def handle_put_post(http_server, database_manager, session, account): template = fetch_template("account/forgotpassword.jinja.htm") keys = {} required_keys = ["email"] post_params = http_server.get_post_parameters() errors = [] for required_key in required_keys: if required_key not in post_params or post_params[required_key] == "": errors.append(required_key) if len(errors) == 0: email = post_params["email"] if validate_email(email) is False: errors.append("email") if len(errors) > 0: for key in errors: keys["error_{}".format(key)] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: retrieved_account = Account.fetch_by_email(database_manager, email) if retrieved_account is None: errors.append("email") keys["error_email"] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: reset_code = retrieved_account.generate_password_reset_code() courier = Courier(settings["sendgrid"]) from_email = settings["email"]["from"]["email"] subject = "Confirm your account" template_id = "d-4720041c99d548bcba55f02dc9609de7" substitutions = {"code": reset_code, "email": email} response = courier.send_template_email(email, from_email, subject, template_id, substitutions) if response.status_code != 202: errors += ["email_delivery"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: retrieved_account.update() keys["success"] = True keys["email"] = post_params["email"] http_server.set_status(200) http_server.print_headers() output = template.render(keys) print(output)
def handle_put_post(http_server, database_manager, session, account): template = fetch_template("account/signin.jinja.htm") keys = {} errors = [] required_keys = ["email", "password"] post_params = http_server.get_post_parameters() for required_key in required_keys: if required_key not in post_params or post_params[required_key] == "": errors.append(required_key) if len(errors) == 0: email = post_params["email"] password = post_params["password"] if validate_email(email) is False: errors.append("email") if len(errors) > 0: for key in errors: keys["error_{}".format(key)] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: account = Account.fetch_by_email_and_password(database_manager, email, password) if account is None or account.is_closed == 1: errors.append("password") keys["error_password"] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: ip_string = http_server.get_remote_address() session = Session(database_manager) session.set_expiration_days_from_now( settings["login_page"]["session_timeout_days"]) session_slug = session.generate_slug() session.account_id = account.id session.ip_address = ip_string session.slug = session_slug session.insert() http_server.set_cookie("session_id", session_slug) query_parameters = http_server.get_query_parameters() redirect_location = settings["login_page"]["default_redirect"] if "redirect" in query_parameters: redirect_location = query_parameters["redirect"] http_server.set_status(307) #http_server.set_header("Location", redirect_location) http_server.print_headers() print( "<!DOCTYPE html><html><meta http-equiv=\"refresh\" content=\"0;URL='/account'\" /><head></head></html>" )
def handle_get(http_server, database_manager, session, account): template = fetch_template("account/resetpassword.jinja.htm") keys = { "email": "", "code": "" } required_keys = ["email", "code"] query_params = http_server.get_query_parameters() errors = [] for required_key in required_keys: if required_key not in query_params or query_params[required_key] == "": errors.append(required_key) if len(errors) == 0: email = query_params["email"] reset_code = query_params["code"] keys["email"] = email keys["code"] = reset_code if validate_email(email) is False: errors.append("email") if len(errors) > 0: keys["get_error"] = True for key in errors: keys["error_{}".format(key)] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: retrieved_account = Account.fetch_by_email_and_password_reset_code( database_manager, email, reset_code ) if retrieved_account is None: errors.append("email") keys["get_error"] = True keys["error_email"] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() print(output) else: http_server.set_status(200) http_server.print_headers() output = template.render(keys) print(output)
def is_logged_in(self): http_server = self.http_server database_manager = self.database_manager is_logged_in = False cookie_slug = http_server.get_cookie("session_id") if cookie_slug is not None: if self.session is None: self.session = Session.fetch_by_slug(database_manager, cookie_slug) if self.session is not None and self.session.is_expired() is False: if self.account is None: self.account = Account.fetch_by_id(database_manager, self.session.account_id) if self.account is not None and self.account.is_suspended == 0 and self.account.is_closed == 0: is_logged_in = True return is_logged_in
