def issue_password_reset(email):
user = User.query.filter(User.email == email).first()
if not user:
return render_template("reset.html", errors="No one with that email found.")
user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8")
user.password_reset_expires = datetime.now() + timedelta(days=1)
send_password_reset(user)
db.commit()
return render_template("reset.html", done=True)
def go(*args, **kw):
try:
ret = f(*args, **kw)
db.commit()
return ret
except:
db.rollback()
db.close()
raise
def issue_password_reset(email):
user = User.query.filter(User.email == email).first()
if not user:
return render_template("reset.html", errors="No one with that email found.")
user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8")
user.password_reset_expires = datetime.now() + timedelta(days=1)
send_password_reset(user)
db.commit()
return render_template("reset.html", done=True)
def cancel(id):
donation = Donation.query.filter(Donation.id == id).first()
if donation.user != current_user:
abort(401)
if donation.type != DonationType.monthly:
abort(400)
donation.active = False
db.commit()
return redirect("/panel")
def cancel(id):
donation = Donation.query.filter(Donation.id == id).first()
if donation.user != current_user:
abort(401)
if donation.type != DonationType.monthly:
abort(400)
donation.active = False
db.commit()
return redirect("/panel")
def go(*args, **kw):
try:
ret = f(*args, **kw)
db.commit()
return ret
except:
db.rollback()
db.close()
raise
def setup():
if not User.query.count() == 0:
abort(400)
email = request.form.get("email")
password = request.form.get("password")
if not email or not password:
return redirect("..") # TODO: Tell them what they did wrong (i.e. being stupid)
user = User(email, password)
user.admin = True
db.add(user)
db.commit()
login_user(user)
return redirect("admin?first-run=1")
def setup():
if not User.query.count() == 0:
abort(400)
email = request.form.get("email")
password = request.form.get("password")
if not email or not password:
return redirect("..") # TODO: Tell them what they did wrong (i.e. being stupid)
user = User(email, password)
user.admin = True
db.add(user)
db.commit()
login_user(user)
return redirect("admin?first-run=1")
def reset_password(token):
if request.method == "GET" and not token:
return render_template("reset.html")
if request.method == "POST":
token = request.form.get("token")
email = request.form.get("email")
if email:
return issue_password_reset(email)
if not token:
return redirect("..")
user = User.query.filter(User.password_reset == token).first()
if not user:
return render_template("reset.html", errors="This link has expired.")
if request.method == 'GET':
if user.password_reset_expires == None or user.password_reset_expires < datetime.now(
):
return render_template("reset.html",
errors="This link has expired.")
if user.password_reset != token:
redirect("..")
return render_template("reset.html", token=token)
else:
if user.password_reset_expires == None or user.password_reset_expires < datetime.now(
):
abort(401)
if user.password_reset != token:
abort(401)
password = request.form.get('password')
if not password:
return render_template("reset.html",
token=token,
errors="You need to type a new password.")
user.set_password(password)
user.password_reset = None
user.password_reset_expires = None
db.commit()
login_user(user)
return redirect("panel")
def reset_password(token):
if request.method == "GET" and not token:
return render_template("reset.html")
if request.method == "POST":
token = request.form.get("token")
email = request.form.get("email")
if email:
return issue_password_reset(email)
if not token:
return redirect("..")
user = User.query.filter(User.password_reset == token).first()
if not user:
return render_template("reset.html", errors="This link has expired.")
if request.method == "GET":
if user.password_reset_expires == None or user.password_reset_expires < datetime.now():
return render_template("reset.html", errors="This link has expired.")
if user.password_reset != token:
redirect("..")
return render_template("reset.html", token=token)
else:
if user.password_reset_expires == None or user.password_reset_expires < datetime.now():
abort(401)
if user.password_reset != token:
abort(401)
password = request.form.get("password")
if not password:
return render_template("reset.html", token=token, errors="You need to type a new password.")
