def admin_user_manager(): users = c.search('users', {}) user_emails = [] i = 0 for user in users: user_emails.append((str(i), user['email'])) i = i + 1 if 'email' in request.form: email_id = request.form['email'] if email_id.isdigit(): email_id = user_emails[int(request.form['email'])][1] form = AdminUserManageForm() if request.method == 'POST': if not form.validate_on_submit(): user_details = c.get('users', str(email_id)) form = AdminUserManageForm(email=str(email_id), name=str(user_details['name']), Bitcoin=user_details['Bitcoin'], Dogecoin=user_details['Dogecoin'], funds=user_details['funds']) form.email.data = str(email_id) form.name.data = str(user_details['name']) form.bitcoin_address.data = str(user_details['bitcoin_address']) form.dogecoin_address.data = str(user_details['dogecoin_address']) return render_template('admin_user_manage.html', form=form) added_funds = float(request.form['funds']) bitcoins = float(request.form['Bitcoin']) dogecoins = float(request.form['Dogecoin']) name = request.form['name'] name = unicodedata.normalize('NFKD', name).encode('ascii','ignore') c.atomic_add('users', str(email_id), {'Bitcoin' : bitcoins, 'Dogecoin' : dogecoins, 'funds' : added_funds}) c.put('users', str(email_id), {'name' : str(name)}) flash(u'Edited details successfully') return render_template('admin_user_manage.html', form=form)
def login_or_signup_user(email, name): # 0. Convert email and name normal non unicode characters. email = unicodedata.normalize('NFKD', email).encode('ascii', 'ignore') name = unicodedata.normalize('NFKD', name).encode('ascii', 'ignore') # 1. if str(email) == None or str(email) == "": return redirect(url_for('login')) # 2. user_exists = False if c.count('users', {'email': str(email)}) == 1L: user_exists = True # 4.1 if user_exists: session['openid'] = str(email) else: c.put('users', str(email), { 'name': str(name), 'funds': 0.0, 'Bitcoin': 0.0, 'Dogecoin': 0.0 }) # Send email about new user signup msg = Message("New User", sender=EMAIL, recipients=[EMAIL]) msg.body = "New User %s:" % email mail.send(msg) session['openid'] = str(email) g.user_email = str(email) g.username = str(name) return redirect(request.args.get('next') or url_for('index'))
def login_or_signup_user(email, name): # 0. Convert email and name normal non unicode characters. email = unicodedata.normalize('NFKD', email).encode('ascii','ignore') name = unicodedata.normalize('NFKD', name ).encode('ascii','ignore') # 1. if str(email) == None or str(email) == "": return redirect(url_for('login')) # 2. user_exists = False if c.count('users', { 'email' : str(email) }) == 1L: user_exists = True # 4.1 if user_exists: session['openid'] = str(email) else: c.put('users', str(email), {'name' : str(name), 'funds' : 0.0, 'Bitcoin' : 0.0, 'Dogecoin' : 0.0 }) # Send email about new user signup msg = Message("New User", sender=EMAIL, recipients=[EMAIL]) msg.body = "New User %s:" % email mail.send(msg) session['openid'] = str(email) g.user_email = str(email) g.username = str(name) return redirect(request.args.get('next') or url_for('index'))
def trade(): form = TransactionForm() if request.method == 'POST': # 1. if not form.validate_on_submit(): flash(u'Invalid input in form') return render_template('trade.html', form=form) # User I/P not valid # 2. order_id = str(uuid.uuid4()) action = action_dict[int(request.form['action'])][1] currency = currency_dict[int(request.form['currency'])][1] quantity = float(request.form['quantity']) order_type = order_type_dict[int(request.form['order_type'])][1] expiry = order_expiry_dict[int(request.form['expiry'])][1] rate = 0.0 if order_type == "For Price": rate = float(request.form['rate']) # Sanity check to see if input is invalid if quantity <= 0.0 or (rate <= 0.0 and order_type == 'For Price'): flash(u'Invalid input in form') return render_template('trade.html', form=form) # User I/P not valid if expiry == 'Good Until Canceled': expiry = 0 elif expiry == 'Fill or Kill': expiry = 1 elif expiry == 'Day Only': expiry = int(datetime.now().strftime("%s")) + 86400 try: c.put( 'orders', order_id, { 'action': action, 'currency': currency, 'quantity_outstanding': quantity, 'quantity_fulfilled': 0.0, 'order_type': order_type, 'rate': rate, 'expiry': expiry, 'is_complete': 0, 'user_email': g.user_email }) # 3. x = c.begin_transaction() order_book.process_order(order_id, x) x.commit() flash(u'Successfully placed order') except: c.put('orders', order_id, {'is_complete': 3}) flash(u'Order Killed') return redirect(url_for('trade')) # This is a new request. Not a POST or validation return render_template('trade.html', form=form)