def handle_put_post(http_server, database_manager, session, account): subscription_plan_template = SubscriptionPlan(database_manager) subscription_conditions = [{ "column": "is_active", "equivalence": "=", "value": 1 }] subscription_plans = database_manager.fetch_by(subscription_plan_template, subscription_conditions) billing_profiles = [] for available_subscription_plan in subscription_plans: billing_profiles.append({ "slug": available_subscription_plan.name, "name": available_subscription_plan.name.title(), "amount": available_subscription_plan.amount, "currency": available_subscription_plan.currency, "allowed_requests_per_month": available_subscription_plan.allowed_requests_per_month, "allowed_requests_per_month_printed": "{:,}".format( available_subscription_plan.allowed_requests_per_month), }) template = fetch_template("account/register.jinja.htm") keys = { "current_page": "register", "billing_profiles": billing_profiles, } errors = [] required_keys = [ "billing_id", "email", "password", "verify_password", "phone", #"g-recaptcha-response" ] post_params = http_server.get_post_parameters() if "billing_id" in post_params: if post_params["billing_id"] != "free": required_keys += ["stripe_token"] keys["response"] = post_params for required_key in required_keys: if required_key not in post_params or post_params[required_key] == "": errors.append(required_key) if len(errors) == 0: email = post_params["email"] password = post_params["password"] verify_password = post_params["verify_password"] phone = post_params["phone"] formatted_number = phone if password != verify_password: errors.append("verify_password") #try: phone_details = phonenumbers.parse(phone, "US") if phonenumbers.is_valid_number(phone_details) is False: errors.append("phone") else: formatted_number = "+{} {}".format( phone_details.country_code, phonenumbers.format_number( phone_details, phonenumbers.PhoneNumberFormat.NATIONAL)) client = Client(settings["twilio"]["account_sid"], settings["twilio"]["auth_token"]) twilio_phone_details = client.lookups.phone_numbers( formatted_number).fetch(type='carrier') if twilio_phone_details.carrier["error_code"] is not None: errors.append("phone") else: if twilio_phone_details.carrier["type"] == "voip": errors.append("phone_voip") #except: # errors.append("phone") if validate_email(email) is False: errors.append("email") else: subscription_plan_name = post_params["billing_id"] subscription_plan = SubscriptionPlan.fetch_by_name( database_manager, subscription_plan_name) if subscription_plan is None: errors.append("billing_id") keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True if len(errors) > 0: output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: is_captcha_valid = True ''' recaptcha_response = post_params['g-recaptcha-response'] captcha_data = { "secret": settings["google_recaptcha3"]["secret_key"], "response": recaptcha_response } recaptcha_response = requests.post( settings["google_recaptcha3"], data=captcha_data ) recapcha_json = recaptcha_response.json() is_captcha_valid = True if recapcha_json['success']: is_captcha_valid = True else: is_captcha_valid = False ''' if is_captcha_valid is False: keys["error_invalid_captcha"] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: is_marketing_ok = False if "subscribe" in post_params: if int(post_params["subscribe"]) == 1: is_marketing_ok = True keys["is_marketing_ok"] = True do_continue = True stripe_source_token = None stripe_customer_id = None stripe_subscription_id = None if subscription_plan.amount > 0: stripe.api_key = settings["stripe"]["secret_key"] discount_code = None stripe_coupon = None stripe_coupon_id = None if "discount_code" in post_params: discount_code = post_params["discount_code"] try: stripe_coupon = stripe.Coupon.retrieve(discount_code) do_continue = True stripe_coupon_id = stripe_coupon.id except Exception: errors += ["discount_code"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) if do_continue is True: stripe_plan = stripe.Plan.retrieve( subscription_plan.stripe_id) # How to acquire stripe tokens # https://stripe.com/docs/sources/cards # if "stripe_token" not in post_params: # raise ApiParamMissingStripeTokenError stripe_source_token = post_params["stripe_token"] stripe_customer_description = email try: customer = stripe.Customer.create( description=stripe_customer_description, source=stripe_source_token) stripe_customer_id = customer.id # will throw an exception if it fails. Must catch subscription = stripe.Subscription.create( customer=stripe_customer_id, items=[{ "plan": stripe_plan.id }], coupon=stripe_coupon_id) stripe_subscription_id = subscription.id except Exception: errors += ["duplicate_submission"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) do_continue = False if do_continue is True: # verify email doesn't already exist account = Account.fetch_by_email(database_manager, email) if account is not None: errors += ["email_taken"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: registration = AccountRegistration.fetch_by_email( database_manager, email) if registration is not None: errors += ["email_taken"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: