Beispiel #1
0
    def __init__(self,
                 email,
                 password,
                 first_name=None,
                 last_name=None,
                 address=None,
                 address2=None,
                 city=None,
                 state=None,
                 zip=None):

        self.create_date = datetime.now()

        if not email:
            raise ValidationError('ACCOUNTS_MISSING_EMAIL')
        elif not validate_email(email):
            raise ValidationError('ACCOUNTS_BAD_EMAIL')
        else:
            self.email = email

        if not password:
            raise ValidationError('ACCOUNTS_MISSING_PASSWORD')
        else:
            self.password = password_hash(password)

        self.api_key = random_hash("%s%s" % (email, self.password))
        self.first_name = first_name
        self.last_name = last_name
        self.address = address
        self.address2 = address2
        self.city = city
        self.state = state
        self.zip = zip
Beispiel #2
0
    def __init__(self, email, password, first_name=None, last_name=None,
            address=None, address2=None, city=None, state=None, zip=None):

        self.create_date    = datetime.now()

        if not email:
            raise ValidationError('ACCOUNTS_MISSING_EMAIL')
        elif not validate_email(email):
            raise ValidationError('ACCOUNTS_BAD_EMAIL')
        else:
            self.email      = email

        if not password:
            raise ValidationError('ACCOUNTS_MISSING_PASSWORD')
        else:
            self.password   = password_hash(password)

        self.api_key        = random_hash("%s%s" % (email, self.password))
        self.first_name     = first_name
        self.last_name      = last_name
        self.address        = address
        self.address2       = address2
        self.city           = city
        self.state          = state
        self.zip            = zip
Beispiel #3
0
    def __init__(self, account_id, external_id, num_pages, cost, from_number,
        to_number):

        self.create_date        = datetime.now()
        self.account_id         = account_id
        self.external_id        = external_id
        self.num_pages          = num_pages
        self.cost               = cost
        self.from_number        = from_number
        self.to_number          = to_number
        self.access_key         = random_hash("%s%s%s%s%s" % (from_number,
                                    to_number, cost, num_pages, account_id))
Beispiel #4
0
    def __init__(self,
                 account_id,
                 ip_address,
                 filename=None,
                 destination=None,
                 send_authorized=0,
                 cover=0,
                 cover_name=None,
                 cover_address=None,
                 cover_city=None,
                 cover_state=None,
                 cover_zip=None,
                 cover_country=None,
                 cover_phone=None,
                 cover_email=None,
                 cover_company=None,
                 cover_to_name=None,
                 cover_cc=None,
                 cover_subject=None,
                 cover_status=None,
                 cover_comments=None,
                 body=None,
                 callback_url=None):

        if destination != None:
            self.validate_destination(destination)
            self.destination = destination

        self.create_date = datetime.now()
        self.account_id = account_id
        self.filename = filename
        self.ip_address = ip_address
        self.send_authorized = send_authorized
        self.access_key = random_hash("%s%s" % (account_id, filename))
        self.status = 'new'

        self.cover = cover
        self.cover_name = cover_name
        self.cover_address = cover_address
        self.cover_city = cover_city
        self.cover_state = cover_state
        self.cover_zip = cover_zip
        self.cover_country = cover_country
        self.cover_phone = cover_phone
        self.cover_email = cover_email
        self.cover_company = cover_company
        self.cover_to_name = cover_to_name
        self.cover_cc = cover_cc
        self.cover_subject = cover_subject
        self.cover_status = cover_status
        self.cover_comments = cover_comments
        self.body = body
        self.callback_url = callback_url
Beispiel #5
0
    def __init__(self, account_id, external_id, num_pages, cost, from_number,
                 to_number):

        self.create_date = datetime.now()
        self.account_id = account_id
        self.external_id = external_id
        self.num_pages = num_pages
        self.cost = cost
        self.from_number = from_number
        self.to_number = to_number
        self.access_key = random_hash(
            "%s%s%s%s%s" %
            (from_number, to_number, cost, num_pages, account_id))
Beispiel #6
0
def reset_api_key():
    """Resets the API key for an account"""

    from library.mailer import email_api_key_change
    from datetime import datetime

    account_id = Account.authorize(request.values.get('api_key'))
    if not account_id:
        return jsonify(api_error('API_UNAUTHORIZED')), 401

    account = Account.query.get(account_id)
    if account.password != password_hash(request.values.get('password')):
        return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401

    account.api_key = random_hash("%s%s" % (account.email, account.password))
    account.mod_date = datetime.now()
    db.session.commit()