def profile(): form = ProfileForm(name=g.username) if request.method == 'POST': if not form.validate_on_submit(): return render_template('profile.html', form=form, email=g.user_email, name=g.username) # form is validated now process add funds name = request.form['name'] name = unicodedata.normalize('NFKD', name).encode('ascii','ignore') c.put('users', g.user_email, {'name' : name}) return redirect(url_for('index')) return render_template('profile.html', form=form, email=g.user_email, name=g.username)
def trade(): form = TransactionForm() if request.method == 'POST': # 1. if not form.validate_on_submit(): flash(u'Invalid input in form') return render_template('trade.html', form=form)# User I/P not valid # 2. order_id = str(uuid.uuid4()) action = action_dict[int(request.form['action'])][1] currency = currency_dict[int(request.form['currency'])][1] quantity = float(request.form['quantity']) order_type = order_type_dict[int(request.form['order_type'])][1] expiry = order_expiry_dict[int(request.form['expiry'])][1] rate = 0.0 if order_type == "For Price": rate = float(request.form['rate']) # Sanity check to see if input is invalid if quantity <= 0.0 or ( rate <= 0.0 and order_type == 'For Price'): flash(u'Invalid input in form') return render_template('trade.html', form=form)# User I/P not valid if expiry == 'Good Until Canceled': expiry = 0 elif expiry == 'Fill or Kill': expiry = 1 elif expiry == 'Day Only': expiry = int(datetime.now().strftime("%s")) + 86400 try: c.put('orders', order_id, {'action' : action, 'currency' : currency, 'quantity_outstanding' : quantity, 'quantity_fulfilled' : 0.0, 'order_type' : order_type, 'rate' : rate, 'expiry' : expiry, 'is_complete' : 0, 'user_email' : g.user_email}) # 3. x = c.begin_transaction() order_book.process_order(order_id, x) x.commit() flash(u'Successfully placed order') except: c.put('orders', order_id, {'is_complete' : 3}) flash(u'Order Killed') return redirect(url_for('trade')) # This is a new request. Not a POST or validation return render_template('trade.html', form=form)
def profile(): form = ProfileForm(name=g.username) if request.method == 'POST': if not form.validate_on_submit(): return render_template('profile.html', form=form, email=g.user_email, name=g.username) # form is validated now process add funds name = request.form['name'] name = unicodedata.normalize('NFKD', name).encode('ascii', 'ignore') c.put('users', g.user_email, {'name': name}) return redirect(url_for('index')) return render_template('profile.html', form=form, email=g.user_email, name=g.username)
def admin_user_manager(): users = c.search('users', {}) user_emails = [] i = 0 for user in users: user_emails.append((str(i), user['email'])) i = i + 1 if 'email' in request.form: email_id = request.form['email'] if email_id.isdigit(): email_id = user_emails[int(request.form['email'])][1] form = AdminUserManageForm() if request.method == 'POST': if not form.validate_on_submit(): user_details = c.get('users', str(email_id)) form = AdminUserManageForm(email=str(email_id), name=str(user_details['name']), Bitcoin=user_details['Bitcoin'], Dogecoin=user_details['Dogecoin'], funds=user_details['funds']) form.email.data = str(email_id) form.name.data = str(user_details['name']) form.bitcoin_address.data = str(user_details['bitcoin_address']) form.dogecoin_address.data = str(user_details['dogecoin_address']) return render_template('admin_user_manage.html', form=form) added_funds = float(request.form['funds']) bitcoins = float(request.form['Bitcoin']) dogecoins = float(request.form['Dogecoin']) name = request.form['name'] name = unicodedata.normalize('NFKD', name).encode('ascii', 'ignore') c.atomic_add('users', str(email_id), { 'Bitcoin': bitcoins, 'Dogecoin': dogecoins, 'funds': added_funds }) c.put('users', str(email_id), {'name': str(name)}) flash(u'Edited details successfully') return render_template('admin_user_manage.html', form=form)
