def reset_with_token(token): form = PasswordFormReset() try: password_reset_serializer = URLSafeTimedSerializer( app.config['SECRET_KEY']) email = password_reset_serializer.loads(token, salt='password-reset-salt', max_age=3600) except: flash( 'The password reset link is invalid or has expired. Request another email through lost password.', category="danger") return redirect(url_for('users.login')) if request.method == 'POST': if form.validate_on_submit(): try: user = db.session \ .query(User) \ .filter_by(email=email) \ .first() except: flash('Invalid email address!', category="danger") return redirect(url_for('users.login')) cryptedpwd = User.cryptpassword(password=form.newpasswordtwo.data) user.password_hash = cryptedpwd db.session.add(user) db.session.commit() flash('Your password has been updated! Please login with it.', category="success") return redirect(url_for('users.login')) return render_template('users/newpassword.html', form=form, token=token)
def changepassword(): form = ChangePasswordForm() user = db.session \ .query(User) \ .filter_by(id=current_user.id) \ .first() if request.method == 'POST': if form.validate_on_submit(): if User.decryptpassword(pwdhash=user.password_hash, password=form.currentpassword.data): cryptedpwd = User.cryptpassword( password=form.newpasswordtwo.data) user.password_hash = cryptedpwd db.session.add(user) db.session.commit() flash('Password has been changed', category="success") return redirect(url_for('users.account')) else: flash('Bad Password', category="danger") return redirect((request.args.get('next', request.referrer))) else: flash(form.errors, category="danger") return redirect(url_for('users.account')) return render_template('users/account/changepassword.html', form=form)
def setpin(): form = NewPinForm() user = db.session \ .query(User) \ .filter_by(id=current_user.id) \ .first() if user.wallet_pin != '0': return redirect((request.args.get('next', request.referrer))) if request.method == 'POST': if form.validate_on_submit(): if user.wallet_pin == '0': cryptedpwd = User.cryptpassword(password=form.newpin2.data) user.wallet_pin = cryptedpwd db.session.add(user) db.session.commit() flash('Pin has been changed', category="success") return redirect( url_for('wallet_btc.home', user_name=current_user.user_name)) else: flash('Invalid Pin', category="danger") return redirect((request.args.get('next', request.referrer))) else: flash('Invalid Form Entry', category="danger") return redirect((request.args.get('next', request.referrer))) return render_template('users/account/setpin.html', form=form)
def changepin(): form = ChangePinForm() if request.method == 'POST': user = db.session \ .query(User) \ .filter_by(id=current_user.id) \ .first() if form.validate_on_submit(): if User.decryptpassword(pwdhash=user.wallet_pin, password=form.currentpin.data): cryptedpwd = User.cryptpassword(password=form.newpin2.data) user.wallet_pin = cryptedpwd db.session.add(user) db.session.commit() flash('Pin has been added.', category="success") else: flash('Invalid Pin', category="danger") return redirect((request.args.get('next', request.referrer))) else: flash('Invalid Form Entry', category="danger") return redirect((request.args.get('next', request.referrer))) return render_template('users/account/changepin.html', form=form)
def reset_walletpin_token(token): form = LostPinForm() try: password_reset_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY']) email = password_reset_serializer.loads(token, salt='password-reset-salt', max_age=3600) except: flash('The pin reset link is invalid or has expired. ' 'Request another email through lost pin.', category="danger") return redirect(url_for('users.login')) if request.method == 'POST': if form.validate_on_submit(): try: user = User.query.filter_by(email=email).first() except: flash('Invalid email address!', category="danger") return redirect(url_for('users.reset_walletpin_token', token=token)) cryptedpwd = User.cryptpassword(password=form.pintwo.data) user.wallet_pin = cryptedpwd db.session.add(user) db.session.commit() flash('Your pin has been updated!', category="success") return redirect(url_for('index')) else: flash('Invalid form. Pin must be 6 digits and match!', category="danger") return redirect(url_for('users.reset_walletpin_token', token=token)) return render_template('users/lostpinsubmit.html', form=form, token=token)
def register(): form = RegistrationForm() if request.method == 'POST': if form.validate_on_submit(): try: theanonid = random_user_name_anon() now = datetime.utcnow() cryptedpwd = User.cryptpassword(password=form.password.data) # add user to db newuser = User(user_name=form.user_name.data, email=form.email.data, password_hash=cryptedpwd, wallet_pin='0', profileimage='', bannerimage='', member_since=now, admin=0, admin_role=0, bio='', last_seen=now, locked=0, fails=0, confirmed=0, anon_id=theanonid, anon_mode=0, over_age=0, agree_to_tos=True, banned=0, color_theme=3, post_style=1) db.session.add(newuser) db.session.commit() # profile info userbio = UserPublicInfo(user_id=newuser.id, bio='', short_bio='') stats_for_bch = UserStatsBCH( user_name=newuser.user_name, user_id=newuser.id, # given to posters/commenters total_donated_to_postcomments_bch=0, total_donated_to_postcomments_usd=0, # recieved from posting total_recievedfromposts_bch=0, total_recievedfromposts_usd=0, # recieved from comments total_recievedfromcomments_bch=0, total_recievedfromcomments_usd=0, # given to charities total_donated_to_cause_bch=0, total_donated_to_cause_usd=0, ) stats_for_user = UserStats(user_name=newuser.user_name, user_id=newuser.id, post_upvotes=0, post_downvotes=0, comment_upvotes=0, comment_downvotes=0, total_posts=0, total_comments=0, user_level=1, user_exp=0, user_width_next_level='0') users_timers = UserTimers(user_name=newuser.user_name, user_id=newuser.id, account_created=now, last_post=now, last_common_creation=now, last_comment=now, last_report=now) # add to db db.session.add(userbio) db.session.add(users_timers) db.session.add(stats_for_user) db.session.add(stats_for_bch) # commit db.session.commit() # make a user a directory getusernodelocation = userimagelocation(x=newuser.id) userfolderlocation = os.path.join(UPLOADED_FILES_DEST, current_disk, 'user', getusernodelocation, str(newuser.id)) mkdir_p(path=userfolderlocation) # login new user try: # bitcoin cash bch_create_wallet(user_id=newuser.id) except: pass login_user(newuser) current_user.is_authenticated() current_user.is_active() flash( "Successfully Registered." " If you want to access your wallet," " you will need to confirm your email. If you used an invalid email," " you can change this in account settings.", category="success") return redirect(url_for('welcome')) except Exception as e: return redirect((request.args.get('next', request.referrer))) else: for errors in form.user_name.errors: flash(errors, category="danger") for errors in form.password.errors: flash(errors, category="danger") for errors in form.passwordtwo.errors: flash(errors, category="danger") for errors in form.passwordtwo.errors: flash(errors, category="danger") return redirect((request.args.get('next', request.referrer))) return render_template('users/register.html', form=form)