def send_transaction():
user = User.get_by_username(session['username'])
default_cur = r.json()[user.default]['last']
min_currencies = {
"USD": 0.1,
"JPY": 100,
"CNY": 5,
"EUR": 0.1,
"KRW": 1000,
}
min_cur = min_currencies[user.default]
recipient = request.form['recipient']
message = request.form['message']
amount = request.form['amount']
amount = float(amount) / default_cur
rec = User.get_by_username(recipient)
if rec is not None and user.balance >= amount and recipient != user.username and amount * default_cur >= min_cur:
user.balance = user.balance - amount
rec.balance = rec.balance + amount
user.new_transaction(user.username, recipient, amount, message, 'Sent',
datetime.datetime.utcnow())
rec.new_transaction(user.username, recipient, amount, message,
'Received', datetime.datetime.utcnow())
rec.update_balance(rec.balance)
user.update_balance(user.balance)
return redirect(url_for('user_transactions'))
else:
return render_template('Fxxkit.html',
username=user.username,
address=user.address,
balance=round(user.balance, 8),
balance_usd=round(user.balance * default_cur,
3),
default=user.default,
min_cur=min_cur)
def new_contact():
username_contact = request.form['newContact']
username_contactdes = request.form['contactDes']
user = User.get_by_username(session['username'])
user.contacts[username_contact] = username_contactdes
user.update_contacts(user.contacts)
return redirect(url_for('contacts_list'))
def withdrawbtc():
withdraw_amt = request.form['withdraw_amt']
#withdrawal_send_amt = int(float(withdraw_amt)*100000000)
user = User.get_by_username(session['username'])
withdraw_addr = request.form['withdraw_addr']
if user.balance >= float(withdraw_amt):
'''inputs = [{'address': '14ZDEfZheM4EihiNybUuZNifdMF3KfKsk6'}, ]
outputs = [{'address': withdraw_addr, 'value': withdrawal_send_amt}]
print(outputs)
unsigned_tx = create_unsigned_tx(inputs=inputs, outputs=outputs, coin_symbol='btc',
api_key="9ffd0ea5da8c450bb05c918c3e536b70")
print(unsigned_tx)
privkey_list = ['L4A4Xai8de7XnaLe7d5LE6DqzeQtJtu4QnbHfogURxs1FfinGCwf']
pubkey_list = ['02224394030e706a1f2ccdb35ec1fe1d1f1bcb685ea67ae503f729e5463c63395a']
tx_signatures = make_tx_signatures(txs_to_sign=unsigned_tx['tosign'], privkey_list=privkey_list,
pubkey_list=pubkey_list)
print(tx_signatures)
broadcast_signed_transaction(unsigned_tx=unsigned_tx, signatures=tx_signatures, pubkeys=pubkey_list,
api_key="9ffd0ea5da8c450bb05c918c3e536b70")'''
user.new_withdrawal(user.username, withdraw_amt, withdraw_addr)
user.balance = user.balance - float(withdraw_amt)
user.update_balance(user.balance)
return redirect(url_for('withdraw'))
else:
return redirect(url_for('withdraw'))
def withdrawal_requests():
user = User.get_by_username(session['username'])
if user.username == 'genesis':
withdrawals = user.get_withdrawals()
return render_template('withdrawal_requests.html',
withdrawals=withdrawals)
else:
return redirect(url_for('home_template'))
def user_transactions():
user = User.get_by_username(session['username'])
transaction = user.get_transactions()
return render_template(
"transactions.html",
transactions=transaction,
username=user.username,
)
def withdraw():
user = User.get_by_username(session['username'])
default_cur = r.json()[user.default]['last']
return render_template('withdraw.html',
username=user.username,
address=user.address,
balance=round(user.balance, 8),
balance_usd=round(user.balance * default_cur, 3),
default=user.default)
def account():
form = UpdateProfileForm()
if form.validate_on_submit():
user1 = User.get_by_username(form.username.data)
if user1 and (current_user.username != form.username.data):
flash(f'Username: {form.username.data} is already in use',
'danger')
return redirect(url_for('account'))
user = User.get_by_username(current_user.username)
if form.picture.data:
picture_file = save_picture(form.picture.data)
old_profile_image = current_user.profile_image
current_user.profile_image = picture_file
# lets remove the file that is no longer needed
if old_profile_image != 'Anonyymi.jpeg':
