def register():
if request.method == 'POST':
if "" in request.form.values():
return render_template("register.html")
if request.form['username'] in list(User.query.values(User.name)):
return render_template("register.html",error="Please enter a password.")
if request.form['email'] in list(User.query.values(User.email)):
return render_template("register.html",error="Please enter a valid email.")
if request.form['password'] != request.form['passwordconfirm']:
return render_template("register.html",error="Passwords do not match.")
#TODO: error for when they try to register when logged in already
u = User(request.form['username'], request.form['email'],generate_password_hash(request.form['password'].strip()))
db_session.add(u)
db_session.commit()
for currency in config.get_currencies():
addr = generate_deposit_address(currency)
a = Address(currency,addr,u.id)
db_session.add(a)
db_session.commit()
if not send_confirm_email(u.id):
return home_page("ltc_btc", danger='An error occured during registration. Please contact the administrator.')
return home_page("ltc_btc", dismissable='Successfully registered. Please check your email and confirm your account before logging in.')
if request.method == 'GET':
return render_template("register.html")
def activate_account(code):
uid = redis.hget('activation_keys', code)
if not uid:
return home_page("ltc_btc", danger='Invalid registration code!')
user = User.query.filter(User.id==uid).first()
if not user or user.activated:
return home_page("ltc_btc", danger='Account already registered or invalid code!')
user.activated = True
redis.hdel('activation_keys', code)
db_session.commit()
return home_page("ltc_btc", dismissable='Account successfully registered!')
def activate_account(code):
uid = redis.hget('activation_keys', code)
if not uid:
return home_page("ltc_btc", danger='Invalid registration code!')
user = User.query.filter(User.id == uid).first()
if not user or user.activated:
return home_page("ltc_btc",
danger='Account already registered or invalid code!')
user.activated = True
redis.hdel('activation_keys', code)
db_session.commit()
flash("Account successfully registered!", "dismissable")
return home_page("ltc_btc")
def cancelorder(old_order_id):
if not is_logged_in(session):
flash("Please log in to perform that action.", "error")
return home_page("ltc_btc")
uid = session['userid']
if old_order_id not in redis.smembers(str(uid) + "/orders"):
flash("Unable to cancel the specified order!", "error")
else:
orderid = generate_password_hash(str(random.random()))
redis.hmset(orderid, {"ordertype": 'cancel', "uid": uid, 'old_order_id': old_order_id})
redis.rpush("order_queue", orderid)
flash("Cancelled order!", "dismissable")
return home_page("ltc_btc")
def register():
if request.method == 'POST':
if "" in request.form.values():
return render_template("register.html")
if request.form['username'] in list(User.query.values(User.name)):
flash('Please enter a password.', 'error')
return render_template("register.html")
if request.form['email'] in list(User.query.values(User.email)):
flash('Please enter a valid email.', 'error')
return render_template("register.html")
if request.form['password'] != request.form['passwordconfirm']:
flash('Passwords do not match.', 'error')
return render_template("register.html")
# TODO: error for when they try to register when logged in already
u = User(request.form['username'], request.form['email'],
generate_password_hash(request.form['password'].strip()))
db_session.add(u)
db_session.commit()
"""for currency in config.get_currencies():
addr = generate_deposit_address(currency)
a = Address(currency, addr, u.id)
db_session.add(a)
db_session.commit()
if not send_confirm_email(u.id):
flash('An error occured during registration. Please contact the administrator.', 'danger')
return home_page("ltc_btc")"""
flash(
'Successfully registered. Please check your email and confirm your account before logging in.',
'dismissable')
return home_page("ltc_btc")
if request.method == 'GET':
return render_template("register.html")
def deposit(currency):
""" Returns deposit address for given currency from SQL. """
if not is_logged_in(session):
return home_page("ltc_btc",danger="Please log in to perform that action.")
if not config.is_valid_currency(currency):
return account_page(danger="Invalid Currency!")
addr = Address.query.filter(Address.currency==currency).filter(Address.user==session['userid']).first().address
return account_page(deposit=addr)
def history(currency):
if not is_logged_in(session):
flash("Please log in to perform that action.", 'error')
return home_page("ltc_btc")
if not config.is_valid_currency(currency):
flash("Invalid Currency!", 'error')
return account_page()
return account_page(
history=currency,
orders=tradehistory(
currency,
session['userid']))
def login():
error = None
if request.method == 'POST':
user = User.query.filter(User.email==request.form['email']).first()
if not user:
return render_template('login2.html', error="Please check your email and username.")
elif not check_password_hash(user.password, request.form['password']):
return render_template('login2.html', error="Please check your email and username.")
elif not user.activated:
return render_template('login2.html', error="Please confirm your email before logging in.")
else:
session['logged_in'] = True
session['userid'] = User.query.filter(User.email == request.form['email']).first().id
session['expire'] = time.time() + 3600
return home_page("ltc_btc",success="Logged in!")