user.set_password(password)
user.password_reset = None
user.password_reset_expires = None
db.commit()
login_user(user)
return redirect("panel")
limit = datetime.now() - timedelta(days=30)
for donation in donations:
if donation.updated < limit:
print("Charging {}".format(donation))
user = donation.user
customer = stripe.Customer.retrieve(user.stripe_customer)
try:
charge = stripe.Charge.create(
amount=donation.amount,
currency="usd",
customer=user.stripe_customer,
description="Donation to " + _cfg("your-name")
)
except stripe.error.CardError as e:
donation.active = False
db.commit()
send_declined(user, donation.amount)
print("Declined")
continue
send_thank_you(user, donation.amount, donation.type == DonationType.monthly)
donation.updated = datetime.now()
donation.payments += 1
db.commit()
else:
print("Skipping {}".format(donation))
print("Done. {} records processed.".format(len(donations)))
def delete_project():
id = request.form.get("id")
project = Project.query.get(id)
db.delete(project)
db.commit()
return redirect("admin")
def donate():
email = request.form.get("email")
stripe_token = request.form.get("stripe_token")
amount = request.form.get("amount")
type = request.form.get("type")
comment = request.form.get("comment")
project_id = request.form.get("project")
# validate and rejigger the form inputs
if not email or not stripe_token or not amount or not type:
return {"success": False, "reason": "Invalid request"}, 400
try:
if project_id is None or project_id == "null":
project = None
else:
project_id = int(project_id)
project = Project.query.filter(Project.id == project_id).first()
if type == "once":
type = DonationType.one_time
else:
type = DonationType.monthly
amount = int(amount)
except:
return {"success": False, "reason": "Invalid request"}, 400
new_account = False
user = User.query.filter(User.email == email).first()
if not user:
new_account = True
user = User(email, binascii.b2a_hex(os.urandom(20)).decode("utf-8"))
user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8")
user.password_reset_expires = datetime.now() + timedelta(days=1)
customer = stripe.Customer.create(email=user.email, card=stripe_token)
user.stripe_customer = customer.id
db.add(user)
else:
customer = stripe.Customer.retrieve(user.stripe_customer)
new_source = customer.sources.create(source=stripe_token)
customer.default_source = new_source.id
customer.save()
donation = Donation(user, type, amount, project, comment)
db.add(donation)
try:
charge = stripe.Charge.create(amount=amount,
currency=_cfg("currency"),
customer=user.stripe_customer,
description="Donation to " +
_cfg("your-name"))
except stripe.error.CardError as e:
db.rollback()
db.close()
return {"success": False, "reason": "Your card was declined."}
db.commit()
send_thank_you(user, amount, type == DonationType.monthly)
if new_account:
return {
"success": True,
"new_account": new_account,
"password_reset": user.password_reset
}
else:
return {"success": True, "new_account": new_account}
def create_project():
name = request.form.get("name")
project = Project(name)
db.add(project)
db.commit()
return redirect("admin")
def donate():
email = request.form.get("email")
stripe_token = request.form.get("stripe_token")
amount = request.form.get("amount")
type = request.form.get("type")
comment = request.form.get("comment")
project_id = request.form.get("project")
# validate and rejigger the form inputs
if not email or not stripe_token or not amount or not type:
return {"success": False, "reason": "Invalid request"}, 400
try:
if project_id is None or project_id == "null":
project = None
else:
project_id = int(project_id)
project = Project.query.filter(Project.id == project_id).first()
if type == "once":
type = DonationType.one_time
else:
type = DonationType.monthly
amount = int(amount)
except:
return {"success": False, "reason": "Invalid request"}, 400
new_account = False
user = User.query.filter(User.email == email).first()
if not user:
new_account = True
user = User(email, binascii.b2a_hex(os.urandom(20)).decode("utf-8"))
user.password_reset = binascii.b2a_hex(os.urandom(20)).decode("utf-8")
user.password_reset_expires = datetime.now() + timedelta(days=1)
customer = stripe.Customer.create(email=user.email, card=stripe_token)
user.stripe_customer = customer.id
db.add(user)
else:
customer = stripe.Customer.retrieve(user.stripe_customer)
new_source = customer.sources.create(source=stripe_token)
customer.default_source = new_source.id
customer.save()
donation = Donation(user, type, amount, project, comment)
db.add(donation)
try:
charge = stripe.Charge.create(
amount=amount, currency="usd", customer=user.stripe_customer, description="Donation to " + _cfg("your-name")
)
except stripe.error.CardError as e:
db.rollback()
db.close()
return {"success": False, "reason": "Your card was declined."}
db.commit()
send_thank_you(user, amount, type == DonationType.monthly)
if new_account:
return {"success": True, "new_account": new_account, "password_reset": user.password_reset}
else:
return {"success": True, "new_account": new_account}
limit = datetime.now() - timedelta(days=30)
for donation in donations:
if donation.updated < limit:
print("Charging {}".format(donation))
user = donation.user
customer = stripe.Customer.retrieve(user.stripe_customer)
try:
charge = stripe.Charge.create(amount=donation.amount,
currency="usd",
customer=user.stripe_customer,
description="Donation to " +
_cfg("your-name"))
except stripe.error.CardError as e:
donation.active = False
db.commit()
send_declined(user, donation.amount)
print("Declined")
continue
send_thank_you(user, donation.amount,
donation.type == DonationType.monthly)
donation.updated = datetime.now()
donation.payments += 1
db.commit()
else:
print("Skipping {}".format(donation))
print("{} records processed.".format(len(donations)))
if _cfg("patreon-refresh-token"):
def create_project():
name = request.form.get("name")
project = Project(name)
db.add(project)
db.commit()
return redirect("admin")
