def handle_put_post(http_server, database_manager, session, account):
template = fetch_template("account/forgotpassword.jinja.htm")
keys = {}
required_keys = ["email"]
post_params = http_server.get_post_parameters()
errors = []
for required_key in required_keys:
if required_key not in post_params or post_params[required_key] == "":
errors.append(required_key)
if len(errors) == 0:
email = post_params["email"]
if validate_email(email) is False:
errors.append("email")
if len(errors) > 0:
for key in errors:
keys["error_{}".format(key)] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
retrieved_account = Account.fetch_by_email(database_manager, email)
if retrieved_account is None:
errors.append("email")
keys["error_email"] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
reset_code = retrieved_account.generate_password_reset_code()
courier = Courier(settings["sendgrid"])
from_email = settings["email"]["from"]["email"]
subject = "Confirm your account"
template_id = "d-4720041c99d548bcba55f02dc9609de7"
substitutions = {"code": reset_code, "email": email}
response = courier.send_template_email(email, from_email, subject,
template_id, substitutions)
if response.status_code != 202:
errors += ["email_delivery"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
retrieved_account.update()
keys["success"] = True
keys["email"] = post_params["email"]
http_server.set_status(200)
http_server.print_headers()
output = template.render(keys)
print(output)
def handle_put_post(http_server, database_manager, session, account):
template = fetch_template("account/signin.jinja.htm")
keys = {}
errors = []
required_keys = ["email", "password"]
post_params = http_server.get_post_parameters()
for required_key in required_keys:
if required_key not in post_params or post_params[required_key] == "":
errors.append(required_key)
if len(errors) == 0:
email = post_params["email"]
password = post_params["password"]
if validate_email(email) is False:
errors.append("email")
if len(errors) > 0:
for key in errors:
keys["error_{}".format(key)] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
account = Account.fetch_by_email_and_password(database_manager, email,
password)
if account is None or account.is_closed == 1:
errors.append("password")
keys["error_password"] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
ip_string = http_server.get_remote_address()
session = Session(database_manager)
session.set_expiration_days_from_now(
settings["login_page"]["session_timeout_days"])
session_slug = session.generate_slug()
session.account_id = account.id
session.ip_address = ip_string
session.slug = session_slug
session.insert()
http_server.set_cookie("session_id", session_slug)
query_parameters = http_server.get_query_parameters()
redirect_location = settings["login_page"]["default_redirect"]
if "redirect" in query_parameters:
redirect_location = query_parameters["redirect"]
http_server.set_status(307)
#http_server.set_header("Location", redirect_location)
http_server.print_headers()
print(
"<!DOCTYPE html><html><meta http-equiv=\"refresh\" content=\"0;URL='/account'\" /><head></head></html>"
)
def handle_get(http_server, database_manager, session, account):
template = fetch_template("account/resetpassword.jinja.htm")
keys = {
"email": "",
"code": ""
}
required_keys = ["email", "code"]
query_params = http_server.get_query_parameters()
errors = []
for required_key in required_keys:
if required_key not in query_params or query_params[required_key] == "":
errors.append(required_key)
if len(errors) == 0:
email = query_params["email"]
reset_code = query_params["code"]
keys["email"] = email
keys["code"] = reset_code
if validate_email(email) is False:
errors.append("email")
if len(errors) > 0:
keys["get_error"] = True
for key in errors:
keys["error_{}".format(key)] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
retrieved_account = Account.fetch_by_email_and_password_reset_code(
database_manager,
email,
reset_code
)
if retrieved_account is None:
errors.append("email")
keys["get_error"] = True
keys["error_email"] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
print(output)
else:
http_server.set_status(200)
http_server.print_headers()
output = template.render(keys)
print(output)
def is_logged_in(self):
http_server = self.http_server
database_manager = self.database_manager
is_logged_in = False
cookie_slug = http_server.get_cookie("session_id")
if cookie_slug is not None:
if self.session is None:
self.session = Session.fetch_by_slug(database_manager,
cookie_slug)
if self.session is not None and self.session.is_expired() is False:
if self.account is None:
self.account = Account.fetch_by_id(database_manager,
self.session.account_id)
if self.account is not None and self.account.is_suspended == 0 and self.account.is_closed == 0:
is_logged_in = True
return is_logged_in
def handle_put_post(http_server, database_manager, session, account):
subscription_plan_template = SubscriptionPlan(database_manager)
subscription_conditions = [{