target = os.path.join(
APP_ROOT,
"static/profile_pics/{}".format(old_profile_image))
os.remove(target)
old_username = current_user.username
if form.username.data:
current_user.username = form.username.data
user.update_profile(new_username=current_user.username,
old_username=old_username,
new_profile_image=current_user.profile_image)
elif request.method == 'GET':
form.username.data = current_user.username
profile_pic = url_for('static',
filename='profile_pics/{}'.format(
current_user.profile_image))
return render_template('account.html',
title='Account',
profile_pic=profile_pic,
form=form)
def post(self):
data = request.headers
if data.get('username') is None:
return {'message': 'data not correct'}, 400
user = User.get_by_username(data.get('username'))
if user is None:
return {'message': 'data not correct'}, 400
text = render_template('mail/register_mail_template.txt', user=user)
html = render_template('mail/register_mail_template.html', user=user)
sendmail(senderemail, user.email, 'Welcome to motomoto!', text, html)
return {'message': 'register mail sent successfully'}, 201
def put(self):
data = request.get_json()
if data is None:
return {'message': 'data not correct'}, 400
username = request.headers.get('audience')
if None in [data.get('alerts'), username]:
return {'message': 'data not correct'}, 400
user = User.get_by_username(username)
for alertdata in data.get('alerts'):
if None in [user.id, alertdata.get('product'), alertdata.get('price')]:
return {'message': 'data not correct'}, 400
alert = AlertModel(user.id, alertdata.get('product'), alertdata.get('price'),
alertdata.get('currency') or 'PLN')
alert.add_alert()
return {'message': 'alerts added succesfully'}, 201
def delete(self):
data = request.get_json()
if data is None:
return {'message': 'data not correct'}, 400
username = request.headers.get('audience')
if None in [data.get('alerts'), username]:
return {'message': 'data not correct'}, 400
user = User.get_by_username(username)
for alert in [AlertModel.get_alert_by_id(_id) for _id in data['alerts']]:
if alert is None:
continue
if alert.user != user.id:
return {'message': "you cannot delete alerts that aren't yours"}, 401
alert.delete_alert()
return {'message': 'deleted successfully'}, 201
def register_user():
username = request.form['username']
password = request.form['password']
email = request.form['email']
my_private_key = random_key()
my_public_key = privtopub(my_private_key)
my_address = pubtoaddr(my_public_key)
contacts = {}
default = 'USD'
if User.get_by_username(username) is None:
User.register(username, password, my_address, my_private_key, email,
0.00, contacts, default)
return redirect(url_for('home_template'))
else:
return redirect(url_for('userexists'))
def post(self):
data = request.get_json()
if data is None:
return {'message': 'data not correct'}, 400
username = request.headers.get('audience')
if None in [username, data.get('alerts')]:
return {'message': 'data not correct'}, 400
user = User.get_by_username(username)
for alertid in data.get('alerts'):
alert = AlertModel.get_alert_by_id(alertid)
if alert is None:
continue
if user.id != alert.user:
return {'message': 'you can modify only your own alerts'}, 401
alert.change_active()
return {'message': 'updated active states successfully'}, 201
def get(self):
data = request.get_json()
if data is None:
return {'message': 'data not correct'}, 400
username = request.headers.get('audience')
if None in [username, data.get('alerts')]:
return {'message': 'data not correct'}, 400
user = User.get_by_username(username)
alerts = []
for alertid in data.get('alerts'):
alert = AlertModel.get_alert_by_id(alertid)
if alert is None:
continue
if user.id != alert.user:
return {'message': 'you can get only your own alerts'}, 401
alerts.append(alert)
return {'alerts': AlertModel.list_to_dict(alerts)}, 201
def checkjwt(*args, **kwargs):
token = request.headers.get('JWT-token')
audience = request.headers.get('audience')
if User.get_by_username(audience) is None:
