def changeemail(): form = ChangeEmailForm() user = User.query.filter_by(user_name=current_user.user_name).first() if request.method == 'POST': if form.validate_on_submit(): try: if User.decryptpassword(pwdhash=user.wallet_pin, password=form.accountpin.data): if User.decryptpassword(pwdhash=user.password_hash, password=form.accountpassword.data): user.email = form.newemail.data user.fails = 0 db.session.add(user) db.session.commit() flash('Email updated', category="success") return redirect(url_for('users.account', user_name=current_user.user_name)) else: x = int(user.fails) y = x + 1 user.fails = y db.session.add(user) db.session.commit() if int(user.fails) == 5: user.locked = 1 db.session.add(user) db.session.commit() return redirect(url_for('users.account_locked')) else: flash("Invalid Password/Pin", category="danger") return redirect(url_for('users.changeemail', user_name=current_user.user_name)) else: x = int(user.fails) y = x + 1 user.fails = y db.session.add(user) if int(user.fails) == 5: user.locked = 1 db.session.add(user) db.session.commit() return redirect(url_for('users.account_locked')) else: db.session.commit() flash("Invalid Password/Pin", category="danger") return redirect(url_for('users.changeemail', user_name=current_user.user_name)) except Exception: return redirect(url_for('index')) else: flash("Error in Form") return redirect(url_for('users.changeemail', user_name=current_user.user_name)) return render_template('users/account/changeemail.html', form=form, user=user )
def changepassword(): form = ChangePasswordForm() user = db.session \ .query(User) \ .filter_by(id=current_user.id) \ .first() if request.method == 'POST': if form.validate_on_submit(): if User.decryptpassword(pwdhash=user.password_hash, password=form.currentpassword.data): cryptedpwd = User.cryptpassword( password=form.newpasswordtwo.data) user.password_hash = cryptedpwd db.session.add(user) db.session.commit() flash('Password has been changed', category="success") return redirect(url_for('users.account')) else: flash('Bad Password', category="danger") return redirect((request.args.get('next', request.referrer))) else: flash(form.errors, category="danger") return redirect(url_for('users.account')) return render_template('users/account/changepassword.html', form=form)
def changepin(): form = ChangePinForm() if request.method == 'POST': user = db.session \ .query(User) \ .filter_by(id=current_user.id) \ .first() if form.validate_on_submit(): if User.decryptpassword(pwdhash=user.wallet_pin, password=form.currentpin.data): cryptedpwd = User.cryptpassword(password=form.newpin2.data) user.wallet_pin = cryptedpwd db.session.add(user) db.session.commit() flash('Pin has been added.', category="success") else: flash('Invalid Pin', category="danger") return redirect((request.args.get('next', request.referrer))) else: flash('Invalid Form Entry', category="danger") return redirect((request.args.get('next', request.referrer))) return render_template('users/account/changepin.html', form=form)
def login_post(): if request.method == 'POST': form = LoginForm(request.form) if form.validate_on_submit(): user = db.session\ .query(User)\ .filter_by(user_name=form.user_name.data)\ .first() if user is not None: if User.decryptpassword(pwdhash=user.password_hash, password=form.password_hash.data): if user.locked == 0: user.fails = 0 db.session.add(user) db.session.commit() login_user(user) current_user.is_authenticated() current_user.is_active() return redirect(url_for('index')) else: return redirect(url_for('users.account_locked')) else: x = user.fails y = x + 1 user.fails = y db.session.add(user) db.session.commit() if int(user.fails) >= 5: user.locked = 1 db.session.add(user) db.session.commit() return redirect(url_for('users.account_locked')) else: flash("Please retry user name or password.", category="danger") return redirect(url_for('users.login')) else: flash("Please retry user name or password", category="danger") return redirect(url_for('users.login')) else: flash("Please retry user name or password.", category="danger") return redirect(url_for('users.login')) else: flash("Incorrect form.", category="danger") return redirect(url_for('index'))
def sendcoin(): if request.method == "GET": pass if request.method == "POST": form = WalletSendcoin() wallet = BchWallet.query.filter(BchWallet.user_id == current_user.id).first_or_404() # get walletfee walletthefee = db.session.query(BchWalletFee).get(1) wfee = Decimal(walletthefee.bch) if form.validate_on_submit(): if User.decryptpassword(pwdhash=current_user.wallet_pin, password=form.pin.data): sendto = form.sendto.data comment = form.description.data amount = form.amount.data # test wallet_bch stuff for security walbal = Decimal(wallet.currentbalance) amount2withfee = Decimal(amount) + Decimal(wfee) # greater than amount with fee if floating_decimals(walbal, 8) >= floating_decimals(amount2withfee, 8): # greater than fee if Decimal(amount) > Decimal(wfee): # add to wallet_bch work bch_cash_send_coin_offsite( user_id=current_user.id, sendto=sendto, amount=amount, comment=comment ) flash("BCH Sent: " + str(sendto), category="success") flash("Please allow a few minutes for your coin to be added to transactions", category="success") return redirect(url_for('wallet_bch.home', user_name=current_user.user_name)) else: flash("Cannot withdraw amount less than fee: " + str(wfee), category="danger") return redirect(url_for('wallet_bch.home', user_name=current_user.user_name)) else: flash("Cannot withdraw more than your balance including fee.", category="danger") return redirect(url_for('wallet_bch.home', user_name=current_user.user_name)) else: flash("Invalid Pin.", category="danger") return redirect(url_for('wallet_bch.home', user_name=current_user.user_name)) else: flash("Form Error. Did you enter something inccorrectly? ", category="danger") return redirect(url_for('wallet_bch.home', user_name=current_user.user_name))
def sendcoin(): # forms form = WalletSendCoin() # Get wallet wallet = db.session.query(MoneroWalletStagenet).filter_by(user_id=current_user.id).first() # walletfee walletthefee = db.session.query(MoneroWalletFeeStagenet).get(1) wfee = Decimal(walletthefee.amount) if request.method == "POST": if form.validate_on_submit(): if User.decryptpassword(pwdhash=current_user.wallet_pin, password=form.pin.data): sendto = form.sendto.data amount = form.amount.data # test wallet_btc stuff for security walbal = Decimal(wallet.currentbalance) amount2withfee = Decimal(amount) + Decimal(wfee) # greater than amount with fee if floating_decimals(walbal, 8) >= floating_decimals(amount2withfee, 8): # greater than fee if Decimal(amount) > Decimal(wfee): # add to wallet_btc work monerosendcoin_stagenet( user_id=current_user.id, sendto=sendto, amount=amount, ) flash("XMR Sent: " + str(sendto), category="success") flash("Please allow a few minutes for the transaction to appear and process to begin.", category="success") return redirect(url_for('wallet_xmr_stagenet.home', user_name=current_user.user_name)) else: flash("Cannot withdraw amount less than wallet_btc fee: " + str(wfee), category="danger") return redirect(url_for('wallet_xmr_stagenet.home', user_name=current_user.user_name)) else: flash("Cannot withdraw amount less than wallet_btc fee: " + str(wfee), category="danger") return redirect(url_for('wallet_xmr_stagenet.home', user_name=current_user.user_name)) else: flash("Invalid Pin", category="danger") return redirect(url_for('wallet_xmr_stagenet.home', user_name=current_user.user_name)) else: flash("Bad Form. Did you enter the information correctly?", category="danger") return redirect(url_for('wallet_xmr_stagenet.home', user_name=current_user.user_name))