    email_api_key_change(account)

    return jsonify({'api_key': account.api_key})
Beispiel #7
0
def reset_api_key():
    """Resets the API key for an account"""

    from library.mailer import email_api_key_change
    from datetime import datetime

    account_id = Account.authorize(request.values.get('api_key'))
    if not account_id:
        return jsonify(api_error('API_UNAUTHORIZED')), 401

    account = Account.query.get(account_id)
    if account.password != password_hash(request.values.get('password')):
        return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401

    account.api_key = random_hash("%s%s" % (account.email, account.password))
    account.mod_date = datetime.now()
    db.session.commit()

    email_api_key_change(account)

    return jsonify({
        'api_key': account.api_key
    })
Beispiel #8
0
    def __init__(self, account_id, ip_address, filename=None, destination=None,
            send_authorized=0, cover=0, cover_name=None, cover_address=None,
            cover_city=None, cover_state=None, cover_zip=None,
            cover_country=None, cover_phone=None, cover_email=None,
            cover_company=None, cover_to_name=None, cover_cc=None,
            cover_subject=None, cover_status=None, cover_comments=None,
            body=None, callback_url=None):

        if destination != None:
            self.validate_destination(destination)
            self.destination = destination

        self.create_date        = datetime.now()
        self.account_id         = account_id
        self.filename           = filename
        self.ip_address         = ip_address
        self.send_authorized    = send_authorized
        self.access_key         = random_hash("%s%s" % (account_id, filename))
        self.status             = 'new'

        self.cover              = cover
        self.cover_name         = cover_name
        self.cover_address      = cover_address
        self.cover_city         = cover_city
        self.cover_state        = cover_state
        self.cover_zip          = cover_zip
        self.cover_country      = cover_country
        self.cover_phone        = cover_phone
        self.cover_email        = cover_email
        self.cover_company      = cover_company
        self.cover_to_name      = cover_to_name
        self.cover_cc           = cover_cc
        self.cover_subject      = cover_subject
        self.cover_status       = cover_status
        self.cover_comments     = cover_comments
        self.body               = body
        self.callback_url       = callback_url
Beispiel #9
0
    def __init__(self, account_id):

        self.create_date = datetime.now()
        self.account_id = account_id
        self.reset_hash = random_hash("%s%s"%(account_id,str(self.create_date)))
Beispiel #10
0
def bootstrap():
    """
    Implicitly creates a user account and logs them in by processing a Stripe
    payment and email. If the email address belongs to a registered account, it
    requires the account password to authorize the payment and login attempt.
    """
    import json
    import stripe
    import sys
    import traceback
    from library.mailer import email_payment
    from datetime import datetime

    stripe.api_key = os.environ.get('STRIPE_SECRET_KEY')

    account_id = Account.authorize(request.values.get('api_key'))
    ip = fix_ip(request.headers.get('x-forwarded-for', request.remote_addr))

    if request.method == 'POST':

        v = request.values.get
        emails = Account.query.filter_by(email=v('email'))
        account = emails.first()

        o("Received bootstrap payment login: %s" % v('email'))

        if account_id and account != None and account.id != account_id:
            o("Account exists but user is logged in as someone else. Error.")
            return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401
            
        if account != None and account.password != password_hash(v('password'))\
                and not account_id:
            o("Account exists but password mismatch. Erroring out.")
            return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401

        temporary_password = None

        if account == None:
            o("Creating account with temporary password.")
            temporary_password = random_hash(v('email'))[:8]
            data = {
                'email':        v('email'),
                'password':     temporary_password
            }
            try:
                account = Account(**data)
            except ValidationError, err:
                return jsonify(api_error(err.ref)), 400

            try:
                account.validate()
                db.session.add(account)
            except IntegrityError:
                return jsonify(api_error('ACCOUNTS_CREATE_FAIL')), 400

        o("Verifying payment with Stripe API.")
        failed = False

        try:
            payment = stripe.Charge.create(
                amount=int(float(v('amount')) * 100),
                currency="usd",
                source=v('stripe_token'),
                description="Bootstrap payment"
            )
        except:
            o("STRIPE UNEXPECTED ERROR:", sys.exc_info()[0])
            failed = True
            payment = {'_DEBUG': traceback.format_exc()}

        o(payment)

        if not failed and payment and payment.status == "succeeded":
            o("Payment success.")
            db.session.commit()
            data = {
                'account_id':       account.id,
                'amount':           v('amount'),
                'source':           'stripe',
                'source_id':        payment.id,
                'ip_address':       ip,
                'initial_balance':  account.credit,
                'trans_type':       'payment'
            }
            trans = Transaction(**data)
            db.session.add(trans)
            db.session.commit()