registration_epoch = datetime.now() registration = AccountRegistration(database_manager) registration.email = post_params["email"] registration.password = post_params["password"] registration.phone = formatted_number registration.subscription_plan_id = subscription_plan.id registration.is_marketing_ok = is_marketing_ok registration.stripe_source_id = stripe_source_token registration.stripe_customer_id = stripe_customer_id registration.stripe_subscription_id = stripe_subscription_id registration.billing_interval = "monthly" registration.billing_year = registration_epoch.year registration.billing_month = registration_epoch.month registration.billing_day = registration_epoch.day confirmation_code = registration.generate_confirmation_code( ) # send confirmation email courier = Courier(settings["sendgrid"]) from_email = settings["email"]["from"]["email"] subject = "Confirm your account" template_id = "d-46d40e8316ba439095fdefb20b171a3e" substitutions = {"confirm_code": confirmation_code} response = courier.send_template_email( email, from_email, subject, template_id, substitutions) if response.status_code != 202: errors += ["email_delivery"] keys["errors"] = errors for error in errors: keys["error_{}".format(error)] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: registration.insert() template = fetch_template( "account/register-success.jinja.htm") keys["email"] = post_params["email"] http_server.set_status(200) http_server.print_headers() output = template.render(keys) print(output)
def handle_get(http_server, database_manager, session, account): keys = { "current_page": "register" } template = fetch_template("account/confirm.jinja.htm") query_parameters = http_server.get_query_parameters() if "code" not in query_parameters: keys["no_code_provided"] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: code = query_parameters["code"] registration = AccountRegistration.fetch_by_confirmation_code( database_manager, code ) if registration is None: keys["invalid_code"] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: existing_account = Account.fetch_by_from_registration_id( database_manager, registration.id ) if existing_account is not None: keys["already_confirmed"] = True output = template.render(keys) # http_server.set_status(400) http_server.print_headers() print(output) else: account = Account.from_registration(registration) account.insert() if account.id is None or account.id < 1: account = Account.fetch_by_from_registration_id( database_manager, registration.id ) subscription = SubscriptionPlan.fetch_by_id( database_manager, account.subscription_plan_id ) if subscription is None: subscription = SubscriptionPlan.fetch_by_name( database_manager, "free" ) new_api_key = ApiKey(database_manager) new_api_key.generate_key() new_api_key.generate_secret() new_api_key.account_id = account.id new_api_key.update_plan(subscription) new_api_key.insert() # log in ip_string = http_server.get_remote_address() session = Session(database_manager) session.set_expiration_days_from_now( settings["confirm_page"]["session_timeout_days"] ) session_slug = session.generate_slug() session.account_id = account.id session.ip_address = ip_string session.slug = session_slug session.insert() http_server.set_cookie("session_id", session_slug) output = template.render(keys) http_server.print_headers() print(output)
def handle_put_post(http_server, database_manager, session, account): if account.is_phone_verified != 1: redirect_to_phone_confirmation(http_server, database_manager, session, account) else: template = fetch_template("account/password.jinja.htm") keys = { 'current_page': "password", } required_keys = ["old_password", "new_password", "verify_new_password"] post_params = http_server.get_post_parameters() errors = [] for required_key in required_keys: if required_key not in post_params or post_params[ required_key] == "": errors.append(required_key) if len(errors) == 0: # verify email old_password = post_params["old_password"] new_password = post_params["new_password"] verify_new_password = post_params["verify_new_password"] if new_password != verify_new_password: errors.append("error_verify_new_password") if len(errors) > 0: for key in errors: keys["error_{}".format(key)] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() #print(keys) print(output) else: retrieved_account = Account.fetch_by_email_and_password( database_manager, account.email, old_password) if retrieved_account is None: errors.append("old_password") keys["error_old_password"] = True output = template.render(keys) http_server.set_status(400) http_server.print_headers() #print(old_password) #print(new_password) #print(verify_new_password) print(output) else: retrieved_account.password = new_password retrieved_account.update() keys["password_updated"] = True output = template.render(keys) http_server.print_headers() #print(old_password) #print(new_password) #print(verify_new_password) #print(alerts) #print(keys) print(output)