def app_remove(id=None): if not get_login(): return requires_login() if id is None: return redirect(url_for('app_manage')) app = pysql().where('id', id).get('apps') if len(app) != 1: return redirect(url_for('app_manage')) if request.method == "POST": if not csrf_match(): return csrf_bail('app_manage') if not pysql().where('id', id).delete('apps'): logger.error("Unable to delete app", id) flash("Unable to delete app. Please try again.", 'error') return redirect(url_for('app_manage')) licenses = pysql().where('app', id).get('licenses') if len(licenses) > 0 and not pysql().where('app', id).delete('licenses'): logger.error("Unable to delete licenses for app", id) flash("Unable to delete licenses for app.", 'warning') logger.info("Successfully deleted app", id) flash("Successfully deleted app.", 'success') return redirect(url_for('app_manage')) app = app[0] # Grab the dict. app['users'] = len(pysql().where('app', app['id']).get('licenses')) extra = { "login": get_username(), "app": Struct(**app), "id": id, "csrf": csrf_make() } return render_template('apps.remove.html', **extra)
def key_remove(id=None): if not get_login(): return requires_login() if id is None: return redirect(url_for('key_manage')) key = pysql().where('id', id).get('licenses') if len(key) != 1: return redirect(url_for('key_manage')) if request.method == "POST": if not csrf_match(): return csrf_bail('key_manage') if not pysql().where('id', id).delete('licenses'): logger.error("Unable to delete license", id) flash("Unable to delete license. Please try again.", 'error') return redirect(url_for('key_manage')) logger.info("Successfully deleted license", id) flash("Successfully deleted license.", 'success') return redirect(url_for('key_manage')) key = key[0] # Grab the dict. key['app'] = pysql().where('id', key['app']).get('apps')[0]['name'] key['disabled'] = "Yes" if key['disabled'] == 1 else "No" key['expires'] = util.expires_str(key['expires']) extra = { "login": get_username(), "key": Struct(**key), "id": id, "csrf": csrf_make() } return render_template('keys.remove.html', **extra)
def app_manage(): if not get_login(): return requires_login() apps_ = pysql().get('apps') apps = [] for app in apps_: app['users'] = len(pysql().where('app', app['id']).get('licenses')) apps.append(Struct(**app)) return render_template('apps.manage.html', login=get_username(), apps=apps)
def api_validate(): if not zk.get_login() and not zk.get_http_login(): resp = jsonify({"error": "Not authenticated", "error-num": 1}) resp.status_code = 401 return resp if zk.get_http_login(): pass_ = hash_pass(request.authorization.username, request.authorization.password) users = pysql().where('login', request.authorization.username.lower()).where('password', pass_).get('users') if len(users) != 1: resp = jsonify({"error": "Authication invalid", "error-num": 2}) resp.status_code = 401 return resp return None
def key_manage(): if not get_login(): return requires_login() keys_ = pysql().get('licenses') keys = [] for key in keys_: app = pysql().where('id', key['app']).get('apps') if len(app) != 1: continue key['app_str'] = app[0]['name'] expired = True if key['expires'] == -1 else False key['expires'] = util.expires_str(key['expires'], key['id'], expired) keys.append(Struct(**key)) return render_template('keys.manage.html', login=get_username(), keys=keys)
def app_add(): if not get_login(): return requires_login() if request.method == "POST": for le_part in ('le-name', 'le-language', 'le-active', 'le-submit'): if le_part not in request.form: return redirect(url_for('app_add')) if not csrf_match(): return csrf_bail('app_add') import re le_name = request.form['le-name'][:64] if not re.match(r'^[a-zA-Z0-9_\-]+$', le_name): flash("Sorry, app names can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('app_add')) le_language = request.form['le-language'][:32] if le_language == "Other": le_language = request.form['le-other-language'][:32] # If they specify Other, grab le-other-language. if not re.match(r'^[a-zA-Z0-9_\-#+\.]+$', le_language): flash("Sorry, languages can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('app_add')) le_active = 1 if request.form['le-active'] == "yes" else 0 import time data = { "name": le_name, "language": le_language, "active": le_active, "version": int(time.time()) } pysql_ = pysql() if not pysql_.insert('apps', data): logger.error("Unable to create new app.") flash("Something went wrong. Please try again.", 'error') return redirect(url_for('app_add')) flash('You just created this app. You can edit it here.', 'success') return redirect(url_for('app_edit', id=pysql_._cursor.lastrowid)) else: return render_template('apps.add.html', login=get_username(), languages=get_languages(), csrf=csrf_make())
