def generate_new_address(currency):
user_wallet = db_adapter.find_first_object(UserWallet,
id_user=current_user.id,
currency=currency)
if user_wallet and not user_wallet.flag_used:
return user_wallet.address
if currency == 'BTC':
new_address = btc_client.call("getnewaddress", BTC_ACCOUNT)
elif currency == 'LTC':
new_address = ltc_client.call("getnewaddress", LTC_ACCOUNT)
elif currency == 'QRK':
new_address = qrk_client.call("getnewaddress", QRK_ACCOUNT)
elif currency == 'PPC':
new_address = ppc_client.call("getnewaddress", PPC_ACCOUNT)
elif currency == 'NMC':
new_address = nmc_client.call("getnewaddress", NMC_ACCOUNT)
elif currency == 'NVC':
new_address = nvc_client.call("getnewaddress", NVC_ACCOUNT)
elif currency == 'DRK':
new_address = drk_client.call("getnewaddress", DRK_ACCOUNT)
else:
new_address = 'n/d'
if new_address != 'n/d':
if not user_wallet:
db_adapter.add_object(UserWallet,
id_user=current_user.id,
currency=currency,
address=new_address)
else:
db_adapter.update_object(user_wallet,
address=new_address,
flag_used=0)
db_adapter.commit()
return new_address
def google_authorized(resp):
if not resp:
flash('Google authentication denied. Please consider register with IBWT', 'error')
return redirect(url_for('user.register'))
access_token = resp['access_token']
profile = {}
session['access_token'] = access_token, ''
if access_token:
r = requests.get('https://www.googleapis.com/oauth2/v1/userinfo',
headers={'Authorization': 'OAuth ' + access_token})
if r.ok:
profile = json.loads(r.text)
profile_fields_required = ['id',]
for field_req in profile_fields_required:
if not profile.get(field_req,False):
flash('Login failed due to a Google problem. Please consider to register with IBWT', 'error')
return redirect(url_for('auth.register'))
user = db_adapter.find_first_object(User, google_id=profile['id'])
if user:
login_user(user)
else:
if profile.get('email','') != '':
userE = db_adapter.find_first_object(User, email=profile['email'])
if userE:
db_adapter.update_object(userE, google_id=profile.get('id',''))
db_adapter.commit()
login_user(userE)
flash('Account connected to Google', 'success')
return redirect(url_for('auth.profile_page'))
user = db_adapter.add_object(User,
name=profile.get('name',''),
google_id=profile.get('id',''),
avatar=profile.get('picture',''),
email=profile.get('email',''),
active=1,
USD=1000,
EUR=1500,
RUR=1000,
CNY=1500,
JPY=1000,
BTC=1500,
DOGE=1500,
LTC=1500,
NVC=1500,
XPM=1500)
db_adapter.commit()
login_user(user)
flash('Account created from Google','success')
return redirect(url_for('user_profile_page'))
else:
flash('Google authentication due to a Google service problem. Please consider register with IBWT', 'error')
return redirect(url_for('home_page'))
def reset_db(app, db):
"""
Delete all tables; Create all tables; Populate roles and users.
"""
# Drop all tables
print('Dropping all tables')
db.drop_all()
# Create all tables
print('Creating all tables')
db.create_all()
# Adding roles
print('Adding roles')
admin_role = Role(name='admin')
db.session.add(admin_role)
# Add users
print('Adding users')
list_users = []
user = add_user(app, db, 'admin', 'Admin', 'User', '*****@*****.**', 'Password1')
for currency in SITE_CURRENCIES:
volume = Volumes(currency=currency, volume=0)
db.session.add(volume)
setattr(user, currency, decimal.Decimal(str(uniform(9000, 9999))))
user.roles.append(admin_role)
db.session.commit()
print ('Adding random orders')
users = db_adapter.find_all_objects(User)
for u in users:
list_users.append(u)
for currency, currency2 in EXCHANGABLE_CURRENCIES:
for i in range(1,100):
user_pass = random.choice(list_users)
order_type = random.choice(['buy', 'sell'])
amount = uniform(1, 100)
price_per_unit = uniform(0.0001, 10)
add_order(app, db, user_pass, order_type, currency, currency2, amount, price_per_unit, db_adapter)
db_adapter.commit()
print ('Orders added')
print ('Fullfil batch starting')
core.main()
print ('Fullfil batch ended')
def facebook_authorized(resp):
if resp is None:
flash('Facebook authentication denied. Please consider register with IBWT', 'error')
flash('Access denied: reason=%s error=%s' % (
request.args['error_reason'],
request.args['error_description']
), 'error')
return redirect(url_for('home_page'))
session['oauth_token'] = (resp['access_token'], '')
resp = facebook.get('/me')
profile = resp.data
profile_fields_required = ['id',]
for field_req in profile_fields_required:
if not profile.get(field_req,False):
flash('Login failed due to a Facebook problem. Please consider to register with IBWT', 'error')
return redirect(url_for('auth.register'))
user = db_adapter.find_first_object(User, facebook_id=profile['id'])
