def login(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = LoginForm() if form.validate_on_submit(): mongo_lock.acquire() user = User.objects(username=form.username.data).first() mongo_lock.release() if user is not None and bcrypt.check_password_hash( user.password, form.password.data): login_user(user) return redirect(url_for('users.account')) else: flash('Login failed. Check your username and/or password') return redirect(url_for('users.login')) return render_template('login.html', title='Login', form=form)
def account(): username_form = UpdateUsernameForm() if username_form.validate_on_submit(): # current_user.username = username_form.username.data mongo_lock.acquire() current_user.modify(username=username_form.username.data) current_user.save() mongo_lock.release() return redirect(url_for('users.account')) mongo_lock.acquire() user = User.objects(username=current_user.username).first() mongo_lock.release() return render_template("account.html", title="Account", username_form=username_form, user=user)
def user_detail(username): mongo_lock.acquire() user = User.objects(username=username).first() comments = Comment.objects(commenter=user) mongo_lock.release() if (user == None): return render_template('user_detail.html', error_msg=f'User {username} not found.') mongo_lock.acquire() game_subscriptions = User.objects( username=user.username).first().game_subscriptions mongo_lock.release() return render_template('user_detail.html', username=username, comments=comments, client=sport_client, game_subscriptions=game_subscriptions)
def register(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = RegistrationForm() if form.validate_on_submit(): hashed = bcrypt.generate_password_hash( form.password.data).decode("utf-8") mongo_lock.acquire() user = User(username=form.username.data, email=form.email.data, phone_number='+' + str(form.phone.data), password=hashed) user.save() mongo_lock.release() session['new_username'] = user.username return redirect(url_for('users.tfa')) return render_template('register.html', title='Register', form=form)
def qr_code(): if 'new_username' not in session: return redirect(url_for('main.home')) mongo_lock.acquire() user = User.objects(username=session['new_username']).first() mongo_lock.release() session.pop('new_username') uri = pyotp.totp.TOTP(user.otp_secret).provisioning_uri( name=user.username, issuer_name='CMSC388J-2FA') img = qrcode.make(uri, image_factory=svg.SvgPathImage) stream = io.BytesIO() img.save(stream) headers = { 'Content-Type': 'image/svg+xml', 'Cache-Control': 'no-cache, no-store, must-revalidate', 'Pragma': 'no-cache', 'Expires': '0' # Expire immediately, so browser has to reverify everytime } return stream.getvalue(), headers
def game_detail(game_id): result = sport_client.getEventByID(game_id) if type(result) == dict: return render_template( 'game_detail.html', error_msg=f'{result["Error"]}. Game ID {game_id}') subscription_form = NotificationSubscriptionForm() unsubscription_form = NotificationUnsubscriptionForm() comment_form = GameCommentForm() if comment_form.validate_on_submit(): comment = Comment( commenter=load_user(current_user.username), content=comment_form.text.data, date=current_time(), game_id=game_id, ) mongo_lock.acquire() comment.save() mongo_lock.release() return redirect(request.path) subscribed = False mongo_lock.acquire() if current_user.is_authenticated and User.objects( username=current_user.username).first().game_subscriptions.count( int(game_id)) is not 0: subscribed = True mongo_lock.release() if subscribed and unsubscription_form.validate_on_submit(): mongo_lock.acquire() user = User.objects(username=current_user.username).first() new_subscriptions = user.game_subscriptions new_subscriptions.remove(int(game_id)) current_user.modify(game_subscriptions=new_subscriptions) mongo_lock.release() return redirect(request.path) if not subscribed and subscription_form.validate_on_submit(): mongo_lock.acquire() user = User.objects(username=current_user.username).first() current_user.modify(game_subscriptions=user.game_subscriptions + [game_id]) mongo_lock.release() return redirect(request.path) mongo_lock.acquire() comments_m = Comment.objects(game_id=game_id) mongo_lock.release() comments = [] for r in comments_m: comments.append({ 'date': r.date, 'username': r.commenter.username, 'content': r.content, }) return render_template('game_detail.html', comment_form=comment_form, game=result, comments=comments, subscription_form=subscription_form, unsubscription_form=unsubscription_form, subscribed=subscribed)