            o("Adding credit to account.")
            charged = float(payment.amount) / float(100)
            account.add_credit(charged)
            email_payment(account, charged, trans.id, payment.source.last4,
                    temporary_password)

        else:
            o("--- PAYMENT FAIL. LOGGING INFO ---")
            db.session.expunge_all()
            data = {
                'amount':       v('amount'),
                'account_id':   account.id,
                'source':       'stripe',
                'debug':        json.dumps(payment),
                'ip_address':   ip,
                'payment_type': 'bootstrap'
            }
            failed_payment = FailedPayment(**data)
            db.session.add(failed_payment)
            db.session.commit()
            return jsonify(api_error('ACCOUNTS_PAYMENT_FAIL')), 400

        result = account.public_data()
        if temporary_password:
            result['temporary_password'] = temporary_password

        return jsonify(result)
Beispiel #11
0
    def __init__(self, account_id):

        self.create_date = datetime.now()
        self.account_id = account_id
        self.reset_hash = random_hash("%s%s" %
                                      (account_id, str(self.create_date)))
Beispiel #12
0
def bootstrap():
    """
    Implicitly creates a user account and logs them in by processing a Stripe
    payment and email. If the email address belongs to a registered account, it
    requires the account password to authorize the payment and login attempt.
    """
    import json
    import stripe
    import sys
    import traceback
    from library.mailer import email_payment
    from datetime import datetime

    stripe.api_key = os.environ.get('STRIPE_SECRET_KEY')

    account_id = Account.authorize(request.values.get('api_key'))
    ip = fix_ip(request.headers.get('x-forwarded-for', request.remote_addr))

    if request.method == 'POST':

        v = request.values.get
        emails = Account.query.filter_by(email=v('email'))
        account = emails.first()

        o("Received bootstrap payment login: %s" % v('email'))

        if account_id and account != None and account.id != account_id:
            o("Account exists but user is logged in as someone else. Error.")
            return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401

        if account != None and account.password != password_hash(v('password'))\
                and not account_id:
            o("Account exists but password mismatch. Erroring out.")
            return jsonify(api_error('ACCOUNTS_LOGIN_ERROR')), 401

        temporary_password = None

        if account == None:
            o("Creating account with temporary password.")
            temporary_password = random_hash(v('email'))[:8]
            data = {'email': v('email'), 'password': temporary_password}
            try:
                account = Account(**data)
            except ValidationError, err:
                return jsonify(api_error(err.ref)), 400

            try:
                account.validate()
                db.session.add(account)
            except IntegrityError:
                return jsonify(api_error('ACCOUNTS_CREATE_FAIL')), 400

        o("Verifying payment with Stripe API.")
        failed = False

        try:
            payment = stripe.Charge.create(amount=int(
                float(v('amount')) * 100),
                                           currency="usd",
                                           source=v('stripe_token'),
                                           description="Bootstrap payment")
        except:
            o("STRIPE UNEXPECTED ERROR:", sys.exc_info()[0])
            failed = True
            payment = {'_DEBUG': traceback.format_exc()}

        o(payment)

        if not failed and payment and payment.status == "succeeded":
            o("Payment success.")
            db.session.commit()
            data = {
                'account_id': account.id,
                'amount': v('amount'),
                'source': 'stripe',
                'source_id': payment.id,
                'ip_address': ip,
                'initial_balance': account.credit,
                'trans_type': 'payment'
            }
            trans = Transaction(**data)
            db.session.add(trans)
            db.session.commit()

            o("Adding credit to account.")
            charged = float(payment.amount) / float(100)
            account.add_credit(charged)
            email_payment(account, charged, trans.id, payment.source.last4,
                          temporary_password)

        else:
            o("--- PAYMENT FAIL. LOGGING INFO ---")
            db.session.expunge_all()
            data = {
                'amount': v('amount'),
                'account_id': account.id,
                'source': 'stripe',
                'debug': json.dumps(payment),
                'ip_address': ip,
                'payment_type': 'bootstrap'
            }
            failed_payment = FailedPayment(**data)
            db.session.add(failed_payment)
            db.session.commit()
            return jsonify(api_error('ACCOUNTS_PAYMENT_FAIL')), 400

        result = account.public_data()
        if temporary_password:
            result['temporary_password'] = temporary_password

        return jsonify(result)