def verify(): form = VerifyForm(request.form) if request.method == "POST" and form.validate(): # verify otp if session.get('tfa-logged-in', False) is not True: return redirect(url_for('auth.login')) user = User.objects(name=session['tfa-user']).next() ok, drift = accept_totp(format='dec6', key=binascii.hexlify(base64.b32decode(user.tfa_secret)), response=form.code.data, drift=user.tfa_info.get('drift', 0)) if not ok: form.errors['verify'] = ["Incorrect verification code."] return render_template('verify.html', form=form, title="Verify Login") if login_user(user, remember=session['tfa-remember']): user.tfa_info['drift'] = drift user.save() flash("Logged in!", category="success") return redirect(request.args.get("next", '/')) return render_template("verify.html", form=form, title="Verify Login")
def reset(what): if not current_user.has_permission('reset.{}'.format(what)): abort(403) form = ResetForm(request.form) user = User.objects(name=form.who.data).first() if user is None: abort(401) if form.validate(): if what == 'password': password = ''.join(random.choice('0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(16)) user.hash = bcrypt.hashpw(password, bcrypt.gensalt()) user.save() return render_template('profile_reset_password_successful.html', user=user, password=password) elif what == 'tfa': user.tfa = False user.tfa_secret = '' user.save() return render_template('profile_reset_tfa_successful.html', user=user) else: abort(401) flash('Error in reset form. Make sure you are typing the confirmation token correctly.', category='alert') return redirect(user.get_profile_url()), 303
def profile_text_edit(name): if current_user.name != name and not current_user.has_permission( 'profile.admin'): abort(404) user = User.objects(name=name).first() if user is None: abort(404) profile = get_profile(user) form = ProfileTextEditForm(request.form) if request.method == 'POST': if not form.validate(): return render_template('profile_edit_text.html', profile=profile, form=form) profile.profile_text = form.text.data profile.save() return redirect(user.get_profile_url()) form.text.data = profile.profile_text return render_template('profile_edit_text.html', profile=profile, form=form, user=user, title="Edit Profile - " + name + " - Profile")
def reset(what): if not current_user.has_permission('reset.{}'.format(what)): abort(403) form = ResetForm(request.form) user = User.objects(name=form.who.data).first() if user is None: abort(401) if form.validate(): if what == 'password': password = ''.join( random.choice( '0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ) for i in range(16)) user.hash = bcrypt.hashpw(password, bcrypt.gensalt()) user.save() return render_template('profile_reset_password_successful.html', user=user, password=password) elif what == 'tfa': user.tfa = False user.tfa_secret = '' user.save() return render_template('profile_reset_tfa_successful.html', user=user) else: abort(401) flash( 'Error in reset form. Make sure you are typing the confirmation token correctly.', category='alert') return redirect(user.get_profile_url()), 303
def authenticate_user(username, password, message="Invalid username or password."): user = User.objects(name__iexact=username).first() if user is None: raise LoginException(message) if user.hash == bcrypt.hashpw(password, user.hash): return user else: raise LoginException(message)
def get(self): users = User.objects(Q(role_groups__exists=True) & Q(role_groups__not__size=0)).scalar('name', 'role_groups') user_groups = dict() for name, groups in users: user_groups[name] = dict(groups=map(lambda group: group.name, groups)) return {'users': user_groups}
def view_staff(): listings_data = dict() for listing in listings: data = User.objects(role_groups__in=[Role_Group.objects(name=listing["id"]).first()]).only('name') data = list(data) shuffle(data) listings_data[listing["id"]] = data return render_template('staff_view_staff.html', data=listings_data, listings=listings, title="Staff")
def check_username(username): if len(username) < 4: return False, error_messages.value_too_short username_taken = len(User.objects(username=username)) > 0 if username_taken: return False, error_messages.username_taken return True, None
def get(self): users = User.objects( Q(role_groups__exists=True) & Q(role_groups__not__size=0)).scalar( 'name', 'role_groups') user_groups = dict() for name, groups in users: user_groups[name] = dict( groups=map(lambda group: group.name, groups)) return {'users': user_groups}
def add_role(username, role): from models.user_model import User user = User.objects(name=username).first() if user is None: print("no user was found with that name") user.roles.append(role) user.save() print("success!")
