def verify():
form = VerifyForm(request.form)
if request.method == "POST" and form.validate():
# verify otp
if session.get('tfa-logged-in', False) is not True:
return redirect(url_for('auth.login'))
user = User.objects(name=session['tfa-user']).next()
ok, drift = accept_totp(format='dec6',
key=binascii.hexlify(base64.b32decode(user.tfa_secret)),
response=form.code.data,
drift=user.tfa_info.get('drift', 0))
if not ok:
form.errors['verify'] = ["Incorrect verification code."]
return render_template('verify.html', form=form, title="Verify Login")
if login_user(user, remember=session['tfa-remember']):
user.tfa_info['drift'] = drift
user.save()
flash("Logged in!", category="success")
return redirect(request.args.get("next", '/'))
return render_template("verify.html", form=form, title="Verify Login")
def reset(what):
if not current_user.has_permission('reset.{}'.format(what)):
abort(403)
form = ResetForm(request.form)
user = User.objects(name=form.who.data).first()
if user is None:
abort(401)
if form.validate():
if what == 'password':
password = ''.join(random.choice('0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(16))
user.hash = bcrypt.hashpw(password, bcrypt.gensalt())
user.save()
return render_template('profile_reset_password_successful.html', user=user, password=password)
elif what == 'tfa':
user.tfa = False
user.tfa_secret = ''
user.save()
return render_template('profile_reset_tfa_successful.html', user=user)
else:
abort(401)
flash('Error in reset form. Make sure you are typing the confirmation token correctly.', category='alert')
return redirect(user.get_profile_url()), 303
def profile_text_edit(name):
if current_user.name != name and not current_user.has_permission(
'profile.admin'):
abort(404)
user = User.objects(name=name).first()
if user is None:
abort(404)
profile = get_profile(user)
form = ProfileTextEditForm(request.form)
if request.method == 'POST':
if not form.validate():
return render_template('profile_edit_text.html',
profile=profile,
form=form)
profile.profile_text = form.text.data
profile.save()
return redirect(user.get_profile_url())
form.text.data = profile.profile_text
return render_template('profile_edit_text.html',
profile=profile,
form=form,
user=user,
title="Edit Profile - " + name + " - Profile")
def reset(what):
if not current_user.has_permission('reset.{}'.format(what)):
abort(403)
form = ResetForm(request.form)
user = User.objects(name=form.who.data).first()
if user is None:
abort(401)
if form.validate():
if what == 'password':
password = ''.join(
random.choice(
'0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
) for i in range(16))
user.hash = bcrypt.hashpw(password, bcrypt.gensalt())
user.save()
return render_template('profile_reset_password_successful.html',
user=user,
password=password)
elif what == 'tfa':
user.tfa = False
user.tfa_secret = ''
user.save()
return render_template('profile_reset_tfa_successful.html',
user=user)
else:
abort(401)
flash(
'Error in reset form. Make sure you are typing the confirmation token correctly.',
category='alert')
return redirect(user.get_profile_url()), 303
def authenticate_user(username, password, message="Invalid username or password."):
user = User.objects(name__iexact=username).first()
if user is None:
raise LoginException(message)
if user.hash == bcrypt.hashpw(password, user.hash):
return user
else:
raise LoginException(message)
def get(self):
users = User.objects(Q(role_groups__exists=True) & Q(role_groups__not__size=0)).scalar('name', 'role_groups')
user_groups = dict()
for name, groups in users:
user_groups[name] = dict(groups=map(lambda group: group.name, groups))
return {'users': user_groups}
def view_staff():
listings_data = dict()
for listing in listings:
data = User.objects(role_groups__in=[Role_Group.objects(name=listing["id"]).first()]).only('name')
data = list(data)
shuffle(data)
listings_data[listing["id"]] = data
return render_template('staff_view_staff.html', data=listings_data, listings=listings, title="Staff")
def check_username(username):
if len(username) < 4:
return False, error_messages.value_too_short
username_taken = len(User.objects(username=username)) > 0
if username_taken:
return False, error_messages.username_taken
return True, None
def authenticate_user(username,
password,
message="Invalid username or password."):
user = User.objects(name__iexact=username).first()
if user is None:
raise LoginException(message)
if user.hash == bcrypt.hashpw(password, user.hash):
return user
else:
raise LoginException(message)
def get(self):
users = User.objects(
Q(role_groups__exists=True) & Q(role_groups__not__size=0)).scalar(
'name', 'role_groups')
user_groups = dict()
for name, groups in users:
user_groups[name] = dict(
groups=map(lambda group: group.name, groups))
return {'users': user_groups}
def add_role(username, role):
from models.user_model import User
user = User.objects(name=username).first()
if user is None:
print("no user was found with that name")
user.roles.append(role)
user.save()
print("success!")
