def settings():
form = AccountForm(obj=current_user)
# Set new labels
form.password.label.text = 'New password'
form.confirm_pass.label.text = 'Confirm New Password'
if form.validate_on_submit():
current_user.first_name = request.form.get('first_name')
current_user.last_name = request.form.get('last_name')
current_user.username = request.form.get('username')
current_user.mobile = request.form.get('mobile')
old_pass = request.form.get('old_password')
new_pass = request.form.get('password')
if old_pass != '' and new_pass != '' and password_decrypt(
old_pass, current_user.password):
current_user.password = password_encrypt(new_pass)
db.session.commit()
flash('Account settings modified', 'success')
return redirect(url_for('main.settings_page'))
else:
flash('Account settings not modified', 'danger')
return render_template('pages/settings.html', form=form)
def account():
user_pic = url_for('static', filename='pics/' + current_user.user_pic)
all_posts = [post[0] for post in posts]
post_names = [i for i in all_posts if i != current_user.post_name]
acc_form = AccountForm(prefix='form1')
new_user_form = AddNewUserForm(prefix='form2')
delete_user_form = DeleteUserForm(prefix='form3')
if acc_form.submit1.data and acc_form.validate_on_submit():
print('1')
flash('Сохранено', 'success')
return redirect(url_for('account'))
if new_user_form.submit2.data and new_user_form.validate_on_submit():
print('2')
flash('Пользователь добавлен', 'success')
return redirect(url_for('account'))
if delete_user_form.submit3.data and delete_user_form.validate_on_submit():
print('3')
flash('Пользователь удален', 'success')
return redirect(url_for('account'))
return render_template('account.html',
acc_form=acc_form,
posts=post_names,
user_pic=user_pic,
new_user_form=new_user_form,
all_posts=all_posts,
delete_user_form=delete_user_form)
def edit(username):
account = Account.find_account(username)
generated_password = generate_random_password()
form = AccountForm(obj=account)
form.role.default = account.role
form.process()
if form.validate_on_submit():
form.populate_obj(account)
db.session.commit()
flash(f'Account updated for { account.username }', 'success')
else:
flash('Account not modified', 'danger')
print('==================== ERRORS: edit() ================')
for err in form.errors:
print(err)
return render_template('pages/write_account.html',
form=form,
account=account,
generated_password=generated_password)
return redirect(url_for('it.accounts_page'))
def profile():
form = AccountForm(obj=current_user)
if form.validate_on_submit():
form.populate_obj(current_user)
current_user.save()
return(redirect(url_for('main.profile')))
return render_template('/pages/profile.html', form=form)
def update_account():
form = AccountForm()
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(id=current_user.id).first()
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash('Password has been updated!', 'success')
return redirect(url_for('index'))
return render_template('update_account.html', title='My account', form=form)
def account():
form = AccountForm()
if form.validate_on_submit():
if form.new_password.data:
current_user.set_password(form.new_password.data)
if form.new_username.data:
current_user.username = form.new_username.data
db.session.commit()
return redirect(url_for("home"))
# Displays profile page
return render_template("account.html", title="Account Settings", links=links, form=form)
def reset_password(reset_token):
account = Account.deserialize_token(reset_token)
form = AccountForm(obj=account)
if account and form.validate_on_submit():
account.password = password_encrypt(request.form.get('password'))
account.save()
flash('Password has been reset', 'success')
return redirect(url_for('main.login_page'))
flash('An error occurred', 'danger')
return redirect(url_for('main.login_page'))
def new_account():
form = AccountForm()
if request.method == 'POST' and form.validate_on_submit():
username = request.form['username']
if [x for x in users.users if x.username == username]:
form.error = True
return render_template('new_account.html', form=form)
password = request.form['password']
users.users.append(
users.User(id=len(users.users) + 1,
username=username,
password=password))
return redirect(url_for('accepted'))
return render_template('new_account.html', form=form)
def change_password():
form = AccountForm(obj=current_user)
if form.validate_on_submit():
if password_decrypt(request.form.get('old_password'), current_user.password):
current_user.password = password_encrypt(request.form.get('password'))
current_user.save()
flash('Password changed succesfully', 'success')
else:
flash('Entered password does not match your current password', 'danger')
else:
flash('Password was not changed', 'danger')
return redirect(url_for('main.profile'))
def account():
form = AccountForm(current_user.username, current_user.email)
if form.validate_on_submit():
pw = request.form['password']
current_user.username = form.username.data
current_user.email = form.email.data
current_user.about_me = form.about_me.data
if pw != '':
current_user.set_password(form.password.data)
db.session.commit()
return redirect(url_for('account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
form.about_me.data = current_user.about_me
return render_template('account.html', form=form)
def login():
account_form = AccountForm()
if request.method == 'POST':
if account_form.validate_on_submit():
fullname = account_form.fullname.data
username = account_form.username.data
exists = Account.query.filter_by(username=username).first(
) # Checks database to see if username already exists
if not exists:
account = Account(fullname, username)
db.session.add(account)
db.session.commit()
return render_template('home.html')
else:
return render_template('login.html', form=account_form)
def signup():
if(current_user.is_authenticated and current_user.is_active):
return redirect(url_for('main.home'))
form = AccountForm(request.form)
if form.validate_on_submit():
account = Account()
form.populate_obj(account)
account.password = password_encrypt(account.password)
