def register():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
email = request.form.get("email")
description = request.form.get("description")
avatar = request.files.get("avatar")
state = user_repo.create_user(username, password, email, description,
avatar.stream.read())
if state is True:
session["logged_in"] = True
session["username"] = username
session[username] = user_repo.get_password_hash(username)
email_utils.send_verification_email(
email,
user_repo.get_user_query_object(
username).get_activation_code())
return redirect("/register?verify")
return render_template("register.html", error=state)
if "verify" in request.args:
if not user_repo.check_verified(session.get("username")):
return render_template("register.html", verify=True)
abort(StopCodes.ClientError.NotFound)
if "sendAgain" in request.args:
if not user_repo.check_verified(session.get("username")):
user = user_repo.get_user_query_object(session.get("username"))
email_utils.send_verification_email(user.get_email(),
user.get_activation_code())
return render_template("register.html", verify=True)
abort(StopCodes.ClientError.NotFound)
return render_template("register.html")
def login():
if request.method == "POST":
if "reset_password" in request.form:
if request.form.get(
"reset") in temp_db.data["user_password_resets"]:
username = temp_db.data["user_password_resets"][
request.form.get("reset")]
user_repo.set_password(username,
request.form.get("reset_password"))
session["logged_in"] = True
session["username"] = username
session[username] = user_repo.get_password_hash(username)
temp_db.data["user_password_resets"].pop(
request.form.get("reset"), None)
return redirect("/")
abort(StopCodes.ClientError.NotFound)
if "reset_password" in request.args:
if user_repo.user_exists(request.form.get("username")):
code = str(uuid.uuid4()).replace("-", "5c74e68")
email_utils.send_user_password_reset_email(
user_repo.get_user_query_object(
request.form.get("username")).get_email(), code)
temp_db.data["user_password_resets"][code] = request.form.get(
"username")
return api_utils.craft_response({"successful": True}, 200)
return api_utils.craft_response({"successful": False}, 200)
redirection = request.args.get("goto_confirm") or "/"
username = request.form.get("username")
password = request.form.get("password")
remember = request.form.get("remember")
state = user_repo.check_user_password(username, password)
if state:
if not user_repo.check_verified(username):
return render_template("login.html", non_verified=True)
session["logged_in"] = True
session["username"] = username
session[username] = user_repo.get_password_hash(username)
session.permanent = remember == "on"
if not user_repo.get_user_query_object(username).get_suspended():
return redirect(redirection)
return render_template("suspended.html")
return make_response(
render_template("login.html", error="Wrong username or password"),
StopCodes.ClientError.Unauthorized)
if "reset" in request.args:
if request.args.get("reset") in temp_db.data["user_password_resets"]:
return render_template("login.html",
_reset=request.args.get("reset"))
abort(StopCodes.ClientError.NotFound)
return render_template("login.html",
redirect=request.args.get("goto_confirm") or "/")
def user_info():
if request.method == "POST":
if not manage_permissions(session.get("username")):
return abort(StopCodes.ClientError.Unauthorized)
if "suspend_user" in request.form:
user_repo.suspend_user(request.form.get("suspend_user"),
request.form.get("suspend_until"),
request.form.get("suspend_message"))
if "un_suspend_user" in request.form:
user_repo.del_suspend_user(request.form.get("un_suspend_user"))
if "delete_user" in request.form:
user_repo.delete_user(request.form.get("delete_user"))
if "switch_admin" in request.form:
user_repo.switch_admin(request.form.get("switch_admin"))
return api_utils.empty_success()
if "avatar" in request.args:
return user_repo.get_user_query_object(
request.args.get("avatar")).get_avatar(html=True)
if "get_plugins" in request.args:
return api_utils.craft_response(
kelp_plugin_repo.get_paginated_plugins_by_user(
request.args.get("username") or session.get("username"),
int(request.args.get("page")),
int(request.args.get("amount"))), StopCodes.Success.OK)
if "get_extensions" in request.args:
return api_utils.craft_response(
kelp_module_repo.get_paginated_modules_by_user(
request.args.get("username") or session.get("username"),
int(request.args.get("page")),
int(request.args.get("amount"))), StopCodes.Success.OK)
def processor():
dictionary = dict(
account=None,
user=None,
app=dict(host=application_host,
name=application_name,
version=application_version,
url=application_url),
web_loader=dict(code_snipptes=web_preloader.code_snippets),
py={
"len": len,
"zip": zip,
"round": round,
"datetime": datetime,
"utils": {
"string": string_utils
}
})
if session.get("logged_in") and session.get("username") is not None:
username = session.get("username")
if user_repo.check_user_passwordhash(username, session[username]):
dictionary["account"] = username
dictionary["user"] = user_repo.get_user_query_object(username)
else:
return redirect("/login")
return dictionary
def user(username):
if not user_repo.user_exists(username):
abort(404)
if username == session.get("username"):
return redirect("/profile")
return render_template("user/user_profile.html",
profile=user_repo.get_user_query_object(username))
def user_report(username):
if request.method == "POST":
if "description" in request.form:
try:
user_repo.create_user_report(username, session.get("username"),
request.form.get("description"),
request.form.get("type"))
except IntegrityError:
return render_template(
"user/user_report.html",
success="You already reported this user!")
return render_template("user/user_report.html", success=True)
return render_template("user/user_report.html",
types=configuration.user_report_types,
profile=user_repo.get_user_query_object(username))
def profile():
return render_template("user/user_profile.html",
profile=user_repo.get_user_query_object(
session.get("username")))