def load_logged_in_user(): user_id = session.get("user_id") if user_id is None: g.user = None else: g.user = ( get_db().execute("SELECT * FROM user WHERE id = ?", (user_id,)).fetchone() )
def send_emails(): if request.method == "POST": db = get_db() confirm = None error = None try: confirm = request.form["confirm"] except: error = "You must confirm to perform this action." user_list = db.execute( "SELECT * FROM user WHERE match NOT NULL").fetchall() from os import environ try: password = environ["SECRET_SANTA_SMTP_PASS"] except KeyError: error = "Specify password on command line as SECRET_SANTA_SMTP_PASS" if error is None: if confirm is not None: import smtplib, ssl smtp_server = "mail.riseup.net" port = 587 username = "******" sender = "*****@*****.**" context = ssl.create_default_context() try: server = smtplib.SMTP(smtp_server, port) server.starttls(context=context) server.login(username, password) for user in user_list: match = db.execute("SELECT * FROM user WHERE id = ?", (user["match"], )).fetchone() message = """\ From: {}\r\nTo: {}\r\nSubject: Secret Santa Delivery\r\n\r\n Here is your Secret Santa delivery! You are matched with {} {}! :) Visit your Secret Santa account to see their wishlist and more. """.format(sender, user["email"], match["name"], match["surname"]) server.sendmail(sender, user["email"], message) except Exception as e: print(e) finally: server.quit() return redirect(url_for("admin.index")) flash(error) return render_template("admin/send_emails.html")
def start(): if request.method == "POST": db = get_db() confirm = None error = None try: confirm = request.form["confirm"] except: error = "You must confirm to perform this action." user_list = get_db().execute( "SELECT * FROM user WHERE terms = 1").fetchall() if len(user_list) < 3: error = "You must have at least 3 participants to continue." if error is None: if confirm is not None: from random import shuffle shuffle(user_list) pairs = tuple(zip(user_list, user_list[1:] + user_list[:1])) for pair in pairs: db.execute( "UPDATE user SET match = ? WHERE id = ?", (pair[1]["id"], pair[0]["id"]), ) db.commit() return redirect(url_for("admin.index")) flash(error) return render_template("admin/start.html")
def index(): if request.method == "POST": mylist = request.form["mylist"] db = get_db() error = None if error is None: db.execute("UPDATE user SET list = ? WHERE id = ?", (mylist, g.user["id"])) db.commit() return redirect(url_for("mylist.index")) flash(error) return render_template("mylist/index.html")
def index(): if request.method == "POST": name = request.form["name"] surname = request.form["surname"] username = request.form["username"] password = request.form["password"] new_password = request.form["new_password"] db = get_db() error = None if not password: error = "Password is required to update account info." elif not check_password_hash(g.user["password"], password): error = "Incorrect password." # user must enter their password to update info if error is None: if name: db.execute( "UPDATE user SET name = ? WHERE id = ?", (name, g.user["id"]) ) if surname: db.execute( "UPDATE user SET surname = ? WHERE id = ?", (surname, g.user["id"]) ) if username: db.execute( "UPDATE user SET username = ? WHERE id = ?", (username, g.user["id"]), ) if new_password: db.execute( "UPDATE user SET password = ? WHERE id = ?", (generate_password_hash(new_password), g.user["id"]), ) db.commit() return redirect(url_for("account.index")) flash(error) return render_template("account/index.html")
def register(): if request.method == "POST": email = request.form["email"] name = request.form["name"] surname = request.form["surname"] username = request.form["username"] password = request.form["password"] db = get_db() error = None if not name or not surname: error = "Name is required." if not username: error = "Username is required." elif not password: error = "Password is required." elif ( db.execute("SELECT id FROM user WHERE username = ?", (username,)).fetchone() is not None ): error = "User {} is already registered.".format(username) if error is None: db.execute( "INSERT INTO user (email, name, surname, username, password) VALUES (?, ?, ?, ?, ?)", (email, name, surname, username, generate_password_hash(password)), ) db.commit() user = db.execute( "SELECT * FROM user WHERE username = ?", (username,) ).fetchone() session.clear() session["user_id"] = user["id"] return redirect(url_for("auth.login")) flash(error) return render_template("auth/register.html")
def index(): if request.method == "POST": db = get_db() error = None terms = None try: terms = request.form["terms"] except: error = "Must accept terms and conditions to continue." terms = None if error is None: if terms is not None: db.execute("UPDATE user SET terms = ? WHERE id = ?", (1, g.user["id"])) db.commit() return redirect(url_for("index.index")) flash(error) return render_template("signup.html")
def login(): if request.method == "POST": username = request.form["username"] password = request.form["password"] db = get_db() error = None user = db.execute( "SELECT * FROM user WHERE username = ?", (username,) ).fetchone() if user is None: error = "Incorrect username." elif not check_password_hash(user["password"], password): error = "Incorrect password." if error is None: session.clear() session["user_id"] = user["id"] return redirect(url_for("index.index")) flash(error) return render_template("auth/login.html")
def users(): user_list = get_db().execute("SELECT * FROM user") return render_template("admin/users.html", user_list=user_list)
def index(): match = (get_db().execute("SELECT * FROM user WHERE id = ?", (g.user["match"], )).fetchone()) return render_template("match/index.html", match=match)