def match_orders(buy_order, sell_order, quote, c): # 0. # Buy_order is an existing order from the book. if buy_order['expiry'] not in [0, 1] and buy_order['expiry'] <= int(datetime.now().strftime("%s")): # Order has expired c.put('orders', buy_order['order_id'], {'is_complete' : 3}) return False # 1. if buy_order['action'] == "Sell": (buy_order, sell_order) = (sell_order, buy_order) # 2. buy_is_rate = buy_order['order_type'] == "For Price" sell_is_rate = sell_order['order_type'] == "For Price" # 2.1 buy_rate = buy_order['rate'] if buy_is_rate else sell_order['rate'] sell_rate = sell_order['rate'] if sell_is_rate else buy_order['rate'] # Both are market orders. if not buy_is_rate and not sell_is_rate : buy_rate = sell_rate = quote['last_trade'] # 2.2 buy_quantity = sell_quantity = 0.0 if not buy_is_rate and buy_rate <= 0.0: return False if not sell_is_rate and sell_rate <= 0.0: return False # 2.3 if EXCHANGE_BRIDGES_BUY_SELL_GAP == 1: if buy_is_rate and sell_is_rate and buy_rate > sell_rate: avg_rate = (buy_rate + sell_rate)/2 buy_rate = sell_rate = avg_rate buy_rate = buy_rate + EXCHANGE_RATE_PER_TRANSACTION sell_rate = max(0.0, sell_rate - EXCHANGE_RATE_PER_TRANSACTION) buy_quantity = min(c.get('users', buy_order['user_email'])['Bitcoin']/buy_rate, buy_order['quantity_outstanding']) sell_quantity = min(c.get('users', sell_order['user_email'])[sell_order['currency']], sell_order['quantity_outstanding']) # 3. quantity = min(buy_quantity, sell_quantity) if quantity == 0: return False # 4. rate_diff = abs(buy_rate - sell_rate) # 4.1 c.atomic_add('users', buy_order['user_email'], {buy_order['currency']: quantity}) c.atomic_sub('users', sell_order['user_email'], {sell_order['currency']: quantity}) # 4.2 c.atomic_sub('users', buy_order['user_email'], {'Bitcoin': quantity*buy_rate}) c.atomic_add('users', sell_order['user_email'], {'Bitcoin': quantity*sell_rate}) # 4.3 if rate_diff != 0.0: c.atomic_add('users', 'exchange', {'Bitcoin': quantity*rate_diff}) # 4.4 c.atomic_sub('orders', buy_order['order_id'], {'quantity_outstanding': quantity}) c.atomic_sub('orders', sell_order['order_id'], {'quantity_outstanding': quantity}) c.atomic_add('orders', buy_order['order_id'], {'quantity_fulfilled': quantity}) c.atomic_add('orders', sell_order['order_id'], {'quantity_fulfilled': quantity}) # 4.5 if buy_order['quantity_outstanding'] == quantity : c.put('orders', buy_order['order_id'], {'is_complete': 1}) if sell_order['quantity_outstanding'] == quantity : c.put('orders', sell_order['order_id'], {'is_complete': 1}) # 4.6 rate_to_set = max(buy_rate, sell_rate) if sell_rate < quote['lowest_sell_rate']: c.put('currencies', sell_order['currency'], {'lowest_sell_rate': sell_rate}) rate_to_set = sell_rate if buy_rate > quote['highest_buy_rate']: c.put('currencies', buy_order['currency'], {'highest_buy_rate': buy_rate}) rate_to_set = buy_rate c.put('currencies', buy_order['currency'], {'last_trade': rate_to_set}) # 4.7 txn_id = str(uuid.uuid4()) c.put('txns', txn_id, {'buy_order_id' : buy_order['order_id'], 'sell_order_id' : sell_order['order_id'], \ 'buy_user_email' : buy_order['user_email'], 'sell_user_email' : sell_order['user_email'], \ 'buy_order_type' : buy_order['order_type'], 'sell_order_type' : sell_order['order_type'], \ 'buy_rate' : buy_rate, 'sell_rate' : sell_rate, \ 'quantity' : quantity, 'currency' : buy_order['currency'], \ 'pocketed' : quantity*rate_diff, 'time_stamp' : int(time.time())})
def delete_or_modify_order(): form = ModifyTransactionForm() if request.form.has_key('order_id_to_modify'): # This is a mew modification request from the View Orders Page # 1.1 Initialize the form values order_id_to_modify = url_safe_serializer.loads(request.form['order_id_to_modify']) order_to_modify = c.get('orders', order_id_to_modify) form = ModifyTransactionForm(order_id = request.form['order_id_to_modify'], action = get_action_id(order_to_modify['action']), currency = get_currency_id(order_to_modify['currency']), order_type = get_order_type_id(order_to_modify['order_type']), quantity = order_to_modify['quantity_outstanding'], rate = order_to_modify['rate'], expiry=get_expiry_id(order_to_modify['expiry'])) form.order_id.data = request.form['order_id_to_modify'] elif not request.form.has_key('modify_or_delete'): flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) elif request.form['modify_or_delete'] not in ('Modify', 'Delete'): flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) elif request.form['modify_or_delete'] == "Delete": order_id_to_delete = url_safe_serializer.loads(request.form['order_id']) order_to_delete = c.get('orders', order_id_to_delete) if order_to_delete == None: flash(u'Order Deletion Unsuccessful. Please Try again') else: c.put('orders', order_id_to_delete, {'is_complete' : 2}) flash(u'Order Deletion Successful') return redirect(url_for('book')) elif request.form.has_key('order_id'): order_id_to_modify = url_safe_serializer.loads(request.form['order_id']) order_to_modify = c.get('orders', order_id_to_modify) # This is a request to modify the order. # 2.1 Validate the form. if order_to_modify == None: flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) if not form.validate_on_submit(): flash(u'Invalid input in form') return