def homepage_create_user():
if request.method == "POST":
if EMAIL_REGEX.match(request.form['email_address']) is None:
error = "Invalid e-mail address."
return render_template("create_user.jinja2", error_msg=error)
if len(request.form['passwd']) < 8:
error = "Passwords must consist of at least 8 characters."
return render_template("create_user.jinja2", error_msg=error)
if request.form["passwd"] == request.form["passwd_repeat"]:
ip_addr = request.access_route[-1]
user_passwd = request.form["passwd"]
full_name = request.form["full_name"]
db = Database()
result = db.create_user(full_name,
request.form['email_address'],
user_passwd,
ip_addr)
if result:
if result[0] == -1:
error = "User with this e-mail address already exists."
return render_template("create_user.jinja2", error_msg=error)
session_id = result[1]
# log event
create_user_event = events.Event("Users Create User",
db,
logger=current_app.logger)
metadata = {"ip_addr": ip_addr, "created_by": "self"}
create_user_event.log_event(result[0], json.dumps(metadata))
user_ctx = users.UserContext(result[0], db=db, logger=current_app.logger)
# default permissions
user_ctx.add_permission("onboard-users")
user_ctx.add_permission("launch-ico")
user_ctx.add_permission("ethereum-network")
db.update_user_permissions(result[0], user_ctx.acl())
config_stream = open("config.json", "r")
config_data = json.load(config_stream)
config_stream.close()
if config_data["new_user_tokens"] > 0:
cr = Credits(result[0], db, current_app.logger)
cr.issue_credits(config_data["new_user_tokens"],
{"ip_addr": ip_addr, "reason": "New User Bonus"})
return redirect(url_for("admin.admin_main", session_token=session_id))
else:
error = "Passwords did not match."
return render_template("create_user.jinja2", error_msg=error)
return render_template("create_user.jinja2")
def admin_confirm():
session_token = request.form["session_token"]
confirmation_type = request.form["confirmation_type"]
confirmation_val = request.form["confirmation_value"]
choice = request.form["choice"]
if confirmation_type == "recover_email":
if choice == "Send E-mail":
email_address = request.form['email_address']
mailer = Mailer(email_address, request.access_route[-1], current_app.logger)
mailer.recover_password()
return render_template("admin/admin_login.jinja2", error="""
If the e-mail address is in the database, instructions have been sent on how to recover
your password. Please check your spam/junk mail folder.
""")
return redirect(url_for('homepage'))
elif confirmation_type == "no_erc20_tokens":
return redirect(url_for('admin.admin_tokens', session_token=session_token))
elif confirmation_type == "erc20_publish" and choice == "Cancel":
return redirect(url_for('admin.admin_tokens', session_token=session_token))
elif confirmation_type == "create_erc20_failed" and choice == "OK":
return redirect(url_for('admin.admin_tokens', session_token=session_token))
elif confirmation_type == "onboarded_new_user":
if choice == "Administration":
return redirect(url_for('admin.admin_main', session_token=session_token))
else:
return redirect(url_for('admin.create_user', session_token=session_token))
elif confirmation_type == "reset-password":
if choice == "Cancel":
return redirect(url_for("admin.view_users", session_token=session_token, limit=PAGE_LIMIT, offset=0))
elif confirmation_type == "acl_updated":
if choice == "OK":
return redirect(url_for("admin.view_users", session_token=session_token, limit=PAGE_LIMIT, offset=0))
db = database.Database(logger=current_app.logger)
user_id = db.validate_session(session_token)
if user_id:
user_ctx = UserContext(user_id, db, current_app.logger)
if confirmation_type == "erc20_publish":
token_id = int(confirmation_val)
sc = SmartContract(smart_token_id=token_id)
credits = Credits(user_id, db, logger=current_app.logger)
if sc.smart_contract_id > 0:
event_data = {"token_name": sc.token_name,
"token_symbol": sc.token_symbol,
"token_count": sc.tokens,
"token_id": sc.smart_contract_id,
"ip_address": request.access_route[-1]}
if user_ctx.check_acl("launch-ico"):
credits_balance = credits.get_credit_balance()
if credits_balance >= credits.erc20_publish_price:
new_event = Event("ERC20 Token Mined", db, logger=current_app.logger)
event_id = new_event.log_event(user_id, event_data)
event_data["event_id"] = event_id
credits.debit(credits.erc20_publish_price, event_data)
command_id = db.post_command(json.dumps({"erc20_function":"publish",
"token_name":sc.token_name,
"token_symbol":sc.token_symbol,
"token_count":sc.tokens,
"token_id":sc.smart_contract_id}), 100)
if command_id:
return redirect(url_for("admin.admin_tokens", session_token=session_token))
else:
abort(500)
else:
credits.logger.error("Insufficient credits for ERC20 Publish: "
+ user_ctx.user_info["email_address"])
abort(403)
elif confirmation_type == "reset-password":
user_id = int(confirmation_val)
if request.form["password"] != request.form["repeat_password"]:
return render_template("admin/admin_confirmation.jinja2",
confirmation_type="reset-password",
confirmation_value=user_id,
title="Reset Password",
confirmation_title="Reset Password",
confirmation_message="Passwords must match both times.",
new_password=True,
choices=["Cancel"],
default_choice="Reset Password",
session_token=session_token)
if db.reset_password(int(confirmation_val), request.form["password"]):
return redirect(url_for("admin.view_users", session_token=session_token, limit=PAGE_LIMIT, offset=0))
elif confirmation_type == "issue-credits":
if choice == "Issue Credits" and user_ctx.check_acl("issue-credits"):
user_credits = Credits(confirmation_val, db, current_app.logger)
amount = int(request.form["credits"])
# max issued credits 10,000
if 0 < amount < 100000:
user_credits.issue_credits(amount, {"ip_addr": request.access_route[-1], "admin": user_id})
return redirect(
url_for("admin.view_users", session_token=session_token, limit=PAGE_LIMIT, offset=0))
else:
raise ValueError
abort(403)