def admin_login():
if request.method == 'POST':
form = LoginForm(request.form)
validate_csrf(form.csrf_token)
account = Account.query.filter_by(username=form.username.data, password=generate_hash_pass(form.username.data, form.password.data)).first()
if account:
login_user(account)
account.set_status(online=True).save()
return redirect(url_for('admin.index'), code=302)
else:
return json.dumps(
{
'success': False
}
), 401, {'ContentType':'application/json'}
else:
if current_user.is_authenticated and current_user.is_staff():
redirect(url_for('admin.index'))
return json.dumps(
{
'success': False
}
), 302, {'ContentType':'application/json'}
print('Rendering page')
return render_template('admin/pages/login.html', form=LoginForm())
def execute(self, app):
with app.app_context():
_pass = False
while not _pass:
username = input('Username: '******'Username required')
continue
if find_account_by_username(username):
print('That account name already exists.')
continue
break
while not _pass:
password = getpass()
if len(password) < 6:
print('Secure password required')
continue
break
email = input('Email (optional): ')
if email:
if find_account_by_email(email):
print('That email already exists.')
else:
_pass = True
while not _pass:
try:
email = input('Email (optional): ')
except KeyboardInterrupt:
print()
break
if find_account_by_email(email):
print('That email already exists.')
continue
break
a_r = Account(
username=username,
email=email,
password=generate_hash_pass(username=username,
password=password)).save().rank()
a_r.level = 2
a_r.save()
account = find_account(a_r.id)
if account:
print('Account created successfully')
else:
print('Failed to create account.')
def register():
callback = {
'success': True,
'form': '',
'errors': []
}
if current_user.is_authenticated:
logout_user() # How did this happen..?
return redirect('register')
if request.method == 'POST':
form = RegisterForm(request.form)
username = form.username.data
email = form.email.data
if not username:
callback['success'] = False
callback['form'] = 'username'
callback['errors'].append('Invalid username')
return json.dumps(callback), 400, {'ContentType':'application/json'}
if not email:
callback['success'] = False
callback['form'] = 'email'
callback['errors'].append('Invalid email')
return json.dumps(callback), 400, {'ContentType':'application/json'}
account = Account.query.filter_by(email=email).first()
if account:
callback['success'] = False
callback['form'] = 'email'
callback['errors'].append('Email already registered')
return json.dumps(callback), 400, {'ContentType':'application/json'}
account = Account.query.filter_by(username=form.username.data).first()
if account:
callback['success'] = False
callback['form'] = 'username'
callback['errors'].append('Username already registered')
return json.dumps(callback), 400, {'ContentType':'application/json'}
password = generate_hash_pass(username, form.password.data)
account = Account(
username = username,
password = password,
email = email
)
account = account.save()
account.change_rank(
level=1
)
account = Account.query.filter_by(username=username, password=password, email=email).first()
if account:
return json.dumps(callback), 200, {'ContentType':'application/json'}
else:
return json.dumps(
{
'success': False
}
), 401, {'ContentType':'application/json'}
else:
return render_template('splash/actions/register.html')
def account():
_type = request.args.get('type')
id = request.args.get('id')
print(_type, id)
if _type == 'edit':
if request.method == 'GET':
if id == 0:
return redirect(url_for('account.accounts'))
account = find_account(id)
if account:
if current_user.rank().level < 2 and current_user.rank(
).level <= account.rank().level:
if current_user.is_staff():
return redirect(url_for('account.accounts'))
else:
return redirect(url_for('index.index'))
form = AccountForm()
form.rank.process_data(account.rank().level)
return render_template('admin/pages/accounts/account.html',
account=account,
form=form,
render_type='edit',
redirect=redirect)
else:
return render_template('admin/pages/404.html',
reason='Account',
content='Not found')
else:
form = AccountForm(request.form)
account = find_account(form.id.data)
if account:
if current_user.rank().level < 2 and current_user.rank(
).level <= account.rank().level:
abort(400)
form = AccountForm(request.form)
if form.password.data is None or not form.password.data:
form.password.data = account.password
if form.password.data != account.password:
form.password.data = generate_hash_pass(
account.username, form.password.data)
account.__init__(**form.data)
account.save()
account.rank().level = int(form.rank.data)
account.rank().save()
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
else:
abort(400)
return redirect(url_for('account.accounts'))
elif _type == 'add':
form = AccountForm(request.form)
if not form.username.data or form.username.data is None or len(
form.username.data) < 3:
return json.dumps({
'success': False,
'message': 'Invalid username value'
}), 400, {
'ContentType': 'application/json'
}
if not form.password.data or form.password.data is None or len(
form.password.data) < 6:
return json.dumps({
'success': False,
'message': 'Invalid password value'
}), 400, {
'ContentType': 'application/json'
}
if not form.email.data or form.email.data is None or len(
form.email.data) < 6:
return json.dumps({
'success': False,
'message': 'Invalid email value'
}), 400, {
'ContentType': 'application/json'
}
account = find_account_by_username(
form.username.data) or find_account_by_email(form.email.data)
if account:
return json.dumps({
'success': False,
'message': 'Account already exists.'
}), 400, {
'ContentType': 'application/json'
}
form.password.data = generate_hash_pass(username=form.username.data,
password=form.password.data)
account = Account(**form.data)
account.change_rank(level=int(form.rank.data))
account.save()
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
elif _type == 'new':
return render_template('admin/pages/accounts/account.html',
form=AccountForm(),
ranks=ranks,
render_type='new')
elif _type == 'delete':
account = find_account(id)
if account:
print('Username: %s' % account.username)
account.delete()
return redirect(url_for('account.accounts'))
else:
return json.dumps({
'success': False,
'message': 'Account not found.'
}), 400, {
'ContentType': 'application/json'
}
else:
return redirect(url_for('account.accounts'))