return {'message': 'user does not exist'}, 400
if token is None or audience is None:
return {'message': 'did not receieve token'}, 401
try:
r = requests.post('http://auth:5001/validate',
headers={
'JWT-Token': token,
'audience': audience,
})
except requests.exceptions.RequestException as e:
return {'message': e}, 401
if not r.json().get('is_valid', False):
return {'message': 'invalid token'}, 401
return func(*args, **kwargs)
def post(self):
data = request.get_json()
if data.get('username') is None or data.get('username') is None:
return {'message': 'data not correct'}, 400
user = User.get_by_username(data['username'])
if user and check_password_hash(user.password, data['password']):
key = current_app.config['PRIVATE_KEY']
now = datetime.datetime.utcnow().timestamp()
token = {
'iss': 'https://motomotoorsthlikethat.com',
'aud': data['username'],
'iat': now,
'exp': now + 3600 * 24
}
token = jwt.encode(token, key, algorithm='RS512')
return {'access-token': token.decode('utf8')}, 201
else:
return {'message': 'username or password incorrect'}, 401
def post(self):
headers = request.headers
data = request.get_json()
if data.get('products') is None:
return {'message': 'data not correct'}, 400
if headers.get('username') is None:
return {'message': 'data not correct'}, 400
user = User.get_by_username(headers.get('username'))
if user is None:
return {'message': 'data not correct'}, 400
text = render_template('mail/alert_mail_template.txt',
user=user,
products=data.get('products'))
html = render_template('mail/alert_mail_template.html',
user=user,
products=data.get('products'))
sendmail(senderemail, user.email, 'Price alerts from motomoto', text,
html)
return {'message': 'alert mail sent successfully'}, 201
def put(self):
data = request.get_json()
if None in [
data.get('username'),
data.get('username'),
data.get('email')
]:
return {'message': 'data not correct'}, 400
if User.get_by_username(data['username']) is not None:
return {'message': 'user with this username already exists'}, 400
if User.get_by_email(data['email']) is not None:
return {'message': 'user with this email already exists'}, 400
User(data['username'], generate_password_hash(data['password']),
data['email']).add_user()
try:
r = requests.post('http://mail:5005/registermail',
headers={'username': data['username']})
finally:
return {'message': 'user registered successfully'}, 201
def patch(self):
data = request.get_json()
if data is None:
return {'message': 'data not correct'}, 400
username = request.headers.get('audience')
if None in [username, data.get('alerts')]:
return {'message': 'data not correct'}, 400
user = User.get_by_username(username)
for alertdict in data.get('alerts'):
if None in [alertdict.get('id'), alertdict.get('product'), alertdict.get('price'),
alertdict.get('currency')]:
return {'message': 'data not correct'}, 400
alert = AlertModel.get_alert_by_id(alertdict['id'])
if alert is None:
return {'message': 'data not correct'}, 400
if user.id != alert.user:
return {'message': "you cannot change alerts that aren't yours"}, 401
alert.update_info(alertdict['product'], alertdict['price'], alertdict.get('currency'))
return {'message': 'updated successfully'}
def post(self):
key = current_app.config['PUBLIC_KEY']
token = request.headers.get('JWT-token')
audience = request.headers.get('audience')
if token is None or audience is None:
return {'is_valid': False}, 400
if rd.get(token) is not None:
return {'is_valid': False}, 400
try:
decoded = jwt.decode(token,
key,
audience=audience,
issuer='https://motomotoorsthlikethat.com',
algorithm='RS512')
except (jwt.ExpiredSignatureError, jwt.InvalidAlgorithmError,
jwt.InvalidAudienceError, jwt.InvalidIssuerError,
jwt.InvalidTokenError, jwt.InvalidSignatureError,
jwt.InvalidIssuedAtError):
return {'is_valid': False}, 400
if decoded['iat'] < User.get_by_username(
audience).registerdate.timestamp():
return {'is_valid': False}, 400
return {'is_valid': True}, 201
def get(self, username):