account.save()
if login_user(account) and account.is_active():
account.update_activity_tracking(request.remote_addr)
return redirect(url_for('main.home'))
return render_template('/pages/signup.html', form=form)
def register():
form = AccountForm()
# Set required fields
form.password.validators.append(DataRequired())
form.confirm_pass.validators.append(DataRequired())
if form.validate_on_submit():
account = Account()
form.populate_obj(account)
db.session.add(account)
db.session.commit()
flash(f'Account for { account.username } created successfully',
'success')
else:
flash('Account not created', 'danger')
print('==================== ERRORS: register() ================')
for err in form.errors:
print(err)
return render_template('pages/write_account.html', form=form)
return redirect(url_for('it.accounts_page'))
def save():
log(log.INFO, "/account_save")
form = AccountForm(request.form)
if form.validate_on_submit():
form.name.data = form.name.data.strip()
form.sim.data = form.sim.data.strip()
new_account = False
if form.id.data > 0:
# Edit exists account
account = Account.query.filter(Account.id == form.id.data).first()
if account.name != form.name.data:
# Changed account name
change = AccountChanges(account=account)
change.change_type = AccountChanges.ChangeType.name
change.value_str = account.name
change.save()
flash(
f'In account {account.name} name changed to {form.name.data}',
'info')
if account.sim != form.sim.data:
# Changed account SIM
change = AccountChanges(account=account)
change.change_type = AccountChanges.ChangeType.sim
change.value_str = account.sim
change.save()
flash(
f'In account {account.name} sim changed to {form.sim.data}',
'info')
for k in request.form.keys():
account.__setattr__(k, form.__getattribute__(k).data)
else:
# Add a new account
if Account.query.filter(
Account.name == form.name.data,
Account.product_id == form.product_id.data).first():
log(log.WARNING,
"Attempt to register account with existing credentials")
flash('Such account already exists', 'danger')
return redirect(url_for("account.edit"))
new_account = True
if form.sim_cost.data == 'yes':
form.comment.data += f'\r\n\r\n{SIM_COST_ACCOUNT_COMMENT}'
account = Account(
name=form.name.data,
product_id=form.product_id.data,
reseller_id=form.reseller_id.data,
phone_id=form.phone_id.data,
sim=form.sim.data,
imei=form.imei.data,
comment=form.comment.data,
activation_date=form.activation_date.data,
months=form.months.data,
)
flash(f'Account {account.name} added', "info")
# Check that months must be in 1-12
if not 0 < account.months <= 12:
flash("Months must be in 1-12", "danger")
return redirect(url_for("account.edit", id=account.id))
account.save()
if new_account and ninja.configured:
nina_api_result = add_ninja_invoice(account, new_account,
'Activated')
if not nina_api_result:
log(log.ERROR,
"Could not register account as invoice in Invoice Ninja!")
flash("WARNING! Account registration in Ninja failed!",
"danger")
# Change Resellers last activity
reseller = Reseller.query.filter(
Reseller.id == account.reseller_id).first()
reseller.last_activity = datetime.now()
reseller.save()
log(log.INFO, "Account data was saved")
if request.form["submit"] == "save_and_add":
return redirect(
url_for("account.edit",
prev_reseller=account.reseller.name,
prev_product=account.product.name))
if request.form["submit"] == "save_and_edit":
return redirect(url_for("account.edit", id=account.id))
return redirect(url_for("main.accounts", id=account.id))
else:
flash("Form validation error", "danger")
log(log.ERROR, "Form validation error")
return redirect(url_for("account.edit", id=form.id.data))
def link_account():
form = AccountForm()
if form.validate_on_submit():
# validate third party credentials
api_url = app.config['THIRD_PARTY_API_URL'][form.institution.data]
login = form.login.data
pwd = form.password.data
try:
response = get_thirdparty_credentials(api_url, login, pwd)
except:
institution = form.institution.data
flash("Couldn't connect to third-party-api (institution = {})".
format(institution))
return render_template(
'account.html',
form=form,
institutions=["abc_bank", "xyz_bank", "xyz_trade"])
if response.status_code == 400 or response.status_code == 401:
flash("Invalid login or password.")
return render_template(
'account.html',
form=form,
institutions=["abc_bank", "xyz_bank", "xyz_trade"])
# get third party account info
api_url = app.config['THIRD_PARTY_API_URL'][form.institution.data]
account_login, account_password_hash = response.json().values()
account_resp = get_thirdparty_accountinfo(api_url, account_login,
account_password_hash)
# get third party transactions
api_url = app.config['THIRD_PARTY_API_URL'][form.institution.data]
transactions_resp = get_thirdparty_transactions(
api_url,
account_resp.json().get("id"))
# add account record
account = Account(created_at=datetime.now(),
last_update=datetime.now(),
account_institution=form.institution.data,
account_name=form.account_name.data,
account_url=app.config['THIRD_PARTY_API_URL'][
form.institution.data],
account_login=account_login,
account_password_hash=account_password_hash,
account_balance=account_resp.json().get("balance"),
third_party_id=account_resp.json().get("id"),
user_id=current_user.id)
db.session.add(account)
db.session.commit()
# add transaction records (multiple)
for transaction_resp in transactions_resp.json().get("json_list"):
date_fmt = "%a, %d %b %Y %H:%M:%S %Z"
transaction_date = datetime.strptime(transaction_resp.get("date"),
date_fmt)
transaction = Transaction(
transaction_date=transaction_date,
transaction_seller=transaction_resp.get("seller"),
transaction_amount=transaction_resp.get("amount"),
category=determine_category(transaction_resp.get("seller")),
customized=False,
third_party_id=transaction_resp.get("id"),
user_id=current_user.id,
account_id=account.id)
db.session.add(transaction)
db.session.commit()
flash('Congratulations, you have successfully linked your account!')
return redirect(url_for('overview'))
return render_template('account.html',
form=form,
institutions=["abc_bank", "xyz_bank", "xyz_trade"])