def register():
form = RegistForm()
if form.validate_on_submit():
data = form.data
account = data['account']
pwd = generate_password_hash(data['pwd']),
miners = data['miners']
username = Accounts.query.filter_by(username=account).first()
if not username:
username = Accounts(
username=account,
pass_hash=pwd,
miners=miners,
)
username.pass_hash = pwd
username.miners = miners
db.session.add(username)
db.session.commit()
token = generate_confirmation_token(data['account'])
confirm_url = url_for('home.confirm_email',
token=token,
_external=True)
subject = "Ethos注册激活验证"
send_email(data['account'], subject, confirm_url)
session['user'] = data['account']
session['confirmed'] = 0
return redirect(url_for("home.login", error='激活邮件已发送,请激活邮箱后登陆!'))
return render_template('home/register.html', form=form)
def before_request():
# make sure this is all appropriate. especially g.today
if current_user.is_authenticated:
g.accounts = Accounts.view_all_accounts()
g.account_abc = Accounts.get_account_alphabet(g.accounts)
g.students = Students.view_all_students()
g.student_abc = Students.get_student_alphabet(g.students)
g.today = datetime.utcnow()
def load_all_accounts(current_user):
if int(current_user.type) != User.Type.admin or int(
current_user.type) != User.Type.bank_teller:
return response('unauthorised', 'Cannot perform operation', 401)
all_accounts = Accounts.get_all()
result = account_schema.dump(all_accounts)
return jsonify(result.data)
def generate_account_number():
account_numbers = Accounts.get_all()
rand_account_number = random.randint(10000000000, 10000039999)
if rand_account_number not in account_numbers:
new_account_number = '11' + f'{rand_account_number}'
return new_account_number
else:
return generate_account_number()
def get_account(current_user, account_id):
if int(current_user.type) != User.Type.admin or int(
current_user.type) != User.Type.bank_teller:
user_account = Accounts.get_user_account(current_user.id)
result = account_schema.dump(user_account)
return jsonify(result.data)
else:
account = Accounts.query.filter_by(id=account_id)
result = account_schema.dump(account)
return jsonify(result.data)
def test_should_access_return_status_200_when_account_exists(self, client, db):
account = Accounts(name='microsoft',
login='******',
password='******')
db.session.add(account)
db.session.commit()
response = client.get('/accounts/1', follow_redirects=True)
assert 200 == response.status_code
def register():
# query if the user exists
user = User.query.filter_by(email=request.json.get('email')).first()
if not user:
try:
post_data = request.json
# register the user
email = post_data.get('email')
firstname = post_data.get('firstname')
lastname = post_data.get('lastname')
password = post_data.get('password')
id_type = post_data.get('id_type')
id_number = post_data.get('id_number')
phone_number = post_data.get('phone_number')
user = User(email=email,
firstname=firstname,
lastname=lastname,
password=password,
id_type=id_type,
id_number=id_number,
phone_number=phone_number)
user.save()
account_name = firstname + ' ' + lastname
account = Accounts(user_id=user.id,
account_name=account_name,
account_number=generate_account_number())
account.save()
return response('success', 'account created', 201)
except Exception as e:
#In case of any errors, return a String message containing the error
result = {'message': str(e)}
return make_response(jsonify(result)), 401
else:
# User is Already in the database so we do not want to register them twice
return response('Already exists', 'Please Login', 202)
def index():
form = CreateAccount()
if form.validate_on_submit():
try:
account = Accounts(nickname=form.nickname.data,
email=form.email.data)
db.session.add(account)
db.session.commit()
except BaseException as e:
flash(f"An error occurred: {e}")
return render_template("create_account.html", form=form)
flash(
f"Account created for nickname {form.nickname.data} with id {account.id}"
)
return redirect(f"/account/{account.id}")
return render_template("create_account.html", form=form)
def withdraw(current_user, account_id):
if account_id is not None:
account_number = request.json.get('account_number')
amount = request.json.get('amount')
account = Accounts.query.filter_by(
account_number=account_number, user_id=current_user.id).first(
