def createAccount():
if request.method == "POST":
# info needed in account table
username = request.form.get('username')
password = request.form.get('reg-password')
accountType = request.form.get('reg-accountType')
# info needed in profile tables
firstName = request.form.get('reg-fn')
lastName = request.form.get('reg-ln')
gender = request.form.get('reg-gender')
birthdate = request.form.get('reg-birthdate')
#info needed in contact tables
email = request.form.get('email')
phoneNumber = request.form.get('phoneNumber')
# initialize account,profile , and contacts for a user
userAccount = accounts.account(username, password, accountType)
userID = userAccount.addAccount()
userProfile = profiles.profile(userID, firstName, lastName, birthdate,
gender)
userProfile.addProfile()
userContact = contacts.contact(userID, email, phoneNumber)
userContact.addContacts()
# if account type is owner add boarding house
if accountType == "O":
boardingHousesName = firstName + "'s " + "Boarding House"
boardingHouse = boardingHouses.boardingHouse(
userID, boardingHousesName)
boardingHouse.addBoardingHouse()
verification = accounts.account()
verificationResult = verification.login(username, password)
if verificationResult == "Invalid login credentials":
return redirect(
url_for('signin',
usernameInput=username,
passwordInput=password))
else:
session['accountInfo'] = verificationResult
flash("Welcome! You've successfuly created an account", 'success')
return redirect(
url_for('dashboard', accountInfo=session['accountInfo']))
def managePayment():
sessionChecker = loginRequired()
if sessionChecker == True:
bh = boardingHouses.boardingHouse()
bh = bh.searchBoardingHouse(session['accountInfo'][0])
bhID = bh[0]
session['bhID'] = bhID
paymentRecord = payments.payment()
paymentRecord = paymentRecord.paymentToBh(bhID)
accs = accounts.account()
accs = accs.searchAllAccounts()
ownedUnits = units.unit()
ownedUnits = ownedUnits.searchOwnedUnits(bhID)
renterUsernameAndID = []
for payment in paymentRecord:
if (payment[1], payment[5]) not in renterUsernameAndID:
renterUsernameAndID.append((payment[1], payment[5]))
return render_template('ownermanagepayments.html',
renterUsernameAndID=renterUsernameAndID,
paymentRecord=paymentRecord,
accs=accs,
ownedUnits=ownedUnits,
accountInfo=session['accountInfo'],
bhID=session['bhID'])
else:
return redirect(url_for("signin"))
def updateProfileAndContact():
sessionChecker = loginRequired()
if sessionChecker == True:
if request.method == 'POST':
firstName = request.form.get('firstName')
lastName = request.form.get('lastName')
gender = request.form.get('gender')
birthDate = request.form.get('birthDate')
phoneNo = request.form.get('phoneNo')
email = request.form.get('email')
profile = profiles.profile()
profile.updateProfile(session['accountInfo'][0], firstName,
lastName, gender, birthDate)
contact = contacts.contact()
contact.updateContact(session['accountInfo'][0], phoneNo, email)
account = accounts.account()
username = session['accountInfo'][1]
password = session['accountInfo'][2]
session.clear()
accountInfo = account.login(username, password)
session['accountInfo'] = accountInfo
description = "{} update its account info".format(
session['accountInfo'][1])
log = logs.log(description)
log.addLogs()
msg = flash(
"Well Done! You've successfully updated your profile information.",
"success")
return redirect(url_for('accountInfo', msg=msg))
else:
return redirect(url_for("signin"))
def login():
if request.method == "POST":
#get username/email and password
usernameOrEmail = request.form.get('usernameOrEmail')
password = request.form.get('password')
verification = accounts.account()
verificationResult = verification.login(usernameOrEmail, password)
if verificationResult == "Invalid login credentials":
return render_template('signin.html',
usernameOrEmail=usernameOrEmail,
password=password)
elif verificationResult == None:
return redirect(url_for('signin'))
else:
contact = contacts.contact()
check2FA = contact.check2FA(verificationResult[0])
if check2FA == "N":