def profile_view(name): user = User.objects(name=name).first() if user is None: abort(404) forum_info = ForumInfo(user) profile = get_profile(user) reset_form = ResetForm() return render_template('profile_view.html', user=user, forum_info=forum_info, profile=profile, render_badges=render_badges, title="{} - Profile".format(user.name), reset_form=reset_form)
def check_email(email): if len(email) < 6: return False, error_messages.value_too_short email_valid = validate_email(email) if not email_valid: return False, error_messages.email_invalid email_exists = len(User.objects(email=email)) > 0 if email_exists: return False, error_messages.email_taken return True, None
def language_or_greetings(message): if User.objects(user_id=message.from_user.id): language = User.objects.get(user_id=message.from_user.id).get_user_language Storage.language = language start_keyboard = START_KEYBOARD[language] s = u'\U0000270C' hello = s + Texts.objects.get(title='Greetings', language=language).text + f', {message.chat.first_name}' kb = ReplyKeyboardMarkup(resize_keyboard=True) kb.add(*start_keyboard.values()) bot.send_message(message.chat.id, hello, reply_markup=kb) else: Storage.language = 'uk' User.get_or_create_user(message, 'uk') kb = ReplyKeyboardMarkup(resize_keyboard=True) kb.add(*START_KEYBOARD['uk'].values())
def profile_text_edit(name): if current_user.name != name and not current_user.has_permission('profile.admin'): abort(404) user = User.objects(name=name).first() if user is None: abort(404) profile = get_profile(user) form = ProfileTextEditForm(request.form) if request.method == 'POST': if not form.validate(): return render_template('profile_edit_text.html', profile=profile, form=form) profile.profile_text = form.text.data profile.save() return redirect(user.get_profile_url()) form.text.data = profile.profile_text return render_template('profile_edit_text.html', profile=profile, form=form, user=user, title="Edit Profile - " + name + " - Profile")
def register_pool(username): if current_user.is_authenticated(): flash("You are already logged in. Log out to register another account.", category="alert") return redirect(url_for('static_pages.landing_page')) if User.objects(name=username).first() is not None: flash("This user is already registered.", category="alert") return redirect(url_for('auth.login')) #Is verified auth_check = check_authenticated_ip(request.remote_addr, username=username) if auth_check: form = RegistrationForm(request.form) if request.method == "GET": return render_template('register_3.html', username=username, form=form, title="Step 3 - Register") elif request.method == "POST": if form.validate(): uuid = auth_check.uuid.hex player = MinecraftPlayer.find_or_create_player(uuid, auth_check.username) user = User( name=username, hash=bcrypt.hashpw(form.password.data, bcrypt.gensalt()), mail=form.mail.data, minecraft_player=player) user.save() flash("Registration complete!", category="success") return redirect(url_for('auth.login')) return render_template('register_3.html', username=username, form=form, title="Step 3 - Register") #Is not verified else: if request.method == "GET": return render_template('register_2.html', username=username, title="Waiting... - Step 2 - Register") else: abort(405)
def language_upd(call): lang = call.data.split('_')[1] User.objects(user_id=call.message.chat.id).update(language=lang) Storage.language = lang bot.send_message(call.message.chat.id, MESSAGE_NOTIFICATION[lang]['enter_start'])
def resolve_user(doc): user = User.objects(minecraft_player=doc.player).first() if doc.user != user: doc.user = user
def update_client(update_data, **filters): response = User.objects(filters).update(**update_data) return response
def push_measure(self, uuid, measure): #measure['bmi'] = self.calculate_bmi(measure) #measure['ffmi'] = self.calculate_ffmi(measure) response = User.objects(uuid=uuid).update( push__client__measures=measure) return response
def get_measure(uuid, date): query = {'uuid': uuid, 'client.measures': {'$date': date}} response = User.objects( uuid=uuid, client__measures__date=date).only('client.measures') return response
def user_loader(id): user = User.objects(name__iexact=id).first() return user
def delete_measure(uuid, date): response = User.objects(uuid=uuid, client__measures__date=date).delete() return response
def get_user(*fields_to_return, **filters): response = User.objects(**filters).only(*fields_to_return) return response
def update_user(update_data, **filters): response = User.objects(**filters).update(**update_data) return response
def view_users(): users = User.objects() print(users) return 'good'
def delete_user(**filters): response = User.objects(**filters).delete() return response