def forgot_password():
req = request.json
user = user_model.UserModel()
user.setUser(req['username'])
app = current_app._get_current_object()
if user.getUserName() is not None:
#forgot password procedure
random_password = user.get_random_password(16)
user.updateField("password",random_password)
mail = Mail(app)
msg = Message("Password Change - Marketext",
recipients=[user.getEmail()])
msg.html = "<b>\
\
Hi Marketext user: "******"! <br><br> \
Seems like you have forgotten your account password. Do not worry, though - we got you!<br><br> \
The old password is no longer available, please use this new password you can use to log back into your account: " + random_password + "<br><br> \
You may use this to gain access back to your account, then change it to a new password to your liking. <br><br>\
Hope our website continues to be of your service!<br><br> \
- The Marketext Team\
</b>"
mail.send(msg)
return json.dumps({'userExist': True})
return json.dumps({'userExist': False, 'error': 'User does not exist'})
def updateProfile():
userProfile = profile_model.ProfileModel(session['userId'])
user = user_model.UserModel(session['userId'])
req = request.json
if md5(req['Password'].encode('utf-8')).hexdigest() == user.getPassword():
if req['firstName'] != userProfile.getFirstName():
userProfile.updateField('firstName', req['firstName'])
if req['lastName'] != userProfile.getLastName():
userProfile.updateField('lastName', req['lastName'])
if req['phoneNumber'] != userProfile.getPhoneNumber():
userProfile.updateField('phoneNumber', req['phoneNumber'])
if req['address'] != userProfile.getStreet():
userProfile.updateField('street', req['address'])
if req['city'] != userProfile.getCity():
userProfile.updateField('city', req['city'])
if req['state'] != userProfile.getState():
userProfile.updateField('state', req['state'])
if req['zipcode'] != userProfile.getZipCode():
userProfile.updateField('zipCode', req['zipcode'])
if req['newPassword']:
user.updateField('password', req['newPassword'])
return json.dumps({'error': 'Updated'})
return json.dumps({'error': 'Current Password is Incorrect'})
def register():
error = None
if request.method == 'POST':
req = request.json
username = req['username']
email = req['email']
password = req['password']
user = user_model.UserModel()
userProfile = profile_model.ProfileModel()
if user.isExist("userName", username):
error = 'Username already taken'
elif user.isExist("email", email):
error = 'Email already used'
if error is None:
user.setUserName(username)
user.setEmail(email)
user.setPassword(password)
user.insertUser()
user.setUser(username)
userProfile.initProfile(user.getUserId())
return json.dumps({'registered': True})
return json.dumps({'registered': False, 'error': error})
def updateProfile():
customerProfle = customer_profile_model.CustomerProfileModel(
session['userId'])
user = user_model.UserModel(session['userId'])
req = request.json
if req['name'] != customerProfle.getName():
customerProfle.updateField('firstName', req['firstName'])
if req['email']:
user.updateField('email', req['email'])
if req['address'] != customerProfle.getAddress():
customerProfle.updateField('phoneNumber', req['phoneNumber'])
if req['payment'] != customerProfle.getPayment():
customerProfle.updateField('street', req['address'])
if req['balance'] != customerProfle.getBalance():
customerProfle.updateField('city', req['city'])
if req['subscribe'] != customerProfle.getSubscribe():
customerProfle.updateField('state', req['state'])
return json.dumps({'error': 'Updated'})
def updateDish():
menu = menu_model.MenuModel(session['profileId'])
user = user_model.UserModel(session['userId'])
req = request.json
if md5(req['Password'].encode('utf-8')).hexdigest() == user.getPassword():
if req['dishName'] != menu.getDishName():
menu.updateField('dishName', req['dishName'])
if req['description'] != menu.getDescription():
menu.updateField('description', req['description'])
if req['ingredients'] != menu.getDescription():
menu.updateField('ingredients', req['ingredients'])
if req['keywords'] != menu.getKeywords():
menu.updateField('keywords', req['keywords'])
if req['price'] != menu.getKeywords():
menu.updateField('price', req['price'])
if req['category'] != menu.getKeywords():
menu.updateField('category', req['category'])
if req['image'] != menu.getImage():
menu.updateField('image', req['image'])
if req['newPassword']:
user.updateField('password', req['newPassword'])
return json.dumps({'error': 'Updated'})
return json.dumps({'error': 'Current Password is Incorrect'})
def addEmployee():
error = None
if request.method == 'POST':
req = request.json
username = req['userName']
email = req['email']
password = req['password']
user = user_model.UserModel()
employeeProfile = employee_profile_model.EmployeeProfileModel()
req = request.json
if user.isExist("userName", username):
error = 'Username already taken'
elif user.isExist("email", email):
error = 'Email already used'
if error is None:
user.setUserName(username)
user.setEmail(email)
user.setPassword(password)
user.setType("e")
user.insertUser()
user.setUser(username)
employeeProfile.setFirstName(req['firstName'])
employeeProfile.setLastName(req['lastName'])
employeeProfile.setEmployeeId(req['employeeId'])
employeeProfile.setPhoneNumber(req['phoneNumber'])
employeeProfile.setPosition(req['position'])
employeeProfile.setSalary(req['salary'])
employeeProfile.addEmployee(user.getUserId())
return json.dumps({'Added': True})
return json.dumps({'Added': False, 'error': error})
def updateProfile():
employeeProfile = employee_profile_model.EmployeeProfileModel(
session['userId'])
user = user_model.UserModel(session['userId'])
req = request.json
if md5(req['Password'].encode('utf-8')).hexdigest() == user.getPassword():
if req['firstName'] != employeeProfile.getFirstName():
employeeProfile.updateField('firstName', req['firstName'])
if req['lastName'] != employeeProfile.getLastName():
employeeProfile.updateField('lastName', req['lastName'])
if req['employeeId'] != employeeProfile.getEmployeeId():
employeeProfile.updateField('employeeId', req['employeeId'])
if req['phone'] != employeeProfile.getPhoneNumber():
employeeProfile.updateField('phone', req['phone'])
if req['position'] != employeeProfile.getPosition():
employeeProfile.updateField('position', req['position'])
if req['salary'] != employeeProfile.getSalary():
employeeProfile.updateField('salary', req['salary'])
if req['newPassword']:
user.updateField('password', req['newPassword'])
return json.dumps({'error': 'Updated'})
return json.dumps({'error': 'Current Password is Incorrect'})
def login():
error = None
path = None
if request.method == 'POST':
req = request.json
username = req['username']
password = req['password']
user = user_model.UserModel()
user.setUser(username)
app = current_app._get_current_object()
customerProfile = customer_profile_model.CustomerProfileModel(user.getUserId())
session.clear()
if user.getUserName() is None or user.getPassword() != md5(password.encode('utf-8')).hexdigest():
error = 'Invalid username or password or not correct.'