if user:
login_user(user)
else:
if profile.get('email','') != '':
user = db_adapter.find_first_object(User, email=profile['email'])
if user:
db_adapter.update_object(user, facebook_id=profile['id'])
db_adapter.commit()
login_user(user)
flash('Account connected to Facebook', 'success')
return redirect(url_for('auth.profile_page'))
user = db_adapter.add_object(User,
name=profile.get('name',''),
facebook_id=profile.get('id',''),
avatar=profile.get('picture',''),
email=profile.get('email',''),
active=1,
usd=1000,
eur=1500,
btc=500)
db_adapter.commit()
login_user(user)
flash('Account created from Facebook', 'success')
return redirect(url_for('auth.profile_page'))
def two_factor_qrcode():
if not current_user.is_authenticated():
abort(404)
if current_user is None:
abort(404)
if not current_user.otp_secret:
session['2FA'] = True
user = db_adapter.find_first_object(User, id=current_user.id)
db_adapter.update_object(user, otp_secret = current_user.create_2fa())
db_adapter.commit()
# render qrcode for FreeTOTP
url = pyqrcode.create(current_user.get_totp_uri())
stream = StringIO()
url.svg(stream, scale=3)
return stream.getvalue().encode('utf-8'), 200, {
'Content-Type': 'image/svg+xml',
'Cache-Control': 'no-cache, no-store, must-revalidate',
'Pragma': 'no-cache',
'Expires': '0'}
def user_funds_withdrawal_page(currency):
# Process GET or invalid POST
# Initialize form
form = UserWithdrawalForm(request.form)
# Process valid POST
if request.method=='POST' and form.validate():
current_user_amount = getattr(current_user, form.currency.data)
address = form.address.data
amount_to_withdraw = form.amount.data
if current_user_amount >= amount_to_withdraw:
new_user_amount = current_user_amount - amount_to_withdraw
# remove from user wallet
user_upd = db_adapter.find_first_object(User, id=current_user.id)
db_adapter.update_object(user_upd,**{form.currency.data: new_user_amount})
# set transaction
tid = uuid.uuid4().hex
db_adapter.add_object(UserDepositWithdrawal,
uuid = tid,
id_user = current_user.id,
currency = currency,
amount=amount_to_withdraw,
provider='user',
address=address,
transaction_type='withdrawal',
status=1)
db_adapter.commit()
flash(_('All right, your withdrawal request of %s %s will be processed soon.' % (amount_to_withdraw, currency) ), 'success')
redirect(url_for('user_funds_page'))
else:
flash(_('Sorry, insufficient funds (%s) to withdraw %s %s' % (current_user_amount, amount_to_withdraw, currency) ), 'error')
return render_template('users/user_funds_withdrawal_page.html',
currency=currency,
form=form)
def cancel_order(id, type_order):
order = None
if type_order == 'buy':
order = db_adapter.find_first_object(Buy,
uuid=id)
elif type_order == 'sell':
order = db_adapter.find_first_object(Sell,
uuid=id)
else:
flash('order type %s unrecognized' % type, 'error')
return redirect(url_for('user_orders_page'))
if not order:
flash('order already deleted or closed', 'error' )
return redirect(url_for('user_orders_page'))
if order.flag_completed == 1:
flash('order closed', 'error' )
return redirect(url_for('user_orders_page'))
user = db_adapter.find_first_object(User, id=current_user.id)
currency = order.currency
currency2 = order.currency2
# BUY
if type_order == 'buy':
# check if order amout is 0
# payback to user all amount + fee
currency_update = currency2
if order.amount == order.amount_start:
order_amount = order.total_order
fee_applied = order.initial_fee
new_amount = getattr(current_user,currency_update) + order_amount
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=order_amount,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user,**({currency_update: new_amount}))
db_adapter.commit()
flash('Order closed. Your account has been refunded with %s %s' % (order_amount, currency_update), 'success' )
else:
order_amount = order.amount
actual_fee = order.fee
initial_amount = order.amount_start_no_fee
amount_to_add = initial_amount - (order_amount + actual_fee)
new_amount = getattr(current_user,currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user,**({currency_update: new_amount}))
db_adapter.commit()
flash('Order closed. Your account has been refunded with %s %s' % (amount_to_add, currency_update), 'success' )
return redirect(url_for('user_orders_page'))
# SELL
elif type_order == 'sell':
# check if order amout is 0
# payback to user all amount + fee
currency_update = currency
if order.amount == order.amount_start:
currency_update = currency
order_amount = order.amount
fee_applied = order.initial_fee
amount_to_add = order_amount + fee_applied
new_amount = getattr(current_user,currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user,**({currency_update: new_amount}))