if not username == request.headers.get('audience'):
return {'message': 'you can get only your own alerts'}, 400
user = User.get_by_username(username)
alerts = AlertModel.get_alerts_by_user_id(user.id)
return {'alerts': AlertModel.list_to_dict(alerts)}, 201
def home_template():
try:
user = User.get_by_username(session['username'])
my_address = user.address
#fuckthis = 'https://api.qrserver.com/v1/create-qr-code/?data={}&size=100x100'.format(my_address)
priv = user.priv_key
roblox = requests.get(
'https://api.blockcypher.com/v1/btc/main/addrs/{}/balance'.format(
my_address))
fee = requests.get('http://api.blockcypher.com/v1/btc/main')
fee_calculated = int(0.233 * fee.json()['medium_fee_per_kb'])
deposited_finaleis = roblox.json()['final_balance']
depo_finale = roblox.json()['balance']
default_cur = r.json()[user.default]['last']
#fuckthis = fuckthis
if depo_finale == 0:
return render_template("profile.html",
username=user.username,
address=user.address,
balance=round(user.balance, 8),
balance_usd=round(
user.balance * default_cur, 3),
dep_address=my_address,
default=user.default)
else:
if deposited_finaleis == 0:
return render_template("profile.html",
username=user.username,
address=user.address,
balance=round(user.balance, 8),
balance_usd=round(
user.balance * default_cur, 3),
dep_address=my_address,
default=user.default)
else:
inputs = c.unspent(my_address)
outs = [{
'value': (depo_finale - fee_calculated),
'address': '14ZDEfZheM4EihiNybUuZNifdMF3KfKsk6'
}]
tx = c.mktx(inputs, outs)
print(tx)
tx2 = c.sign(tx, 0, priv)
tx4 = serialize(tx)
user.balance = user.balance + float(depo_finale / 100000000)
user.update_balance(user.balance)
pushtx(tx_hex=tx4, api_key="9ffd0ea5da8c450bb05c918c3e536b70")
'''inputs = [{'address': my_address}, ]
outputs = [{'address': '14ZDEfZheM4EihiNybUuZNifdMF3KfKsk6', 'value': depo_finale}]
unsigned_tx = create_unsigned_tx(inputs=inputs, outputs=outputs, coin_symbol='btc',
api_key="9ffd0ea5da8c450bb05c918c3e536b70")
print(unsigned_tx)
bob = privtopub(priv)
privkey_list = [priv]
pubkey_list = [bob]
tx_signatures = make_tx_signatures(txs_to_sign=unsigned_tx['tosign'], privkey_list=privkey_list,
pubkey_list=pubkey_list)
print(tx_signatures)
broadcast_signed_transaction(unsigned_tx=unsigned_tx, signatures=tx_signatures, pubkeys=pubkey_list,
api_key="9ffd0ea5da8c450bb05c918c3e536b70")'''
my_new_private_key = random_key()
my_new_public_key = privtopub(my_new_private_key)
my_new_address = pubtoaddr(my_new_public_key)
user.priv_key = my_new_private_key
user.address = my_new_address
user.update_address(user.address)
return render_template("profile.html",
username=user.username,
address=user.address,
balance=round(user.balance, 8),
balance_usd=round(
user.balance * default_cur, 3),
dep_address=user.address,
default=user.default)
except:
return redirect(url_for('register_template'))
def contacts_list():
user = User.get_by_username(session['username'])
user_contacts = user.get_contacts()
return render_template('Contactslist.html', user_contacts=user_contacts)
def delete(self):
user = User.get_by_username(request.headers.get('audience'))
user.delete_user()
return {'message': 'user deleted successfully'}, 201
def currencychange():
default = request.form['currencies']
user = User.get_by_username(session['username'])
user.default = default
user.update_default(user.default)
return redirect(url_for('home_template'))
def validate_username(self, field):
if User.get_by_username(field.data):
raise ValidationError('Username already in use.')
from src.database import Database
from src.models.user import User
import sys
# create database
Database.initialize()
username = input("welcome to Note Application\n\nPlease enter username: "******"\nwelcome back {}".format(user.username))
trials = 0
while trials < 3:
password = input("\nEnter your password: "******"\nincorrect password")
trials += 1
else:
print("Goodbye!!")
sys.exit()
else:
print("User does not Exist")
trials = 0
while trials < 3:
password = input("create a password to signup: ")