def app_edit(id=None): if not get_login(): return requires_login() if id is None: return redirect(url_for('app_manage')) app = pysql().where('id', id).get('apps') if len(app) != 1: return redirect(url_for('app_manage')) def flash_wrong(id, error=""): if error != "": error = "({0})".format(error) # Simple temp def to flash an error and redirect. logger.error("Something went wrong updating app", id, error) flash("Something went wrong.", 'warning') return redirect(url_for('app_edit', id=id)) if request.method == "POST": if 'le-type' not in request.form or 'le-submit' not in request.form: return flash_wrong(id, error="Missing type or submit form field. ({0})".format(type_)) if not csrf_match(): return csrf_bail('app_edit', id=id) type_ = request.form['le-type'] if type_ not in ('name', 'language', 'active', 'version'): return flash_wrong(id, error="Invalid type. ({0})".format(type_)) if type_ == "name": if 'le-name' not in request.form: return flash_wrong(id, error="Missing name field ({0})".format(type_)) name = request.form['le-name'][:64] # Trim if needed. if not re.match(r'^[a-zA-Z0-9_\-]+$', le_name): flash("Sorry, app names can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('app_edit', id=id)) if not pysql().where('id', id).update('apps', {"name": name}): return flash_wrong(id, error="Unable to update app. ({0})".format(type_)) app = pysql().where('id', id).get('apps') flash("Successfully updated app name.", 'success') elif type_ == "language": if 'le-language' not in request.form or 'le-other-language' not in request.form: return flash_wrong(id, error="Missing language field. ({0})".format(type_)) language = request.form['le-language'][:32] if language == "Other": language = request.form['le-other-language'][:32] # Trim if needed. if not re.match(r'^[a-zA-Z0-9_\-#+\.]+$', language): flash("Sorry, languages can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('app_edit', id=id)) if not pysql().where('id', id).update('apps', {"language": language}): return flash_wrong(id, error="Unable to update app. ({0})".format(type_)) app = pysql().where('id', id).get('apps') flash("Successfully updated app language.", 'success') elif type_ == "active": if 'le-active' not in request.form: return flash_wrong(id, error="Missing active field. ({0})".format(type_)) active = 1 if request.form['le-active'] == "yes" else 0 if not pysql().where('id', id).update('apps', {"active": active}): return flash_wrong(id, error="Unable to update app. ({0})".format(type_)) app = pysql().where('id', id).get('apps') flash("Successfully updated app activity.", 'success') elif type_ == "version": import time # Versions are simply a UNIX epoch timestamp. # This allows checking if your version is ahead, behind, up-to-date, etc. if not pysql().where('id', id).update('apps', {"version": int(time.time())}): return flash_wrong(id) app = pysql().where('id', id).get('apps') flash("Successfully pushed app update.", 'success') logger.info("Successfully updated app", id) app = app[0] # Grab the dict. extra = { "login": get_username(), "app": Struct(**app), "id": id, "languages": get_languages(), "def_language": app['language'] in get_languages(), "csrf": csrf_make() } return render_template('apps.edit.html', **extra)
def key_add(): if not get_login(): return requires_login() if request.method == "POST": if not csrf_match(): return csrf_bail('key_add') for le_part in ('le-app', 'le-user', 'le-needs-hwid', 'le-active', 'le-expires', 'le-expires-select', 'le-expires-years', 'le-expires-months', 'le-expires-weeks', 'le-expires-days', 'le-expires-hours', 'le-aban', 'le-submit', 'le-license-style', 'le-email'): if le_part not in request.form: return redirect(url_for('key_add')) le_app = request.form['le-app'] try: le_app = int(le_app) except ValueError as e: return redirect(url_for('key_add')) app = pysql().where('id', le_app).get('apps') if len(app) != 1: return redirect(url_for('key_add')) le_user = request.form['le-user'] if not re.match('^[a-zA-Z0-9_\-]+$', le_user): flash("Sorry, usernames can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('key_add', id=id)) le_email = request.form['le-email'] if len(le_email) > 0 and not re.match(r'''^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$''', le_email): flash("Sorry, that email isn't valid.", 'error') return redirect(url_for('key_add', id=id)) le_needs_hwid = 1 if request.form['le-needs-hwid'] == "yes" else 0 le_disabled = 0 if request.form['le-active'] == "yes" else 1 le_expires = 0 if request.form['le-expires-select'] == "yes": exp_str = '{0}y{1}m{2}w{3}d{4}h'.format( request.form['le-expires-years'], request.form['le-expires-months'], request.form['le-expires-weeks'], request.form['le-expires-days'], request.form['le-expires-hours'] ) le_expires = util.timestamp_from_str(exp_str) le_aban = 1 if request.form['le-aban'] == "yes" else 0 key = util.key_from_style(request.form['le-license-style'], app=app[0]['name']) data = { "app": le_app, "user": le_user, "email": le_email, "key": key, "needs_hwid": le_needs_hwid, "hwid": "", "disabled": le_disabled, "expires": le_expires, "aban": le_aban, } pysql_ = pysql() if not pysql_.insert('licenses', data): logger.error("Unable to add new key.") flash("Something went wrong. Please try again.", 'error') return redirect(url_for('key_add')) flash('You just created this key. You can edit it here.', 'success') key_id = pysql_._cursor.lastrowid logger.info("Successfully created license", key_id) return redirect(url_for('key_edit', id=key_id)) else: apps = [] for app_ in pysql().get('apps'): app = { "id": app_['id'], "name": app_['name'] } apps.append(Struct(**app)) return render_template('keys.add.html', login=get_username(), apps=apps, csrf=csrf_make())