db_adapter.commit()
flash('Order closed. Your account has been refunded with %s %s' % (amount_to_add, currency_update), 'success' )
else:
order_amount = order.amount
actual_fee = order.fee
initial_amount = order.amount_start_no_fee
amount_to_add = initial_amount - (order_amount + actual_fee)
new_amount = getattr(current_user,currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user,**({currency_update: new_amount}))
db_adapter.commit()
flash('Order closed. Your account has been refunded with %s %s' % (amount_to_add, currency_update), 'success' )
return redirect(url_for('user_orders_page'))
flash('Cancel error please. Try again.', 'error')
return redirect(url_for('user_orders_page'))
def buy_order():
currency = session['currencies'][0]
currency2 = session['currencies'][1]
if not check_currencies(currency, currency2):
del session['currencies']
flash('Currency combination invalid', 'error')
return redirect(url_for('home_page'))
buy_form = BuyForm(request.form)
buy_form.currency=currency
buy_form.currency2=currency2
buy_form.fee=currencies_settings.FEE_PER_CURRENCIES[currency]
fee_percentage = currencies_settings.FEE_PER_CURRENCIES[currency]
sell_form = SellForm()
sell_form.currency=currency
sell_form.currency2=currency2
sell_form.fee=fee_percentage
if request.method == 'POST' and buy_form.validate():
cost = Decimal(buy_form.amount.data) * Decimal(buy_form.price_per_unit.data)
user_amount = getattr(current_user,currency2)
if cost >= user_amount:
flash('You don\'t have enough funds. Please recharge', 'error')
else:
# calculate
amount = Decimal(buy_form.amount.data)
fee_percentage = Decimal(fee_percentage)
price_per_unit = Decimal(buy_form.price_per_unit.data)
fee = (fee_percentage / Decimal('100')) * amount
total_order = amount * price_per_unit
total_order_no_fee = total_order - fee
oid = uuid.uuid4().hex
ins_ts = datetime.datetime.utcnow()
ins_ts = pytz.utc.localize(ins_ts)
amount_clean = amount - fee
db_adapter.add_object(Buy,
uuid = oid,
uid=current_user.id,
currency=currency,
currency2=currency2,
amount_start_no_fee=amount,
amount_start=amount_clean,
amount=amount_clean,
diff=0,
initial_fee=fee,
fee=fee,
fee_percentage=fee_percentage,
price_per_unit=price_per_unit,
total_order=total_order,
total_order_no_fee=total_order_no_fee,
flag_completed=0,
created_date=ins_ts
)
user_update_fund = db_adapter.find_first_object(User,id=current_user.id)
new_amount = user_amount - cost
db_adapter.update_object(user_update_fund,
**{currency2: new_amount})
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount,
currency=currency2,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='charge')
# write it in tradeData
trade_data = db_adapter.find_first_object(TradeData,currency=currency, currency2=currency2)
if not trade_data:
db_adapter.add_object(TradeData,
currency=currency,
currency2=currency2,
max_sell_price=0,
min_buy_price=price_per_unit)
else:
if price_per_unit < trade_data.min_buy_price:
db_adapter.update_object(trade_data,
min_buy_price=price_per_unit)
db_adapter.commit()
flash('Order set successfully', 'success')
# send broadcast to connected user
data_emit = {'uuid': oid}
emit_order('newborder', data_emit)
return redirect(url_for('home_page'))
return render_template('pages/home_page.html',
currency=currency,
currency2=currency2,
buy_form=buy_form,
sell_form=sell_form)
def cancel_order(id, type_order):
order = None
if type_order == 'buy':
order = db_adapter.find_first_object(Buy, uuid=id)
elif type_order == 'sell':
order = db_adapter.find_first_object(Sell, uuid=id)
else:
flash('order type %s unrecognized' % type, 'error')
return redirect(url_for('user_orders_page'))
if not order:
flash('order already deleted or closed', 'error')
return redirect(url_for('user_orders_page'))
if order.flag_completed == 1:
flash('order closed', 'error')
return redirect(url_for('user_orders_page'))
user = db_adapter.find_first_object(User, id=current_user.id)
currency = order.currency
currency2 = order.currency2
# BUY
if type_order == 'buy':
# check if order amout is 0
# payback to user all amount + fee
currency_update = currency2
if order.amount == order.amount_start:
order_amount = order.total_order
fee_applied = order.initial_fee
new_amount = getattr(current_user, currency_update) + order_amount
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=order_amount,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user, **({currency_update: new_amount}))
db_adapter.commit()
flash(
'Order closed. Your account has been refunded with %s %s' %
(order_amount, currency_update), 'success')
else:
order_amount = order.amount
actual_fee = order.fee
