def register():
# need to sanatize input
DB.initdb()
resp = json.loads(flask.request.data)
username = resp['username']
salt, hashedpass = hashpass(resp['password'])
print("\tfrom client: \n\tregister request:\n\tu: " + username + ", p: " +
resp['password'])
#is username already registered
if (userexists(username)):
return {'message': 'Username already taken', 'code': 'failed'}
#is username already requested
if (len(
DB.query(
"accountrequests",
args="WHERE username = \'{u}\'".format(u=username))) == 1):
return {'message': 'Username already taken', 'code': 'failed'}
#submit account for approval
try:
DB.insert("accountrequests",
("\'" + username + "\'", "\'" + hashedpass + "\'",
"\'" + salt + "\'", "(SELECT datetime())"))
return {
'message': 'registered ' + username +
', pending admin approval. Try logging on later.',
'code': 'success'
}
except sqlite3.IntegrityError as E:
return {'message': 'error, ' + E.__str__(), 'code': 'failed'}
def login():
DB.initdb()
resp = json.loads(flask.request.data)
print("\tfrom client: \nlogin request:\n\tu: " +
str(resp['username'] + ", p: " + resp['password']))
#check if user exists
if (not userexists(resp['username'])):
#check if user awaiting approval
if (len(
DB.query("accountrequests",
args="WHERE username = \'{u}\'".format(
u=resp['username']))) == 1):
return {
'code': 'failed',
'reason':
'Account pending admin aporoval. Please try again later.',
'token': ''
}
#user does not exist, deny
return {
'code': 'failed',
'reason': 'Incorrect username or password. Please try again.',
'token': ''
}
#verify password
if checkpass(resp['username'], resp['password']):
#check account for ban
if (DB.query("users", "banned", "WHERE username = \'{u}\'".format(
u=resp['username']))[0][0] == 'true'):
print("Banned user " + resp['username'] + " tried to log on.")
return {
'code': 'failed',
'reason': 'Banned from server.',
'token': ''
}
#log user in, give user token
return {
'code': 'success',
'reason': 'You are now logged in',
'token': createtoken(resp['username']).__str__()
}
else:
#incorrect password
return {
'code': 'failed',
'reason': 'Incorrect username or password. Please try again.',
'token': ''
}
return render_template("index.html")
@app.route("/listings")
def serverlistings():
return render_template("listings.html")
@app.route("/register")
def servehome():
return render_template("register.html")
@app.route("/login")
def servelogin():
return render_template("login.html")
@app.route("/admin")
def serveadmin():
return render_template("admincheck.html")
@app.route("/account")
def serveaccount():
return render_template("account.html")
if __name__ == "__main__":
DB.initdb()
app.run(host='0.0.0.0', port=5000, debug=False) #192.168.2.21