def key_edit(id=None): if not get_login(): return requires_login() if id is None: return redirect(url_for('key_manage')) key = pysql().where('id', id).get('licenses') if len(key) != 1: return redirect(url_for('key_manage')) def flash_wrong(id): # Simple temp def to flash an error and redirect. logger.error("Something went wrong updating license", id) flash("Something went wrong.", 'warning') return redirect(url_for('key_edit', id=id)) if request.method == "POST": if 'le-type' not in request.form or 'le-submit' not in request.form: return flash_wrong(id) if not csrf_match(): return csrf_bail('key_edit', id=id) type_ = request.form['le-type'] if type_ not in ('app', 'name', 'email', 'license', 'needs-hwid', 'hwid', 'disabled', 'expires'): return flash_wrong(id) if type_ == "app": if 'le-app' not in request.form: return flash_wrong(id) app_id = request.form['le-app'] app = pysql().where('id', app_id).get('apps') if len(app) != 1: return flash_wrong(id) app = app[0] if not pysql().where('id', id).update('licenses', {"app": app['id']}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully updated associated app.", 'success') elif type_ == "name": if 'le-name' not in request.form: return flash_wrong(id) name = request.form['le-name'][:64] # Trim if needed. if not re.match('^[a-zA-Z0-9_\-]+$', name): flash("Sorry, usernames can only include alphanumeric characters, dashes and underscores.", 'error') return redirect(url_for('key_edit', id=id)) if not pysql().where('id', id).update('licenses', {"user": name}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully updated license username.", 'success') elif type_ == "email": if 'le-email' not in request.form: return flash_wrong(id) email = request.form['le-email'][:64] # Trim if needed. if len(email) > 0 and not re.match(r'''^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$''', email): flash("Sorry, that email is not valid.", 'error') return redirect(url_for('key_edit', id=id)) if not pysql().where('id', id).update('licenses', {"email": email}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully updated license email.", 'success') elif type_ == "license": license = util.key_from_style() if not pysql().where('id', id).update('licenses', {"key": license}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully regenerated license key.", 'success') elif type_ == "needs-hwid": if 'le-needs-hwid' not in request.form: return flash_wrong(id) needs_hwid = 1 if request.form['le-needs-hwid'] == "yes" else 0 if not pysql().where('id', id).update('licenses', {"needs_hwid": needs_hwid}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully updated license.", 'success') elif type_ == "hwid": if not pysql().where('id', id).update('licenses', {"hwid": ""}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully reset HWID.", 'success') elif type_ == "disabled": if 'le-disabled' not in request.form: return flash_wrong(id) disabled = 1 if request.form['le-disabled'] == "yes" else 0 if not pysql().where('id', id).update('licenses', {"disabled": disabled}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully {} key.".format('disabled' if disabled == 1 else 'enabled'), 'success') elif type_ == "expires": if 'le-expires-select' not in request.form: return flash_wrong(id) le_expires = 0 if request.form['le-expires-select'] == "yes": exp_str = '{0}y{1}m{2}w{3}d{4}h'.format( request.form['le-expires-years'], request.form['le-expires-months'], request.form['le-expires-weeks'], request.form['le-expires-days'], request.form['le-expires-hours'] ) le_expires = util.timestamp_from_str(exp_str) if not pysql().where('id', id).update('licenses', {"expires": le_expires}): return flash_wrong(id) key = pysql().where('id', id).get('licenses') flash("Successfully updated expiration.", 'success') logger.info("Successfully updated license", id) key = key[0] # Grab the dict. apps = [] for app in pysql().get('apps'): app['selected'] = True if app['id'] == key['app'] else False apps.append(Struct(**app)) expires_dict = util.expires_dict(key['expires']) key['expires_'] = Struct(**expires_dict) extra = { "login": get_username(), "key": Struct(**key), "apps": apps, "id": id, "csrf": csrf_make() } return render_template('keys.edit.html', **extra)