Example #1
0
def register():
    header_text = 'Register'
    error = None
    username = ""

    if request.method == 'POST':
        username = get_request_field_data('username')
        password = get_request_field_data('password')
        confirm_password = get_request_field_data('password_confirm')
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif password != confirm_password:
            error = 'Passwords do not match.'
        elif len(username) > 15:
            error = 'Username MAX 15 characters'
        elif select_query.get_user_id(username) is not None:
            error = '{} Taken.'.format(username)

        if error is None:
            insert_query.create_user(username,
                                     generate_password_hash(password))
            session.clear()
            session['user_id'] = select_query.get_user_id(username)
            return redirect(url_for('auth.register_tos'))

        flash(error)

    return render_template('auth/register.html',
                           header_text=header_text,
                           error_msg=error,
                           username=username)
Example #2
0
def admin_remove_user():
    if not is_admin():
        return not_admin_redirect()
    if request.method != 'POST':
        return '400'

    user_id = get_request_field_data('user_id')
    Logger().log("Deleting user with id=" + str(user_id))

    delete_query.delete_user(user_id)

    characters = select_query.get_char_id(user_id)

    for c in characters:
        char_id = c['Character_ID']

        delete_query.delete_character_abilites(char_id)
        delete_query.delete_character_skill(char_id)
        delete_query.delete_character_inventory(char_id)

    delete_query.delete_users_characters(user_id)
    delete_query.delete_login_attempts(user_id)
    delete_query.delete_users_notifications(user_id)

    return '200'
Example #3
0
def make_user_admin():
    if not is_admin():
        return not_admin_redirect()

    if request.method != 'POST':
        return '400'

    user_id = get_request_field_data('user_id')

    update_query.change_user_admin_status(user_id, True)
    Logger().log("User with id=" + str(user_id) + " is now admin")

    return '200'
Example #4
0
def admin_creationKit_add_submit():
    if not is_admin():
        return not_admin_redirect()
    if request.method == 'POST':
        _new_name = get_request_field_data("name")
        name_check = select_query.get_item_id_from_name(_new_name)

        if name_check is not None:
            # Name already exist
            Logger().error("Item name," + _new_name + " , is already taken.")
            return '[TODO: Change this later]\n\nItem name already exist... Please go back and try again.'

        full_dir_name = os.path.join(current_app.config['IMAGE_UPLOAD'],
                                     "items")
        creationKit_helper("INSERT", full_dir_name)
        item_id = select_query.get_item_id_from_name(_new_name)
        update_item_image(
            item_id, full_dir_name,
            select_query.select_item_picture_name(item_id)["Item_Picture"])

        return redirect(url_for('admin.admin_creationKit'))
Example #5
0
def login():
    header_text = 'Leone'
    tries_remaining = 0
    unlockout_time = {}
    error = None

    if request.method == 'POST':
        username = get_request_field_data('username')
        password = get_request_field_data('password')
        user = select_query.select_user_data(username)

        if user is not None:

            timeout_time_minutes = 10

            if account_tries_remaining(
                    user['User_ID']) < 1 and is_attempt_within_range(
                        user['User_ID'], timeout_time_minutes):
                # Accout locked
                # TODO: clean up
                tries_remaining = 0
                lockout_time = get_lockout_time(user['User_ID'])
                time_until_unlocked = (
                    (datetime.timedelta(minutes=timeout_time_minutes) +
                     lockout_time) - datetime.datetime.utcnow())
                time_until_unlocked_minutes = math.trunc(
                    time_until_unlocked.seconds / 60)
                time_until_unlocked_seconds = time_until_unlocked.seconds % 60
                unlockout_time = {
                    'Minutes': time_until_unlocked_minutes,
                    'Seconds': time_until_unlocked_seconds
                }
                error = 'Account Locked'
            elif not check_password_hash(user['Password'], password):
                error = 'Incorrect password'
                tries_remaining = add_account_try(
                    user['User_ID'], timeout_time_minutes)['tries_remaining']
        else:
            error = 'Incorrect login'

        if error is None:
            session.clear()
            session['user_id'] = user['User_ID']

            # Check for TOS agreement
            has_agreed_tos = select_query.get_has_agreed_to_tos(
                session['user_id'])
            if has_agreed_tos < 1:
                # User has not agreed
                return redirect(url_for('auth.register_tos'))