session['accountInfo'] = verificationResult
description = "{} signed in".format(session['accountInfo'][1])
log = logs.log(description)
log.addLogs()
flash("Welcome! You've successfully login.", "success")
return redirect(url_for('dashboard'))
else:
session['allowForceLogin'] = 1
session['forceLoginInfo'] = verificationResult
return render_template('otpways.html',
accountInfo=verificationResult)
else:
return redirect(url_for('signin'))
def adminListOfUsers():
if 'adminLogin' in session:
trusted_proxies_and_IP = ['127.0.0.1']
if request.remote_addr not in trusted_proxies_and_IP:
abort(403) # Forbidden
else:
myListOfUsers = accounts.account()
myListOfUsers = myListOfUsers.searchAllAccountsForAdmin()
return render_template("adminlistofusers.html",
myListOfUsers=myListOfUsers)
else:
return render_template('errorpage.html')
def verifyPhoneNumber():
sessionChecker = loginRequired()
if sessionChecker == True:
phoneNumber = contacts.contact()
phoneNumber.verifyPhoneNumber(session["accountInfo"][0])
username = session["accountInfo"][1]
password = session["accountInfo"][2]
verification = accounts.account()
verificationResult = verification.login(username, password)
session['accountInfo'] = verificationResult
if session['accountInfo'][3] == "R":
return redirect(url_for('renterPrivacy'))
else:
return redirect(url_for('ownerPrivacy'))
return redirect(url_for("signin"))
def unbindVerifyEmail():
sessionChecker = loginRequired()
if sessionChecker == True:
email = contacts.contact()
email.unbindEmail(session['accountInfo'][8])
username = session["accountInfo"][1]
password = session["accountInfo"][2]
verification = accounts.account()
verificationResult = verification.login(username, password)
session['accountInfo'] = verificationResult
if session['accountInfo'][3] == "R":
return redirect(url_for('renterPrivacy'))
else:
return redirect(url_for('ownerPrivacy'))
else:
return redirect(url_for("signin"))
def changePasswordForce(contact):
if request.method == "POST":
password = request.form.get("newPassword")
checkContact = contacts.contact()
checkContact = checkContact.checkIfExist(contact, contact)
account = accounts.account()
data = account.forceChangePassword(checkContact[0][0], password)
verificationResult = account.login(data[0][1], password)
session['accountInfo'] = verificationResult
description = "{} signed in".format(session['accountInfo'][1])
log = logs.log(description)
log.addLogs()
flash("Welcome! You've successfully login.", "success")
return redirect(url_for('dashboard'))
def checkAccountUsingUsername():
usernameOrEmail = request.args.get('usernameOrEmail', 0, type=str)
password = request.args.get('password', 0, type=str)
account = accounts.account()
data = account.checkAccountWithUsername(usernameOrEmail)
checkerData = account.checkAccountWithPassword(usernameOrEmail, password)
if checkerData != None:
return jsonify(result='valid')
elif data != None and checkerData != None and data == checkerData:
return jsonify(result='valid')
elif data != None and checkerData == None:
return jsonify(result='invalidPassword')
elif data != None:
return jsonify(result='invalidUsername')
else:
return jsonify(result='invalidUsernameOrPassword')
def changePassword():
sessionChecker = loginRequired()
if sessionChecker == True:
if request.method == 'POST':
oldPassword = request.form.get('oldPass')
newPassword = request.form.get('newPass')
account = accounts.account()
account.changePassword(session['accountInfo'][0], oldPassword,
newPassword)
session['accountInfo'][2] = newPassword
description = "{} update its password".format(
session['accountInfo'][1])
log = logs.log(description)
log.addLogs()
msg = flash(
"Well Done! You've successfully updated your profile information.",
"success")
return redirect(url_for('accountInfo', msg=msg))
return redirect(url_for("signin"))
def usernameCredentialUniquenessTest():
username = request.args.get('username', 0, type=str)
uniquenessTest = accounts.account()
uniquenessTest = uniquenessTest.usernameUniquenessTest(username)
return jsonify(result=uniquenessTest)