initial_amount = order.amount_start_no_fee
amount_to_add = initial_amount - (order_amount + actual_fee)
new_amount = getattr(current_user, currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user, **({currency_update: new_amount}))
db_adapter.commit()
flash(
'Order closed. Your account has been refunded with %s %s' %
(amount_to_add, currency_update), 'success')
return redirect(url_for('user_orders_page'))
# SELL
elif type_order == 'sell':
# check if order amout is 0
# payback to user all amount + fee
currency_update = currency
if order.amount == order.amount_start:
currency_update = currency
order_amount = order.amount
fee_applied = order.initial_fee
amount_to_add = order_amount + fee_applied
new_amount = getattr(current_user, currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user, **({currency_update: new_amount}))
db_adapter.commit()
flash(
'Order closed. Your account has been refunded with %s %s' %
(amount_to_add, currency_update), 'success')
else:
order_amount = order.amount
actual_fee = order.fee
initial_amount = order.amount_start_no_fee
amount_to_add = initial_amount - (order_amount + actual_fee)
new_amount = getattr(current_user, currency_update) + amount_to_add
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount_to_add,
currency=currency_update,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='accredit')
db_adapter.delete_object(order)
db_adapter.update_object(user, **({currency_update: new_amount}))
db_adapter.commit()
flash(
'Order closed. Your account has been refunded with %s %s' %
(amount_to_add, currency_update), 'success')
return redirect(url_for('user_orders_page'))
flash('Cancel error please. Try again.', 'error')
return redirect(url_for('user_orders_page'))
def buy_order():
currency = session['currencies'][0]
currency2 = session['currencies'][1]
if not check_currencies(currency, currency2):
del session['currencies']
flash('Currency combination invalid', 'error')
return redirect(url_for('home_page'))
buy_form = BuyForm(request.form)
buy_form.currency = currency
buy_form.currency2 = currency2
buy_form.fee = currencies_settings.FEE_PER_CURRENCIES[currency]
fee_percentage = currencies_settings.FEE_PER_CURRENCIES[currency]
sell_form = SellForm()
sell_form.currency = currency
sell_form.currency2 = currency2
sell_form.fee = fee_percentage
if request.method == 'POST' and buy_form.validate():
cost = Decimal(buy_form.amount.data) * Decimal(
buy_form.price_per_unit.data)
user_amount = getattr(current_user, currency2)
if cost >= user_amount:
flash('You don\'t have enough funds. Please recharge', 'error')
else:
# calculate
amount = Decimal(buy_form.amount.data)
fee_percentage = Decimal(fee_percentage)
price_per_unit = Decimal(buy_form.price_per_unit.data)
fee = (fee_percentage / Decimal('100')) * amount
total_order = amount * price_per_unit
total_order_no_fee = total_order - fee
oid = uuid.uuid4().hex
ins_ts = datetime.datetime.utcnow()
ins_ts = pytz.utc.localize(ins_ts)
amount_clean = amount - fee
db_adapter.add_object(Buy,
uuid=oid,
uid=current_user.id,
currency=currency,
currency2=currency2,
amount_start_no_fee=amount,
amount_start=amount_clean,
amount=amount_clean,
diff=0,
initial_fee=fee,
fee=fee,
fee_percentage=fee_percentage,
price_per_unit=price_per_unit,
total_order=total_order,
total_order_no_fee=total_order_no_fee,
flag_completed=0,
created_date=ins_ts)
user_update_fund = db_adapter.find_first_object(User,
id=current_user.id)
new_amount = user_amount - cost
db_adapter.update_object(user_update_fund,
**{currency2: new_amount})
# write it in history transaction
tid = uuid.uuid4().hex
db_adapter.add_object(Transaction,
uuid=tid,
amount=amount,
currency=currency2,
id_user=current_user.id,
provider='ibwt',
status=0,
transaction_type='charge')
# write it in tradeData
trade_data = db_adapter.find_first_object(TradeData,
currency=currency,
currency2=currency2)
if not trade_data:
db_adapter.add_object(TradeData,
currency=currency,
currency2=currency2,
max_sell_price=0,
min_buy_price=price_per_unit)
else:
if price_per_unit < trade_data.min_buy_price:
db_adapter.update_object(trade_data,
min_buy_price=price_per_unit)
db_adapter.commit()
flash('Order set successfully', 'success')
# send broadcast to connected user
data_emit = {'uuid': oid}
emit_order('newborder', data_emit)
return redirect(url_for('home_page'))
return render_template('pages/home_page.html',
currency=currency,
currency2=currency2,
buy_form=buy_form,
sell_form=sell_form)
def user_security_no_two_factor():
user = db_adapter.find_first_object(User, id=current_user.id)
db_adapter.update_object(user,
otp_secret = '')
db_adapter.commit()
return redirect(url_for('user_security_page'))