) ## TODO: modify query to get current users account
if account:
amount_to_withdraw = (int(amount))
if amount_to_withdraw > account.balance:
return "cannot withdraw more than balance"
else:
account.balance = account.balance - amount_to_withdraw
account.save()
account = Accounts.get_user_account(current_user.id)
result = account_schema.dump(account)
return jsonify(result.data)
def test_should_return_account_updated_successfuly_when_update(self, client, db):
account = Accounts(name='microsoft',
login='******',
password='******')
db.session.add(account)
db.session.commit()
data = {
'name': 'test',
'login': '******',
'password': '******'
}
response = client.post('/accounts/1', data=data, follow_redirects=True)
assert b'Account updated successfully.' in response.data
def test_should_update_account_update_password(self, client, db):
account = Accounts(name='microsoft',
login='******',
password='******')
db.session.add(account)
db.session.commit()
data = {
'name': 'test',
'login': '******',
'password': '******'
}
client.post('/accounts/1', data=data, follow_redirects=True)
account = Accounts.query.first()
assert 'test' == account.password
def test_should_return_field_required_when_not_inform_password(self, client, db):
account = Accounts(name='microsoft',
login='******',
password='******')
db.session.add(account)
db.session.commit()
data = {
'name': 'test',
'login': '******',
'password': ''
}
response = client.post('/accounts/1',
data=data,
follow_redirects=True)
assert b'This field is required.' in response.data
def add_profile(user):
"""Adds account information"""
url = current_app.config['API_BASE'] + user
if current_app.config['DEBUG']:
print(f"Retrieving: {url}")
# Header info
response = requests.get(url)
status = response.headers['Status']
limit = response.headers['X-RateLimit-Limit']
remaining = response.headers['X-RateLimit-Remaining']
reset = response.headers['X-RateLimit-Reset']
etag = response.headers['ETag']
if current_app.config['DEBUG']: print(f'Status: {status}')
if current_app.config['DEBUG']: print(f'Limit: {limit}')
if current_app.config['DEBUG']: print(f'Remaining: {remaining}')
if current_app.config['DEBUG']: print(f'Reset: {reset}')
if current_app.config['DEBUG']: print(f'ETag: {etag}')
if current_app.config['DEBUG']: print(f"Retrieved: {url}")
data = response.json()
if current_app.config['DEBUG']: print(f"Found {data['name']}")
# add the account
add_account = Accounts(
data['login'].lower(), data['avatar_url'], data['url'],
data['html_url'], data['followers_url'], data['following_url'],
data['gists_url'], data['starred_url'], data['subscriptions_url'],
data['organizations_url'], data['repos_url'], data['events_url'],
data['received_events_url'], data['name'], data['company'],
data['blog'], data['location'], data['email'], data['hireable'],
data['bio'], data['public_repos'], data['public_gists'],
data['followers'], data['following'], data['created_at'],
data['updated_at'], etag)
db.session.add(add_account)
db.session.commit()
account = Accounts.query.get(user)
if current_app.config['DEBUG']: print(f"Returning {account}")
return account
def sign_up():
h1 = 'Sign Up!'
original_primary_email = ""
original_secondary_email = ""
edit = False
form = AddAccountForm(original_primary_email, original_secondary_email,
edit)
# if form validates
if form.validate_on_submit():
# check if at least 1 phone num is given
if (form.primary_cell_phone.data == ""
and form.primary_home_phone.data == ""
and form.secondary_cell_phone.data == ""
and form.secondary_home_phone.data == ""):
# wish I knew how to repopulate the form
flash('Please enter a phone number')
return redirect(url_for('main.sign_up'))
account = Accounts(
primary_fname=form.primary_fname.data.capitalize(),
primary_lname=form.primary_lname.data.capitalize(),
primary_cell_phone=form.primary_cell_phone.data,
primary_email=form.primary_email.data,
primary_home_phone=form.primary_home_phone.data,
secondary_fname=form.secondary_fname.data.capitalize(),
secondary_lname=form.secondary_lname.data.capitalize(),
secondary_cell_phone=form.secondary_cell_phone.data,
secondary_email=form.secondary_email.data,
secondary_home_phone=form.secondary_home_phone.data)
db.session.add(account)
db.session.commit()
flash('Account added!')
