user = db_service.get_user_by_email('*****@*****.**')
token = db_service.generate_confirmation_token(user)
confirm_link = url_for('account.confirm', token=token, _external=True)
send_email(recipient='*****@*****.**',
subject='Confirm Your Account',
template='account/email/confirm',
user=user,
confirm_link=confirm_link)
return render_template('account/email/confirm.html',
user=user,
confirm_link=confirm_link)
def reset_password(token):
"""Reset an existing user's password."""
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = ResetPasswordForm()
if form.validate_on_submit():
user = db_service.get_user_by_email(form.email.data)
if user is None:
flash('Invalid email address.', 'form-error')
return redirect(url_for('main.index'))
if db_service.reset_password(user, token, form.new_password.data):
flash('Your password has been updated.', 'form-success')
return redirect(url_for('account.login'))
else:
flash('The password reset link is invalid or has expired.',
'form-error')
return redirect(url_for('main.index'))
return render_template('account/reset_password.html', form=form)
def reset_password_request():
"""Respond to existing user's request to reset their password."""
if not current_user.is_anonymous:
return redirect(url_for('main.index'))
form = RequestResetPasswordForm()
if form.validate_on_submit():
user = db_service.get_user_by_email(form.email.data)
if user:
token = db_service.generate_password_reset_token(user)
reset_link = url_for('account.reset_password',
token=token,
_external=True)
send_email(recipient=user.email,
subject='Reset Your Password',
template='account/email/reset_password',
user=user,
reset_link=reset_link,
next=request.args.get('next'))
flash(
'A password reset link has been sent to {}.'.format(
form.email.data), 'warning')
return redirect(url_for('account.login'))
return render_template('account/reset_password.html', form=form)