def admin_login(): if request.method == 'POST': form = LoginForm(request.form) validate_csrf(form.csrf_token) account = Account.query.filter_by(username=form.username.data, password=generate_hash_pass(form.username.data, form.password.data)).first() if account: login_user(account) account.set_status(online=True).save() return redirect(url_for('admin.index'), code=302) else: return json.dumps( { 'success': False } ), 401, {'ContentType':'application/json'} else: if current_user.is_authenticated and current_user.is_staff(): redirect(url_for('admin.index')) return json.dumps( { 'success': False } ), 302, {'ContentType':'application/json'} print('Rendering page') return render_template('admin/pages/login.html', form=LoginForm())
def execute(self, app): with app.app_context(): _pass = False while not _pass: username = input('Username: '******'Username required') continue if find_account_by_username(username): print('That account name already exists.') continue break while not _pass: password = getpass() if len(password) < 6: print('Secure password required') continue break email = input('Email (optional): ') if email: if find_account_by_email(email): print('That email already exists.') else: _pass = True while not _pass: try: email = input('Email (optional): ') except KeyboardInterrupt: print() break if find_account_by_email(email): print('That email already exists.') continue break a_r = Account( username=username, email=email, password=generate_hash_pass(username=username, password=password)).save().rank() a_r.level = 2 a_r.save() account = find_account(a_r.id) if account: print('Account created successfully') else: print('Failed to create account.')
def register(): callback = { 'success': True, 'form': '', 'errors': [] } if current_user.is_authenticated: logout_user() # How did this happen..? return redirect('register') if request.method == 'POST': form = RegisterForm(request.form) username = form.username.data email = form.email.data if not username: callback['success'] = False callback['form'] = 'username' callback['errors'].append('Invalid username') return json.dumps(callback), 400, {'ContentType':'application/json'} if not email: callback['success'] = False callback['form'] = 'email' callback['errors'].append('Invalid email') return json.dumps(callback), 400, {'ContentType':'application/json'} account = Account.query.filter_by(email=email).first() if account: callback['success'] = False callback['form'] = 'email' callback['errors'].append('Email already registered') return json.dumps(callback), 400, {'ContentType':'application/json'} account = Account.query.filter_by(username=form.username.data).first() if account: callback['success'] = False callback['form'] = 'username' callback['errors'].append('Username already registered') return json.dumps(callback), 400, {'ContentType':'application/json'} password = generate_hash_pass(username, form.password.data) account = Account( username = username, password = password, email = email ) account = account.save() account.change_rank( level=1 ) account = Account.query.filter_by(username=username, password=password, email=email).first() if account: return json.dumps(callback), 200, {'ContentType':'application/json'} else: return json.dumps( { 'success': False } ), 401, {'ContentType':'application/json'} else: return render_template('splash/actions/register.html')
def account(): _type = request.args.get('type') id = request.args.get('id') print(_type, id) if _type == 'edit': if request.method == 'GET': if id == 0: return redirect(url_for('account.accounts')) account = find_account(id) if account: if current_user.rank().level < 2 and current_user.rank( ).level <= account.rank().level: if current_user.is_staff(): return redirect(url_for('account.accounts')) else: return redirect(url_for('index.index')) form = AccountForm() form.rank.process_data(account.rank().level) return render_template('admin/pages/accounts/account.html', account=account, form=form, render_type='edit', redirect=redirect) else: return render_template('admin/pages/404.html', reason='Account', content='Not found') else: form = AccountForm(request.form) account = find_account(form.id.data) if account: if current_user.rank().level < 2 and current_user.rank( ).level <= account.rank().level: abort(400) form = AccountForm(request.form) if form.password.data is None or not form.password.data: form.password.data = account.password if form.password.data != account.password: form.password.data = generate_hash_pass( account.username, form.password.data) account.__init__(**form.data) account.save() account.rank().level = int(form.rank.data) account.rank().save() return json.dumps({'success': True}), 200, { 'ContentType': 'application/json' } else: abort(400) return redirect(url_for('account.accounts')) elif _type == 'add': form = AccountForm(request.form) if not form.username.data or form.username.data is None or len( form.username.data) < 3: return json.dumps({ 'success': False, 'message': 'Invalid username value' }), 400, { 'ContentType': 'application/json' } if not form.password.data or form.password.data is None or len( form.password.data) < 6: return json.dumps({ 'success': False, 'message': 'Invalid password value' }), 400, { 'ContentType': 'application/json' } if not form.email.data or form.email.data is None or len( form.email.data) < 6: return json.dumps({ 'success': False, 'message': 'Invalid email value' }), 400, { 'ContentType': 'application/json' } account = find_account_by_username( form.username.data) or find_account_by_email(form.email.data) if account: return json.dumps({ 'success': False, 'message': 'Account already exists.' }), 400, { 'ContentType': 'application/json' } form.password.data = generate_hash_pass(username=form.username.data, password=form.password.data) account = Account(**form.data) account.change_rank(level=int(form.rank.data)) account.save() return json.dumps({'success': True}), 200, { 'ContentType': 'application/json' } elif _type == 'new': return render_template('admin/pages/accounts/account.html', form=AccountForm(), ranks=ranks, render_type='new') elif _type == 'delete': account = find_account(id) if account: print('Username: %s' % account.username) account.delete() return redirect(url_for('account.accounts')) else: return json.dumps({ 'success': False, 'message': 'Account not found.' }), 400, { 'ContentType': 'application/json' } else: return redirect(url_for('account.accounts'))