render_template('modify_order.html', form=form)# User I/P not valid # 2.2 Its a valid form redirect make the modification if possible order_id = order_id_to_modify quantity = float(request.form['quantity']) order_type = order_type_dict[int(request.form['order_type'])][1] expiry = order_expiry_dict[int(request.form['expiry'])][1] rate = 0.0 if order_type == "For price": rate = float(request.form['rate']) # Sanity check to see if input is invalid if quantity <= 0.0 or ( rate <= 0.0 and order_type == 'For Price'): flash(u'Invalid input in form') return render_template('modify_order.html', form=form)# User I/P not valid if expiry == 'Good Until Canceled': expiry = 0 elif expiry == 'Fill or Kill': expiry = 1 elif expiry == 'Day Only': expiry = int(datetime.now().strftime("%s")) + 86400 try: c.put('orders', order_id_to_modify, {'quantity_outstanding' : quantity, 'rate' : rate, 'order_type' : order_type, 'expiry' : expiry}) x = c.begin_transaction() order_book.process_order(order_id, x) x.commit() flash(u'Successfully modified order') except: c.put('orders', order_id_to_modify, {'is_complete' : 3}) flash(u'Order Killed') return redirect(url_for('book')) else: # This should not happen. A request to this method must always have a valid order_id. # This request may be malicious. Redirect to Home page return redirect(url_for('index')) return render_template('modify_order.html', form=form)
def delete_or_modify_order(): form = ModifyTransactionForm() if request.form.has_key('order_id_to_modify'): # This is a mew modification request from the View Orders Page # 1.1 Initialize the form values order_id_to_modify = url_safe_serializer.loads( request.form['order_id_to_modify']) order_to_modify = c.get('orders', order_id_to_modify) form = ModifyTransactionForm( order_id=request.form['order_id_to_modify'], action=get_action_id(order_to_modify['action']), currency=get_currency_id(order_to_modify['currency']), order_type=get_order_type_id(order_to_modify['order_type']), quantity=order_to_modify['quantity_outstanding'], rate=order_to_modify['rate'], expiry=get_expiry_id(order_to_modify['expiry'])) form.order_id.data = request.form['order_id_to_modify'] elif not request.form.has_key('modify_or_delete'): flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) elif request.form['modify_or_delete'] not in ('Modify', 'Delete'): flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) elif request.form['modify_or_delete'] == "Delete": order_id_to_delete = url_safe_serializer.loads( request.form['order_id']) order_to_delete = c.get('orders', order_id_to_delete) if order_to_delete == None: flash(u'Order Deletion Unsuccessful. Please Try again') else: c.put('orders', order_id_to_delete, {'is_complete': 2}) flash(u'Order Deletion Successful') return redirect(url_for('book')) elif request.form.has_key('order_id'): order_id_to_modify = url_safe_serializer.loads( request.form['order_id']) order_to_modify = c.get('orders', order_id_to_modify) # This is a request to modify the order. # 2.1 Validate the form. if order_to_modify == None: flash(u'Order Modification Unsuccessful. Please Try again') return redirect(url_for('book')) if not form.validate_on_submit(): flash(u'Invalid input in form') return render_template('modify_order.html', form=form) # User I/P not valid # 2.2 Its a valid form redirect make the modification if possible order_id = order_id_to_modify quantity = float(request.form['quantity']) order_type = order_type_dict[int(request.form['order_type'])][1] expiry = order_expiry_dict[int(request.form['expiry'])][1] rate = 0.0 if order_type == "For price": rate = float(request.form['rate']) # Sanity check to see if input is invalid if quantity <= 0.0 or (rate <= 0.0 and order_type == 'For Price'): flash(u'Invalid input in form') return render_template('modify_order.html', form=form) # User I/P not valid if expiry == 'Good Until Canceled': expiry = 0 elif expiry == 'Fill or Kill': expiry = 1 elif expiry == 'Day Only': expiry = int(datetime.now().strftime("%s")) + 86400 try: c.put( 'orders', order_id_to_modify, { 'quantity_outstanding': quantity, 'rate': rate, 'order_type': order_type, 'expiry': expiry }) x = c.begin_transaction() order_book.process_order(order_id, x) x.commit() flash(u'Successfully modified order') except: c.put('orders', order_id_to_modify, {'is_complete': 3}) flash(u'Order Killed') return redirect(url_for('book')) else: # This should not happen. A request to this method must always have a valid order_id. # This request may be malicious. Redirect to Home page return redirect(url_for('index')) return render_template('modify_order.html', form=form)