def add_credit_card():
title = 'Add Credit Card'
encryption_key = session['encryption_key']
form = NewCreditCardForm()
if form.validate_on_submit():
name = form.name.data
if not name:
name = '(unnamed)'
name = encrypt(encryption_key, name)
number = encrypt(encryption_key, form.number.data)
expiration_date = encrypt(encryption_key, form.expiration_date.data)
cvv = encrypt(encryption_key, form.cvv.data)
cardholder_name = encrypt(encryption_key, form.cardholder_name.data)
user = current_user
entry = CreditCard(name=name,
number=number,
expiration_date=expiration_date,
cvv=cvv,
cardholder_name=cardholder_name,
user=user)
db.session.add(entry)
db.session.commit()
flash('Credit Card has been saved.', 'success')
return redirect(url_for('user_data.access_credit_cards'))
return render_template('user_data/credit_cards/edit_credit_card.html',
title=title,
form=form)
def encrypt_credit_card(encryption_key, entry):
entry.name = encrypt(encryption_key, entry.name)
entry.number = encrypt(encryption_key, entry.number)
entry.expiration_date = encrypt(encryption_key, entry.expiration_date)
entry.cvv = encrypt(encryption_key, entry.cvv)
entry.cardholder_name = encrypt(encryption_key, entry.cardholder_name)
return entry
def account_settings():
title = 'Account Settings'
# Check if 2fa is enabled for current user
if current_user.otp_secret is None:
tfa = False
else:
tfa = True
form = UpdateAccountForm()
if form.validate_on_submit():
if bcrypt.check_password_hash(current_user.password.encode(), form.current_password.data):
if form.email.data != current_user.email:
current_user.email = form.email.data
current_user.activated = False
send_activation_email(current_user)
flash('Email address has been changed. Please check your email for the verification link.', 'success')
if form.new_password.data:
current_user.password = bcrypt.generate_password_hash(form.new_password.data)
current_user.master_key = encrypt(get_key(form.new_password.data), session['master_key'])
flash('Password has been updated.', 'success')
db.session.commit()
return redirect(url_for('account.account_settings'))
elif request.method == 'GET':
form.email.data = current_user.email
return render_template('account/account_settings.html', title=title, form=form, tfa=tfa)
def register():
title = 'Create an account'
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
email = form.email.data.lower()
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
master_key = generate_pswrd(length=32, special=False)
encrypted_master_key = encrypt(get_key(form.password.data), master_key)
user = User(email=email, password=hashed_password, master_key=encrypted_master_key)
try:
send_activation_email(user)
flash('Account created! Verification link has been sent to your email.', 'success')
except SMTPRecipientsRefused:
flash('Entered email address is invalid!', 'danger')
return redirect(url_for('account.register'))
except:
user.activated = True
flash('Account created! You can now log in.', 'success')
db.session.add(user)
db.session.commit()
return redirect(url_for('account.login'))
return render_template('account/register.html', title=title, form=form)
def add_secure_note():
title = 'Add Secure Note'
encryption_key = session['encryption_key']
form = NewSecureNoteForm()
if form.validate_on_submit():
name = form.name.data
if not name:
name = '(unnamed)'
name = encrypt(encryption_key, name)
content = encrypt(encryption_key, form.content.data)
user = current_user
entry = SecureNote(name=name, content=content, user=user)
db.session.add(entry)
db.session.commit()
flash('Secure Note has been saved.', 'success')
return redirect(url_for('user_data.access_secure_notes'))
return render_template('user_data/secure_notes/edit_secure_note.html',
title=title,
form=form)
def reset_token(token):
title = 'Reset Password'
if current_user.is_authenticated:
return redirect(url_for('main.index'))
user = User.verify_reset_token(token)
if not user:
flash('Invalid or expired token.', 'danger')
return redirect(url_for('account.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
if bcrypt.check_password_hash(user.password.encode(), form.password.data):
flash('The password you entered is already set.', 'danger')
return redirect(url_for('account.reset_token', token=token))
file_contents = ''
if form.master_key_file.data:
file_contents = form.master_key_file.data.stream.readline().decode('utf-8')
if not form.master_key.data and not file_contents and form.lost_master_key.data:
wipe_user_data(user)
master_key = generate_pswrd(length=32, special=False)
user.master_key = encrypt(get_key(form.password.data), master_key)
flash('User data has been permanently erased! Master key has been reset.', 'warning')
elif not check_master_key(form.master_key.data, user) and not check_master_key(file_contents, user):
flash('Master key invalid or not provided!', 'danger')
return redirect(url_for('account.reset_token', token=token))
else:
user.master_key = encrypt(get_key(form.password.data), form.master_key.data)
user.password = bcrypt.generate_password_hash(form.password.data)
db.session.commit()
flash('Password has been updated.', 'success')
return redirect(url_for('account.login'))
return render_template('account/password_reset_token.html', title=title, form=form)
def change_master_key():
title = 'Get a New Master Key'
form = ChangeMasterKeyForm()
if form.validate_on_submit():
if bcrypt.check_password_hash(current_user.password.encode(), form.password.data):
current_user.master_key = encrypt(get_key(form.password.data), form.master_key.data)
old_encryption_key = session['encryption_key']
new_encryption_key = get_key(form.master_key.data)
reencrypt_user_data(current_user, old_encryption_key, new_encryption_key)
db.session.commit()
session['master_key'] = form.master_key.data
session['encryption_key'] = new_encryption_key
flash('Master key has been changed. Don\'t forget to save it in a secure place!', 'success')
return redirect(url_for('account.account_settings'))
else:
flash('The password you entered is incorrect.', 'danger')
return redirect(url_for('account.change_master_key'))
elif request.method == 'GET':
form.master_key.data = generate_pswrd(length=32, special=False)
return render_template('account/change_master_key.html', title=title, form=form)
def encrypt_secure_note(encryption_key, entry):
entry.name = encrypt(encryption_key, entry.name)
entry.content = encrypt(encryption_key, entry.content)
return entry
def encrypt_password(encryption_key, entry):
entry.name = encrypt(encryption_key, entry.name)
entry.site = encrypt(encryption_key, entry.site)
entry.username = encrypt(encryption_key, entry.username)
entry.password = encrypt(encryption_key, entry.password)
return entry