"column": "is_active",
"equivalence": "=",
"value": 1
}]
subscription_plans = database_manager.fetch_by(subscription_plan_template,
subscription_conditions)
billing_profiles = []
for available_subscription_plan in subscription_plans:
billing_profiles.append({
"slug":
available_subscription_plan.name,
"name":
available_subscription_plan.name.title(),
"amount":
available_subscription_plan.amount,
"currency":
available_subscription_plan.currency,
"allowed_requests_per_month":
available_subscription_plan.allowed_requests_per_month,
"allowed_requests_per_month_printed":
"{:,}".format(
available_subscription_plan.allowed_requests_per_month),
})
template = fetch_template("account/register.jinja.htm")
keys = {
"current_page": "register",
"billing_profiles": billing_profiles,
}
errors = []
required_keys = [
"billing_id",
"email",
"password",
"verify_password",
"phone",
#"g-recaptcha-response"
]
post_params = http_server.get_post_parameters()
if "billing_id" in post_params:
if post_params["billing_id"] != "free":
required_keys += ["stripe_token"]
keys["response"] = post_params
for required_key in required_keys:
if required_key not in post_params or post_params[required_key] == "":
errors.append(required_key)
if len(errors) == 0:
email = post_params["email"]
password = post_params["password"]
verify_password = post_params["verify_password"]
phone = post_params["phone"]
formatted_number = phone
if password != verify_password:
errors.append("verify_password")
#try:
phone_details = phonenumbers.parse(phone, "US")
if phonenumbers.is_valid_number(phone_details) is False:
errors.append("phone")
else:
formatted_number = "+{} {}".format(
phone_details.country_code,
phonenumbers.format_number(
phone_details, phonenumbers.PhoneNumberFormat.NATIONAL))
client = Client(settings["twilio"]["account_sid"],
settings["twilio"]["auth_token"])
twilio_phone_details = client.lookups.phone_numbers(
formatted_number).fetch(type='carrier')
if twilio_phone_details.carrier["error_code"] is not None:
errors.append("phone")
else:
if twilio_phone_details.carrier["type"] == "voip":
errors.append("phone_voip")
#except:
# errors.append("phone")
if validate_email(email) is False:
errors.append("email")
else:
subscription_plan_name = post_params["billing_id"]
subscription_plan = SubscriptionPlan.fetch_by_name(
database_manager, subscription_plan_name)
if subscription_plan is None:
errors.append("billing_id")
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
if len(errors) > 0:
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
is_captcha_valid = True
'''
recaptcha_response = post_params['g-recaptcha-response']
captcha_data = {
"secret": settings["google_recaptcha3"]["secret_key"],
"response": recaptcha_response
}
recaptcha_response = requests.post(
settings["google_recaptcha3"],
data=captcha_data
)
recapcha_json = recaptcha_response.json()
is_captcha_valid = True
if recapcha_json['success']:
is_captcha_valid = True
else:
is_captcha_valid = False
'''
if is_captcha_valid is False:
keys["error_invalid_captcha"] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
is_marketing_ok = False
if "subscribe" in post_params:
if int(post_params["subscribe"]) == 1:
is_marketing_ok = True
keys["is_marketing_ok"] = True
do_continue = True
stripe_source_token = None
stripe_customer_id = None
stripe_subscription_id = None
if subscription_plan.amount > 0:
stripe.api_key = settings["stripe"]["secret_key"]
discount_code = None
stripe_coupon = None
stripe_coupon_id = None
if "discount_code" in post_params:
discount_code = post_params["discount_code"]
try:
stripe_coupon = stripe.Coupon.retrieve(discount_code)
do_continue = True
stripe_coupon_id = stripe_coupon.id
except Exception:
errors += ["discount_code"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
if do_continue is True:
stripe_plan = stripe.Plan.retrieve(
subscription_plan.stripe_id)
# How to acquire stripe tokens
# https://stripe.com/docs/sources/cards
# if "stripe_token" not in post_params:
# raise ApiParamMissingStripeTokenError
stripe_source_token = post_params["stripe_token"]
stripe_customer_description = email
try:
customer = stripe.Customer.create(
description=stripe_customer_description,
source=stripe_source_token)
stripe_customer_id = customer.id
# will throw an exception if it fails. Must catch
subscription = stripe.Subscription.create(
customer=stripe_customer_id,
items=[{
"plan": stripe_plan.id
}],
coupon=stripe_coupon_id)
stripe_subscription_id = subscription.id
except Exception:
errors += ["duplicate_submission"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
do_continue = False
if do_continue is True:
# verify email doesn't already exist
account = Account.fetch_by_email(database_manager, email)
if account is not None:
errors += ["email_taken"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
registration = AccountRegistration.fetch_by_email(
database_manager, email)
if registration is not None:
errors += ["email_taken"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