return render_template('login2.html')
def login():
error = None
if request.method == 'POST':
user = User.query.filter(User.email == request.form['email']).first()
if not user:
flash('Please check your email and username.', 'danger')
return render_template('login2.html')
elif not check_password_hash(user.password, request.form['password']):
flash('Please check your email and username.', 'danger')
return render_template('login2.html')
elif not user.activated:
flash('Please confirm your email before logging in.', 'error')
return render_template('login2.html')
else:
session['logged_in'] = True
session['userid'] = User.query.filter(
User.email == request.form['email']).first().id
session['expire'] = time.time() + 3600
flash("Logged in!", "dismissable")
return home_page("ltc_btc")
return render_template('login2.html')
def withdraw(currency):
if not is_logged_in(session):
flash("Please log in to perform that action.", "error")
return home_page("ltc_btc")
if not config.is_valid_currency(currency):
flash("Invalid Currency!", "error")
return account_page()
if request.method == 'GET':
return account_page(withdraw=currency)
elif request.method == 'POST':
if 'amount' not in request.form or 'address' not in request.form:
flash("Please enter an address and an amount!", "error")
return account_page()
try:
total = string_to_currency_unit(
request.form['amount'],
config.get_multiplier(currency))
except:
flash("Invalid amount!", "error")
return account_page()
if check_balance(currency, session['userid']) < total or total < 0:
flash("Balance too low to execute withdrawal!", "error")
return account_page()
# TODO: add valid address checking
adjustbalance(currency, session['userid'], -1 * total)
co = CompletedOrder(
currency +
"_" +
currency,
"WITHDRAWAL",
total,
0,
session['userid'],
is_withdrawal=True,
withdrawal_address=request.form['address'])
db_session.add(co)
db_session.commit()
flash("Deposit to " + request.form['address'] + " completed!", "success")
return account_page()
def trade_page(instrument):
if not config.is_valid_instrument(instrument):
flash('Invalid trade pair!', 'danger')
return home_page("ltc_btc")
return home_page(instrument)
def logout():
session.pop('logged_in', None)
session.pop('userid', None)
flash("Successfully logged out!", "dismissable")
return home_page("ltc_btc")
def account():
if not is_logged_in(session):
return home_page("ltc_btc",
danger="Please log in to perform that action.")
return account_page()
def logout():
session.pop('logged_in', None)
session.pop('userid', None)
flash("Successfully logged out!", "dismissable")
return home_page("ltc_btc")
def addorder():
""" Checks balance and essential stuff, generates an order ID then adds order to a redis queue. """
instrument = request.form['currency_pair']
if not is_logged_in(session):
flash("Please log in to perform that action.", "error")
return home_page(instrument)
# They shouldn't be able to modify the trade pair, if it isnt valid either
# I messed up somewhere or they are trying to do something wrong
if not config.is_valid_instrument(instrument):
flash("Unknown Error, contact the administrator!", "error")
return home_page("ltc_btc")
base_currency = request.form['currency_pair'].split("_")[0]
quote_currency = request.form['currency_pair'].split("_")[1]
try:
rprice = Decimal(request.form['price'])
ramount = string_to_currency_unit(
request.form['amount'],
config.get_multiplier(base_currency))
print(ramount)
except Exception as e:
print(e)
flash("Please enter numerical values for price and amount!", "error")
return home_page(instrument)
if ramount < 1: # TODO: find a good amount for this
flash("Transaction amount too low!", "error")
return home_page(instrument)
if rprice <= 0:
flash("Price must be greater than 0!", "error")
return home_page(instrument)
getcontext().prec = 6
whole, dec = ExtendedContext.divmod(
rprice * ramount / config.get_multiplier(base_currency), Decimal(1))
total = int(
whole *
config.get_multiplier(base_currency) +
dec *
config.get_multiplier(base_currency))
print("total: " + str(total))
uid = session['userid']
orderid = generate_password_hash(str(random.random()))
instrument = request.form['currency_pair']
bidtable = instrument + "/bid"
asktable = instrument + "/ask"
if request.form['ordertype'] == 'buy':
currency = quote_currency
if check_balance(currency, session['userid']) < total:
flash("Balance too low to execute order!", "error")
return home_page(instrument)
else:
adjustbalance(currency, session['userid'], -1 * total)
elif request.form['ordertype'] == 'sell':
currency = base_currency
if check_balance(currency, uid) < ramount:
flash("Balance too low to execute order!", "error")
return home_page(instrument)
else:
adjustbalance(currency, uid, -1 * ramount)
else:
# invalid order type, they must have been messing around
flash("Unknown Error, contact the administrator!", "error")
return home_page(instrument)
redis.hmset(orderid,
{"ordertype": request.form['ordertype'],
"instrument": request.form['currency_pair'],
"amount": ramount,
"uid": uid,
"price": rprice})
redis.rpush("order_queue", orderid)
redis.sadd(str(uid) + "/orders", orderid)
flash("Order placed successfully!","dismissable")
return home_page(instrument)
def homepage():
# for rule in app.url_map.iter_rules():
# if "GET" in rule.methods:
# print(rule.endpoint + " " + url_for(rule.endpoint))
return home_page("ltc_btc")
def account():
if not is_logged_in(session):
return home_page(
"ltc_btc",
danger="Please log in to perform that action.")
return account_page()
def trade_page(instrument):
if not config.is_valid_instrument(instrument):
flash('Invalid trade pair!', 'danger')
return home_page("ltc_btc")
return home_page(instrument)
def homepage():
# for rule in app.url_map.iter_rules():
# if "GET" in rule.methods:
# print(rule.endpoint + " " + url_for(rule.endpoint))
return home_page("ltc_btc")
def trade_page(instrument):
if not config.is_valid_instrument(instrument):
return home_page("ltc_btc", danger="Invalid trade pair!")
return home_page(instrument)
