def reset_with_token(token):
form = PasswordFormReset()
try:
password_reset_serializer = URLSafeTimedSerializer(
app.config['SECRET_KEY'])
email = password_reset_serializer.loads(token,
salt='password-reset-salt',
max_age=3600)
except:
flash(
'The password reset link is invalid or has expired. Request another email through lost password.',
category="danger")
return redirect(url_for('users.login'))
if request.method == 'POST':
if form.validate_on_submit():
try:
user = db.session \
.query(User) \
.filter_by(email=email) \
.first()
except:
flash('Invalid email address!', category="danger")
return redirect(url_for('users.login'))
cryptedpwd = User.cryptpassword(password=form.newpasswordtwo.data)
user.password_hash = cryptedpwd
db.session.add(user)
db.session.commit()
flash('Your password has been updated! Please login with it.',
category="success")
return redirect(url_for('users.login'))
return render_template('users/newpassword.html', form=form, token=token)
def changepassword():
form = ChangePasswordForm()
user = db.session \
.query(User) \
.filter_by(id=current_user.id) \
.first()
if request.method == 'POST':
if form.validate_on_submit():
if User.decryptpassword(pwdhash=user.password_hash,
password=form.currentpassword.data):
cryptedpwd = User.cryptpassword(
password=form.newpasswordtwo.data)
user.password_hash = cryptedpwd
db.session.add(user)
db.session.commit()
flash('Password has been changed', category="success")
return redirect(url_for('users.account'))
else:
flash('Bad Password', category="danger")
return redirect((request.args.get('next', request.referrer)))
else:
flash(form.errors, category="danger")
return redirect(url_for('users.account'))
return render_template('users/account/changepassword.html', form=form)
def setpin():
form = NewPinForm()
user = db.session \
.query(User) \
.filter_by(id=current_user.id) \
.first()
if user.wallet_pin != '0':
return redirect((request.args.get('next', request.referrer)))
if request.method == 'POST':
if form.validate_on_submit():
if user.wallet_pin == '0':
cryptedpwd = User.cryptpassword(password=form.newpin2.data)
user.wallet_pin = cryptedpwd
db.session.add(user)
db.session.commit()
flash('Pin has been changed', category="success")
return redirect(
url_for('wallet_btc.home',
user_name=current_user.user_name))
else:
flash('Invalid Pin', category="danger")
return redirect((request.args.get('next', request.referrer)))
else:
flash('Invalid Form Entry', category="danger")
return redirect((request.args.get('next', request.referrer)))
return render_template('users/account/setpin.html', form=form)
def changepin():
form = ChangePinForm()
if request.method == 'POST':
user = db.session \
.query(User) \
.filter_by(id=current_user.id) \
.first()
if form.validate_on_submit():
if User.decryptpassword(pwdhash=user.wallet_pin,
password=form.currentpin.data):
cryptedpwd = User.cryptpassword(password=form.newpin2.data)
user.wallet_pin = cryptedpwd
db.session.add(user)
db.session.commit()
flash('Pin has been added.', category="success")
else:
flash('Invalid Pin', category="danger")
return redirect((request.args.get('next', request.referrer)))
else:
flash('Invalid Form Entry', category="danger")
return redirect((request.args.get('next', request.referrer)))
return render_template('users/account/changepin.html', form=form)
def reset_walletpin_token(token):
form = LostPinForm()
try:
password_reset_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
email = password_reset_serializer.loads(token, salt='password-reset-salt', max_age=3600)
except:
flash('The pin reset link is invalid or has expired. '
'Request another email through lost pin.', category="danger")
return redirect(url_for('users.login'))
if request.method == 'POST':
if form.validate_on_submit():
try:
user = User.query.filter_by(email=email).first()
except:
flash('Invalid email address!', category="danger")
return redirect(url_for('users.reset_walletpin_token', token=token))
cryptedpwd = User.cryptpassword(password=form.pintwo.data)
user.wallet_pin = cryptedpwd
db.session.add(user)
db.session.commit()
flash('Your pin has been updated!', category="success")
return redirect(url_for('index'))
else:
flash('Invalid form. Pin must be 6 digits and match!', category="danger")
return redirect(url_for('users.reset_walletpin_token', token=token))
return render_template('users/lostpinsubmit.html',
form=form,
token=token)
def register():
form = RegistrationForm()
if request.method == 'POST':
if form.validate_on_submit():
try:
theanonid = random_user_name_anon()
now = datetime.utcnow()
cryptedpwd = User.cryptpassword(password=form.password.data)
# add user to db
newuser = User(user_name=form.user_name.data,
email=form.email.data,
password_hash=cryptedpwd,
wallet_pin='0',
profileimage='',
bannerimage='',
member_since=now,
admin=0,
admin_role=0,
bio='',
last_seen=now,
locked=0,
fails=0,
confirmed=0,
anon_id=theanonid,
anon_mode=0,
over_age=0,
agree_to_tos=True,
banned=0,
color_theme=3,
post_style=1)
db.session.add(newuser)
db.session.commit()
# profile info
userbio = UserPublicInfo(user_id=newuser.id,
bio='',
short_bio='')
stats_for_bch = UserStatsBCH(
user_name=newuser.user_name,
user_id=newuser.id,
# given to posters/commenters
total_donated_to_postcomments_bch=0,
total_donated_to_postcomments_usd=0,
# recieved from posting
total_recievedfromposts_bch=0,
total_recievedfromposts_usd=0,
# recieved from comments
total_recievedfromcomments_bch=0,
total_recievedfromcomments_usd=0,
# given to charities
total_donated_to_cause_bch=0,
total_donated_to_cause_usd=0,
)
stats_for_user = UserStats(user_name=newuser.user_name,
user_id=newuser.id,
post_upvotes=0,
post_downvotes=0,
comment_upvotes=0,
comment_downvotes=0,
total_posts=0,
total_comments=0,
user_level=1,
user_exp=0,
user_width_next_level='0')
users_timers = UserTimers(user_name=newuser.user_name,
user_id=newuser.id,
account_created=now,
last_post=now,
last_common_creation=now,
last_comment=now,
last_report=now)
# add to db
db.session.add(userbio)
db.session.add(users_timers)
db.session.add(stats_for_user)
db.session.add(stats_for_bch)
# commit
db.session.commit()
# make a user a directory
getusernodelocation = userimagelocation(x=newuser.id)
userfolderlocation = os.path.join(UPLOADED_FILES_DEST,
current_disk, 'user',
getusernodelocation,
str(newuser.id))
mkdir_p(path=userfolderlocation)
# login new user
try:
# bitcoin cash
bch_create_wallet(user_id=newuser.id)
except:
pass
login_user(newuser)
current_user.is_authenticated()
current_user.is_active()
flash(
"Successfully Registered."
" If you want to access your wallet,"
" you will need to confirm your email. If you used an invalid email,"
" you can change this in account settings.",
category="success")
return redirect(url_for('welcome'))
except Exception as e:
return redirect((request.args.get('next', request.referrer)))
else:
for errors in form.user_name.errors:
flash(errors, category="danger")
for errors in form.password.errors:
flash(errors, category="danger")
for errors in form.passwordtwo.errors:
flash(errors, category="danger")
for errors in form.passwordtwo.errors:
flash(errors, category="danger")
return redirect((request.args.get('next', request.referrer)))
return render_template('users/register.html', form=form)