if user.getUserName() is not None:
if user.getType() not in req['type']:
if user.getType() == "c":
error = "Not a customer account"
else:
error = "Not a employee account"
if user.getType() == 'e':
employeeProfile = employee_profile_model.EmployeeProfileModel(user.getUserId())
if user.getType() == 'e':
session['profileId'] = employeeProfile.getProfileId()
if employeeProfile.getPosition() == "chef":
path = '/chef'
if employeeProfile.getPosition() == "deliveryboy":
path = '/DeliveryHome'
if user.getType() == 'm':
path = '/Manager'
if req['type'] == "c":
if customerProfile.getApprove() == "0":
error = 'Account not approve yet!'
else:
path = '/Menu'
if error is None:
session['userId'] = user.getUserId()
session['username'] = user.getUserName()
session['email'] = user.getEmail()
session['type'] = user.getType()
token = jwt.encode({'userId': user.getUserId(), 'username': user.getUserName(), 'email': user.getEmail(), 'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=50)}, app.config['SECRET_KEY'])
return json.dumps({'authenticated': True, 'token': token.decode('UTF-8'),'path': path, 'type': user.getType()})
flash(error)
return json.dumps({'authenticated': False, 'error': error})
def getNotApprove():
customerProfle = customer_profile_model.CustomerProfileModel()
customers = customerProfle.getNotApprove()
for i in range(len(customers)):
user = user_model.UserModel(customers[i]['userId'])
customers[i]['userName'] = user.getUserName()
customers[i]['email'] = user.getEmail()
customers[i]['userId'] = user.getUserId()
return json.dumps({'customers': customers})
def getEmployee():
employeeProfile = employee_profile_model.EmployeeProfileModel()
employeeProfile = employeeProfile.getEmployee()
for i in range(len(employeeProfile)):
user = user_model.UserModel(employeeProfile[i]['userId'])
employeeProfile[i]['userName'] = user.getUserName()
employeeProfile[i]['email'] = user.getEmail()
employeeProfile[i]['userId'] = user.getUserId()
employeeProfile[i]['registrationDate'] = user.getRegistrationDate()
return json.dumps({'employees': employeeProfile})
def showListingsForGame():
listings = listings_model.ListingsModel()
req = request.json
response = {'gameListings': []}
if (req['console'] == 'all'):
response['gameListings'] = listings.getListingsForGame(
gameId=req['gameId'], console=None)
else:
response['gameListings'] = listings.getListingsForGame(
gameId=req['gameId'], console=req['console'].lower())
for item in response['gameListings']:
item['userName'] = user_model.UserModel(
userId=item['userId']).getUserName()
item['price'] = str(item['price'])
return json.dumps(response)
def login():
error = None
if request.method == 'POST':
req = request.json
username = req['username']
password = req['password']
user = user_model.UserModel()
user.setUser(username)
app = current_app._get_current_object()
if user.getUserName() is None or user.getPassword() != md5(
password.encode('utf-8')).hexdigest():
error = 'Invalid username or password.'
if error is None:
session.clear()
session['userId'] = user.getUserId()
session['username'] = user.getUserName()
session['email'] = user.getEmail()
token = jwt.encode(
{
'userId':
user.getUserId(),
'username':
user.getUserName(),
'email':
user.getEmail(),
'exp':
datetime.datetime.utcnow() + datetime.timedelta(minutes=50)
}, app.config['SECRET_KEY'])
return json.dumps({
'authenticated': True,
'token': token.decode('UTF-8')
})
flash(error)
return json.dumps({'authenticated': False, 'error': error})
def getUserName():
req = request.json
user = user_model.UserModel(req['userId'])
return json.dumps({'username': user.getUserName()})
def profile():
user = user_model.UserModel()
return None