return redirect(url_for('main.add_student', id=account.id))
return render_template('add_account.html',
title='Sign Up',
h1=h1,
form=form)
def delete(self, account_id):
if int(current_user.type) != User.Type.admin or int(
current_user.type) != User.Type.bank_teller:
return response('unauthorised', 'Cannot perform operation', 401)
Accounts.delete_account(account_id)
return jsonify({'message': 'user {account_id} deleted successfully'})
def test_setUp(self):
app.config['TESTING'] = True
app.config['WTF_CSRF_ENABLED'] = False
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join(
basedir, 'test.db')
self.app = app.test_client()
db.create_all()
#SET UP FOR ACCOUNTS TESTING
self.username = "******"
self.username2 = "Aimee"
self.int_username = 7
self.longer_username = "******"
self.email = '*****@*****.**'
self.email2 = "*****@*****.**"
self.string_email = "amynotrealemail"
self.int_email = 99
self.longer_email = "*****@*****.**"
self.password = '******'
self.longer_password = '******'
self.u = Accounts(username=self.username,
email=self.email,
password=self.password)
self.u2 = Accounts(username=self.username,
email=self.email2,
password=self.password)
self.u3 = Accounts(username=self.username2,
email=self.email2,
password=self.password)
self.account_longer_username = Accounts(username=self.longer_username,
email=self.email,
password=self.password)
self.account_longer_email = Accounts(username=self.username,
email=self.longer_email,
password=self.password)
self.account_longer_password = Accounts(username=self.username,
email=self.email,
password=self.longer_password)
self.account_int_email = Accounts(username=self.username,
email=self.int_email,
password=self.password)
self.account_int_username = Accounts(username=self.int_username,
email=self.email,
password=self.password)
self.account_str_email = Accounts(username=self.username,
email=self.string_email,
password=self.password)
self.no_password = Accounts(username=self.username, email=self.email)
self.no_email = Accounts(username=self.username,
password=self.password)
self.no_username = Accounts(username=self.username, email=self.email)
def operations():
if request.method == 'GET':
operations_list = {
'operation_name': ['PURCHASE', 'TRANSFER', 'WITHDRAWAL', 'CREATE']
}
return jsonify(operations_list)
else:
# разбираем прилетевший джейсон
payload = request.get_json()
operation_type = payload['operation_type']
operation_value = payload['value']
user_account_id = payload['user_account']
user_account = Accounts.query.filter_by(
accountID=user_account_id).first()
if operation_type == 'PURCHASE':
# пополнение
new_user_acc_value = int(user_account.value) + int(operation_value)
user_account.value = new_user_acc_value
log = Log(account_owner=current_user.userID,
account=user_account_id,
type=operation_type,
value=operation_value)
db.session.add(log)
db.session.commit()
return response(200,
'Your balance = {}'.format(user_account.value))
elif operation_type == 'WITHDRAWAL':
# списание
new_user_acc_value = int(user_account.value) - int(operation_value)
user_account.value = new_user_acc_value
db.session.commit()
log = Log(account_owner=current_user.userID,
account=user_account_id,
type=operation_type,
value=operation_value)
db.session.add(log)
return response(200,
'Your balance = {}'.format(user_account.value))
elif operation_type == 'TRANSFER':
# перевод между счетами
new_user_acc_value = int(user_account.value) - int(operation_value)
user_account.value = new_user_acc_value
recipient_account_id = payload['recipient_account']
recipient_account = Accounts.query.filter_by(
accountID=recipient_account_id).first()
new_recip_acc_value = int(
recipient_account.value) + int(operation_value)
recipient_account.value = new_recip_acc_value
log = Log(account_owner=current_user.userID,
account=user_account_id,
type=operation_type,
value=operation_value,
recipient=recipient_account_id)
db.session.add(log)
db.session.commit()
return response(
200, 'Your balance = {}. Target account: {}'.format(
user_account.value, recipient_account.accountID))
else:
# создание нового счета
new_account = Accounts(ownerID=current_user.userID,
value=operation_value)
db.session.add(new_account)
payload = Accounts.query.filter_by(
ownerID=current_user.userID).order_by(
Accounts.accountID.desc()).first()
log = Log(account_owner=current_user.userID,
account=payload.accountID,
type=operation_type,
value=operation_value)
db.session.add(log)
db.session.commit()
return response(
200, 'Account {} created.\nYour balance = {}'.format(
payload.accountID, payload.value))