def change_password(): if request.method == "GET": token = request.args.get("token") if not current_user and not token: return redirect("..") if not token: current_user.password_reset = binascii.b2a_hex( os.urandom(20)).decode("utf-8") current_user.password_reset_expires = datetime.now() + timedelta( days=1) db.commit() token = current_user.password_reset changePwdForm = ChangePasswordForm(token=token) return render_template("change.html", changePwdForm=changePwdForm) elif request.method == "POST": form = ChangePasswordForm(request.form) if form.validate(): token = request.form.get("token") password = request.form.get("password") user = User.query.filter(User.password_reset == token).first() user.set_password(password) user.password_reset = None user.password_reset_expires = None db.commit() login_user(user) return redirect("panel")
def edit_project(): form = ProjectForm(request.form) if form.validate(): name = request.form["name"] id = request.form["id"] db.query(Project).filter(Project.id == id).update({"name": name}) db.commit() return redirect("admin")
def create_project(): form = NewProjectForm(request.form) if form.validate(): name = request.form.get("name") project = Project(name) db.add(project) db.commit() return redirect("admin")
def delete_project(): form = DeleteProjectForm(request.form) if form.validate(): id = request.form["id"] db.query(Donation).filter(Donation.project_id == id).update( {"project_id": sqlalchemy.sql.null()}) db.query(Project).filter(Project.id == id).delete() db.commit() return redirect("admin")
def go(*args, **kw): try: ret = f(*args, **kw) db.commit() return ret except Exception: db.rollback() db.close() raise
def issue_password_reset(email): user = User.query.filter(User.email == email).first() if not user: return render_template("reset.html", errors=_("No one with that email found.")) user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8") user.password_reset_expires = datetime.now() + timedelta(days=1) send_password_reset(user) db.commit() return render_template("reset.html", done=True)
def cancel(id): donation = Donation.query.filter(Donation.id == id).first() if donation.user != current_user: abort(401) if donation.type != DonationType.monthly: abort(400) donation.active = False db.commit() send_cancellation_notice(current_user, donation) return redirect("../panel")
def create(self, name, user): cur = db.cursor() res = cur.execute('select name from board where name = ?', [ name, ]) if res.fetchone() != None: raise BoardAlreadyExistException cur.execute('INSERT INTO board (name, moderator_id) VALUES (?, ?)', [name, user.id]) db.commit()
def register(cls, *args): if len(args) != 3: raise BadArgsException cur = db.cursor() res = cur.execute('select username from user where username = ?', [args[0]]) if res.fetchone() != None: raise UsernameAlreadyExistException hashed_pass = cls.sha_pass(args[2]) cur.execute( 'INSERT INTO user (username, email, password) VALUES (?, ?, ?)', [*args[0:2], hashed_pass]) db.commit()
def setup(): if not User.query.count() == 0: abort(400) email = request.form.get("email") password = request.form.get("password") if not email or not password: return redirect( "..") # TODO: Tell them what they did wrong (i.e. being stupid) user = User(email, password) user.admin = True db.add(user) db.commit() login_user(user) return redirect("admin?first-run=1")
def exec(self, *args, **kwargs): board = kwargs.get('board', '') author = kwargs.get('author', '') if board == '' and author == '': raise BadArgsException _type = 'board' if board != '' else 'author' name = board if board != '' else author cur = db.cursor() cur.execute( 'select id from subscribe where owner_id=? and type=? and name=?', (self.user.id, _type, name)) if len(cur.fetchall()) == 0: self.write('You haven\'t subscribed {}'.format(name)) return cur.execute( 'delete from subscribe where owner_id=? and type=? and name=?', (self.user.id, _type, name)) db.commit() self.write('Unsubscribe successfully')
def update(self, key, value): db.execute( 'update {} set {} = ? where id = {}'.format( self.__class__.__name__.lower(), key, self.id), (value, )) db.commit()
def delete(self): db.execute( 'delete from {} where id= ?'.format( self.__class__.__name__.lower()), (self.id, )) db.commit()
def create(cls, post, user, uuid): db.execute( 'INSERT INTO comment (post_id, author_id, uuid) VALUES (?, ?, ?)', (post.id, user.id, uuid)) db.commit()
def create(cls, sender, receiver, uuid, subject): db.execute( 'INSERT INTO mail (receiver_id, sender_id, uuid, subject) VALUES (?, ?, ?, ?)', (receiver.id, sender.id, uuid, subject)) db.commit()
for donation in donations: if donation.updated < limit: print(_("Charging {}").format(donation)) user = donation.user customer = stripe.Customer.retrieve(user.stripe_customer) try: charge = stripe.Charge.create( amount=donation.amount, currency=_cfg("currency"), customer=user.stripe_customer, description=_("Donation to ") + _cfg("your-name"), ) except stripe.error.CardError: donation.active = False db.commit() send_declined(user, donation.amount) print(_("Declined")) continue send_thank_you(user, donation.amount, donation.type == DonationType.monthly) donation.updated = datetime.now() donation.payments += 1 db.commit() else: print(_("Skipping {}").format(donation)) print( ngettext( u"%(num)d record processed.\n",
def donate(): email = request.form.get("email") stripe_token = request.form.get("stripe_token") amount = request.form.get("amount") type = request.form.get("type") comment = request.form.get("comment") project_id = request.form.get("project") # validate and rejigger the form inputs if not email or not stripe_token or not amount or not type: return {"success": False, "reason": "Invalid request"}, 400 try: if project_id is None or project_id == "null": project = None else: project_id = int(project_id) project = Project.query.filter(Project.id == project_id).first() if type == "once": type = DonationType.one_time else: type = DonationType.monthly amount = int(amount) except Exception as e: current_app.logger.exception( "Error, failed to generate a donation because '%s' for the values: '%s'" % (e, request.form.items()), exc_info=True, ) return {"success": False, "reason": "Invalid request"}, 400 new_account = False user = User.query.filter(User.email == email).first() if not user: new_account = True user = User(email, binascii.b2a_hex(os.urandom(20)).decode("utf-8")) user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8") user.password_reset_expires = datetime.now() + timedelta(days=1) customer = stripe.Customer.create(email=user.email, card=stripe_token) user.stripe_customer = customer.id db.add(user) else: customer = stripe.Customer.retrieve(user.stripe_customer) new_source = customer.sources.create(source=stripe_token) customer.default_source = new_source.id customer.save() donation = Donation(user, type, amount, project, comment) db.add(donation) try: stripe.Charge.create( amount=amount, currency=_cfg("currency"), customer=user.stripe_customer, description="Donation to " + _cfg("your-name"), ) except stripe.error.CardError: db.rollback() db.close() return {"success": False, "reason": "Your card was declined."} db.commit() try: send_thank_you(user, amount, type == DonationType.monthly) send_new_donation(user, donation) except Exception: traceback.print_exc() print("Error while trying to send a email") if new_account: return { "success": True, "new_account": new_account, "password_reset": user.password_reset, } else: return {"success": True, "new_account": new_account}