def profile_view(name):
user = User.objects(name=name).first()
if user is None:
abort(404)
forum_info = ForumInfo(user)
profile = get_profile(user)
reset_form = ResetForm()
return render_template('profile_view.html', user=user, forum_info=forum_info, profile=profile, render_badges=render_badges, title="{} - Profile".format(user.name), reset_form=reset_form)
def check_email(email):
if len(email) < 6:
return False, error_messages.value_too_short
email_valid = validate_email(email)
if not email_valid:
return False, error_messages.email_invalid
email_exists = len(User.objects(email=email)) > 0
if email_exists:
return False, error_messages.email_taken
return True, None
def language_or_greetings(message):
if User.objects(user_id=message.from_user.id):
language = User.objects.get(user_id=message.from_user.id).get_user_language
Storage.language = language
start_keyboard = START_KEYBOARD[language]
s = u'\U0000270C'
hello = s + Texts.objects.get(title='Greetings', language=language).text + f', {message.chat.first_name}'
kb = ReplyKeyboardMarkup(resize_keyboard=True)
kb.add(*start_keyboard.values())
bot.send_message(message.chat.id, hello, reply_markup=kb)
else:
Storage.language = 'uk'
User.get_or_create_user(message, 'uk')
kb = ReplyKeyboardMarkup(resize_keyboard=True)
kb.add(*START_KEYBOARD['uk'].values())
def profile_view(name):
user = User.objects(name=name).first()
if user is None:
abort(404)
forum_info = ForumInfo(user)
profile = get_profile(user)
reset_form = ResetForm()
return render_template('profile_view.html',
user=user,
forum_info=forum_info,
profile=profile,
render_badges=render_badges,
title="{} - Profile".format(user.name),
reset_form=reset_form)
def profile_text_edit(name):
if current_user.name != name and not current_user.has_permission('profile.admin'):
abort(404)
user = User.objects(name=name).first()
if user is None:
abort(404)
profile = get_profile(user)
form = ProfileTextEditForm(request.form)
if request.method == 'POST':
if not form.validate():
return render_template('profile_edit_text.html', profile=profile, form=form)
profile.profile_text = form.text.data
profile.save()
return redirect(user.get_profile_url())
form.text.data = profile.profile_text
return render_template('profile_edit_text.html', profile=profile, form=form, user=user, title="Edit Profile - " + name + " - Profile")
def register_pool(username):
if current_user.is_authenticated():
flash("You are already logged in. Log out to register another account.", category="alert")
return redirect(url_for('static_pages.landing_page'))
if User.objects(name=username).first() is not None:
flash("This user is already registered.", category="alert")
return redirect(url_for('auth.login'))
#Is verified
auth_check = check_authenticated_ip(request.remote_addr, username=username)
if auth_check:
form = RegistrationForm(request.form)
if request.method == "GET":
return render_template('register_3.html', username=username, form=form, title="Step 3 - Register")
elif request.method == "POST":
if form.validate():
uuid = auth_check.uuid.hex
player = MinecraftPlayer.find_or_create_player(uuid, auth_check.username)
user = User(
name=username,
hash=bcrypt.hashpw(form.password.data, bcrypt.gensalt()),
mail=form.mail.data,
minecraft_player=player)
user.save()
flash("Registration complete!", category="success")
return redirect(url_for('auth.login'))
return render_template('register_3.html', username=username, form=form, title="Step 3 - Register")
#Is not verified
else:
if request.method == "GET":
return render_template('register_2.html', username=username, title="Waiting... - Step 2 - Register")
else:
abort(405)
def language_upd(call):
lang = call.data.split('_')[1]
User.objects(user_id=call.message.chat.id).update(language=lang)
Storage.language = lang
bot.send_message(call.message.chat.id, MESSAGE_NOTIFICATION[lang]['enter_start'])
def resolve_user(doc):
user = User.objects(minecraft_player=doc.player).first()
if doc.user != user:
doc.user = user
def update_client(update_data, **filters):
response = User.objects(filters).update(**update_data)
return response
def push_measure(self, uuid, measure):
#measure['bmi'] = self.calculate_bmi(measure)
#measure['ffmi'] = self.calculate_ffmi(measure)
response = User.objects(uuid=uuid).update(
push__client__measures=measure)
return response
def get_measure(uuid, date):
query = {'uuid': uuid, 'client.measures': {'$date': date}}
response = User.objects(
uuid=uuid, client__measures__date=date).only('client.measures')
return response
def user_loader(id):
user = User.objects(name__iexact=id).first()
return user
def delete_measure(uuid, date):
response = User.objects(uuid=uuid,
client__measures__date=date).delete()
return response
def get_user(*fields_to_return, **filters):
response = User.objects(**filters).only(*fields_to_return)
return response
def update_user(update_data, **filters):
response = User.objects(**filters).update(**update_data)
return response
def resolve_user(doc):
user = User.objects(minecraft_player=doc.player).first()
if doc.user != user:
doc.user = user
def view_users():
users = User.objects()
print(users)
return 'good'
def delete_user(**filters):
response = User.objects(**filters).delete()
return response