            # Check for is verified
            if user['Is_Verified'] < 1:
                return render_template('auth/not_verified.html',
                                       header_text=header_text,
                                       inner_text=None)

            return redirect(url_for('home'))

        flash(error)

    site_notifications = select_query.select_site_notifications()
    if site_notifications is None or len(site_notifications) < 1:
        site_notifications = None

    return render_template('auth/login.html',
                           header_text=header_text,
                           error_msg=error,
                           tries_remaining=tries_remaining,
                           unlockout_time=unlockout_time,
                           site_notification=site_notifications)
Example #6
0
def creationKit_helper(query_type, image_save_dir):
    query_types = ("UPDATE", "INSERT")

    if query_type not in query_types:
        Logger().error("Invaild query type")
        raise Exception("Invaild query type.")

    if query_type == query_types[1]:
        slot_id = select_query.get_slot_id_from_name(
            get_request_field_data('slot'))
        if slot_id is None:
            Logger().error("Invaild slot")
            raise Exception('Not a valid slot')

        slot_id = int(slot_id)
    elif query_type == query_types[0]:
        slot_id = select_query.select_item_fields(
            convert_form_field_data_to_int('id'), ("Item_Slot", ))["Item_Slot"]

    rarity_id = select_query.get_rarity_id_from_name(
        get_request_field_data('rarity'))
    if rarity_id is None:
        Logger().error("Invaild rarity")
        raise Exception('Not a valid rarity')

    rarity_id = int(rarity_id)

    effect1_val = get_request_field_data('effect1')
    effect2_val = get_request_field_data('effect2')

    if effect1_val == 'OTHER':
        effect1_val = get_request_field_data('effect1_name')
        create_new_effect(effect1_val,
                          get_request_field_data('effect1_description'))

    if effect2_val == 'OTHER':
        effect2_val = get_request_field_data('effect2_name')
        create_new_effect(effect2_val,
                          get_request_field_data('effect2_description'))

    effect1_id = select_query.select_effect_id_from_name(effect1_val)
    if effect1_id is None:
        effect1_id = -1
    else:
        effect1_id = int(effect1_id['Effect_ID'])

    effect2_id = select_query.select_effect_id_from_name(effect2_val)
    if effect2_id is None:
        effect2_id = -1
    else:
        effect2_id = int(effect2_id['Effect_ID'])

    query_data = {
        "Item_Name": str(get_request_field_data('name')),
        "Item_Description": str(get_request_field_data('description')),
        "Item_Slot": slot_id,
        "Rarity_ID": rarity_id,
        "Item_Weight": convert_form_field_data_to_int('weight'),
        "Item_Str_Bonus": convert_form_field_data_to_int('str_bonus'),
        "Item_Dex_Bonus": convert_form_field_data_to_int('dex_bonus'),
        "Item_Con_Bonus": convert_form_field_data_to_int('con_bonus'),
        "Item_Int_Bonus": convert_form_field_data_to_int('int_bonus'),
        "Item_Wis_Bonus": convert_form_field_data_to_int('wis_bonus'),
        "Item_Cha_Bonus": convert_form_field_data_to_int('cha_bonus'),
        "Item_Effect1": effect1_id,
        "Item_Effect2": effect2_id,
        "Item_Attack_Bonus": convert_form_field_data_to_int('bonus_damage'),
        #"Item_Initiative_Bonus" : convert_form_field_data_to_int('initiative_bonus'),
        "Item_Health_Bonus": convert_form_field_data_to_int('health_bonus'),
        "Item_AC_Bonus": convert_form_field_data_to_int('ac_bonus'),
        "Item_Damage_Num_Of_Dices": convert_form_field_data_to_int('dnof'),
        "Item_Damage_Num_Of_Dice_Sides":
        convert_form_field_data_to_int('dnofs'),
        "Wield_Str": convert_form_field_data_to_int('wield_str'),
        "Wield_Dex": convert_form_field_data_to_int('wield_dex'),
        "Wield_Wis": convert_form_field_data_to_int('wield_wis'),
        "Wield_Int": convert_form_field_data_to_int('wield_int')
    }

    saved_filename = None
    if 'picture' in request.files:
        new_img = request.files['picture']
        saved_filename = ImageHandler().save_image(new_img, image_save_dir,
                                                   "temp_item")

    # if image is empty on update item, don't change the image.
    # on new items, if no image is supplied set image as default
    if query_type == query_types[1]:
        if saved_filename is None:
            saved_filename = "no_image.png"

        query_data["Item_Picture"] = saved_filename
    elif query_type == query_types[0]:
        if saved_filename is not None:
            query_data["Item_Picture"] = saved_filename

    if query_type == query_types[0]:
        return update_query.update_item(query_data,
                                        convert_form_field_data_to_int('id'))
    elif query_type == query_types[1]:
        return insert_query.insert("Items", query_data)