registration_epoch = datetime.now()
registration = AccountRegistration(database_manager)
registration.email = post_params["email"]
registration.password = post_params["password"]
registration.phone = formatted_number
registration.subscription_plan_id = subscription_plan.id
registration.is_marketing_ok = is_marketing_ok
registration.stripe_source_id = stripe_source_token
registration.stripe_customer_id = stripe_customer_id
registration.stripe_subscription_id = stripe_subscription_id
registration.billing_interval = "monthly"
registration.billing_year = registration_epoch.year
registration.billing_month = registration_epoch.month
registration.billing_day = registration_epoch.day
confirmation_code = registration.generate_confirmation_code(
)
# send confirmation email
courier = Courier(settings["sendgrid"])
from_email = settings["email"]["from"]["email"]
subject = "Confirm your account"
template_id = "d-46d40e8316ba439095fdefb20b171a3e"
substitutions = {"confirm_code": confirmation_code}
response = courier.send_template_email(
email, from_email, subject, template_id,
substitutions)
if response.status_code != 202:
errors += ["email_delivery"]
keys["errors"] = errors
for error in errors:
keys["error_{}".format(error)] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
registration.insert()
template = fetch_template(
"account/register-success.jinja.htm")
keys["email"] = post_params["email"]
http_server.set_status(200)
http_server.print_headers()
output = template.render(keys)
print(output)
def handle_get(http_server, database_manager, session, account):
keys = {
"current_page": "register"
}
template = fetch_template("account/confirm.jinja.htm")
query_parameters = http_server.get_query_parameters()
if "code" not in query_parameters:
keys["no_code_provided"] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
code = query_parameters["code"]
registration = AccountRegistration.fetch_by_confirmation_code(
database_manager,
code
)
if registration is None:
keys["invalid_code"] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
existing_account = Account.fetch_by_from_registration_id(
database_manager,
registration.id
)
if existing_account is not None:
keys["already_confirmed"] = True
output = template.render(keys)
# http_server.set_status(400)
http_server.print_headers()
print(output)
else:
account = Account.from_registration(registration)
account.insert()
if account.id is None or account.id < 1:
account = Account.fetch_by_from_registration_id(
database_manager,
registration.id
)
subscription = SubscriptionPlan.fetch_by_id(
database_manager,
account.subscription_plan_id
)
if subscription is None:
subscription = SubscriptionPlan.fetch_by_name(
database_manager,
"free"
)
new_api_key = ApiKey(database_manager)
new_api_key.generate_key()
new_api_key.generate_secret()
new_api_key.account_id = account.id
new_api_key.update_plan(subscription)
new_api_key.insert()
# log in
ip_string = http_server.get_remote_address()
session = Session(database_manager)
session.set_expiration_days_from_now(
settings["confirm_page"]["session_timeout_days"]
)
session_slug = session.generate_slug()
session.account_id = account.id
session.ip_address = ip_string
session.slug = session_slug
session.insert()
http_server.set_cookie("session_id", session_slug)
output = template.render(keys)
http_server.print_headers()
print(output)
def handle_put_post(http_server, database_manager, session, account):
if account.is_phone_verified != 1:
redirect_to_phone_confirmation(http_server, database_manager, session,
account)
else:
template = fetch_template("account/password.jinja.htm")
keys = {
'current_page': "password",
}
required_keys = ["old_password", "new_password", "verify_new_password"]
post_params = http_server.get_post_parameters()
errors = []
for required_key in required_keys:
if required_key not in post_params or post_params[
required_key] == "":
errors.append(required_key)
if len(errors) == 0:
# verify email
old_password = post_params["old_password"]
new_password = post_params["new_password"]
verify_new_password = post_params["verify_new_password"]
if new_password != verify_new_password:
errors.append("error_verify_new_password")
if len(errors) > 0:
for key in errors:
keys["error_{}".format(key)] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
#print(keys)
print(output)
else:
retrieved_account = Account.fetch_by_email_and_password(
database_manager, account.email, old_password)
if retrieved_account is None:
errors.append("old_password")
keys["error_old_password"] = True
output = template.render(keys)
http_server.set_status(400)
http_server.print_headers()
#print(old_password)
#print(new_password)
#print(verify_new_password)
print(output)
else:
retrieved_account.password = new_password
retrieved_account.update()
keys["password_updated"] = True
output = template.render(keys)
http_server.print_headers()
#print(old_password)
#print(new_password)
#print(verify_new_password)
#print(alerts)
#print(keys)
print(output)