def request_reset():
if session.get('email'):
return redirect(url_for('index'))
form = RequestResetForm()
if form.validate_on_submit():
user_b = get_user_by_email(form.email.data)
token = user_b.get_reset_token()
msg = Message('Password reset request',
sender='*****@*****.**',
recipients=[user_b.email])
msg.body = f'Click on this link to reset the password\n{url_for("reset_token", token=token, _external=True)}'
mail.send(msg)
return redirect(url_for('login'))
return render_template('reset_request.html', form=form)
def contact():
form = EmailForm()
email_filler = ""
name_filler = ""
if session.get('email'):
email_filler = session.get('email')
name_filler = session.get('username')
if form.validate_on_submit():
# send email here
msg = Message(request.form['subject'],
recipients=['*****@*****.**'])
msg.body = f'This Email was sent from your website\nfrom {request.form["name"]} \temail: {request.form["email"]}\n\n{request.form["message"]}'
mail.send(msg)
flash("Your email has been sent!!!")
return redirect(url_for('contact'))
return render_template("contact.html",
page="contact",
form=form,
email_filler=email_filler,
name_filler=name_filler)
def cancel_order():
iId = request.form['id']
new_user = Users.query.with_entities(
Users.id,
Users.email).filter(Users.username == get_jwt_identity()).first()
new_order = Orders.query.filter(Orders.id == iId,
Orders.user_id == new_user.id).first()
if new_order.status == 'To pay':
upload_order = Orders.query.filter(Orders.id == iId).update(
dict(status='Canceled'))
db.session.commit()
message = 'Canceled successfully!'
msg = Message('Canceled successfully!',
sender='*****@*****.**',
recipients=[new_user.email])
msg.body = 'Canceled successfully!'
mail.send(msg)
else:
message = 'You can\'t delete it!'
return jsonify(message=message), 200
def forgot():
if request.method == 'POST':
sEmail = request.form['email']
new_user = Users.query.with_entities(
Users.id).filter(Users.email == sEmail).first()
if new_user:
token = s.dumps({'user_id': new_user.id}).decode('utf-8')
# datetime object containing current date and time
now = datetime.now()
# dd/mm/YY H:M:S
dDateNow = now.strftime("%d/%m/%Y %H:%M:%S")
if Tokens.query.filter(Tokens.user_id == new_user.id,
Tokens.action == 'reset-password').first():
update_token = Tokens.query.filter(Tokens.user_id == new_user.id, Tokens.action == 'reset-password').\
update(dict(code = token, created = dDateNow, status = 'created'))
else:
db_token = Tokens(new_user.id, 'reset-password', token,
dDateNow)
db.session.add(db_token)
db.session.commit()
msg = Message('Confirm Email',
sender='*****@*****.**',
recipients=[sEmail])
link = url_for('reset_password', token=token, _external=True)
msg.body = 'If you don’t use this link within 1 hours, it will expire. To get a new password reset link, visit: {}'.format(
link)
mail.send(msg)
return jsonify(
message=
'Check your email for a link to reset your password. If it doesn’t appear within a few minutes, check your spam folder.'
), 200
return jsonify(message='Email is not registered'), 200
return render_template('client/forgot.html')
def index():
sOrder = request.form['order']
sMethod = request.form['payment-method']
sCoupon = request.form['discount']
for oOrder in json.loads(sOrder):
new_book = Books.query.with_entities(Books.number, Books.title).\
filter(Books.id == str(oOrder['id'])).first()
if int(new_book.number) < int(oOrder['count']):
return jsonify(message=new_book.title + ' is not enough!'), 200
sStatus = 'To pay'
if sOrder == '' or sMethod == '':
return jsonify(message='Invalid'), 200
# datetime object containing current date and time
now = datetime.now()
# dd/mm/YY H:M:S
dt_string = now.strftime("%d/%m/%Y %H:%M:%S")
new_user = Users.query.\
filter(Users.username == get_jwt_identity()).first()
if sMethod == 'ibanking' or sMethod == 'cash':
if sMethod == 'ibanking':
token = s.dumps({
'user_id': new_user.id,
'order': sOrder,
'method': sMethod,
'coupon': sCoupon
}).decode('utf-8')
# datetime object containing current date and time
now = datetime.now()
# dd/mm/YY H:M:S
dDateNow = now.strftime("%d/%m/%Y %H:%M:%S")
if Tokens.query.filter(Tokens.user_id == new_user.id,
Tokens.action == 'order').first():
update_token = Tokens.query.filter(Tokens.user_id == new_user.id, Tokens.action == 'order').\
update(dict(code = token, created = dDateNow, status = 'created'))
else:
db_token = Tokens(new_user.id, 'order', token, dDateNow)
db.session.add(db_token)
db.session.commit()
msg = Message('Confirm Order',
sender='*****@*****.**',
recipients=[new_user.email])
link = url_for('order.confirm_order', token=token, _external=True)
msg.body = 'If you don’t use this link within 1 hours, it will expire. To confirm order, visit: {}'.format(
link)
mail.send(msg)
return jsonify(
message=
'Check your email for a link to confirm order. If it doesn’t appear within a few minutes, check your spam folder.'
), 200
else:
total = calculateTotal(sOrder, sCoupon)
percent = ''
if sCoupon != '':
new_coupon = Coupons.query.with_entities(
Coupons.percent).filter(Coupons.code == sCoupon).first()
if new_coupon:
percent = new_coupon.percent
json_data = {
'order': sOrder,
'coupon': {
'code': sCoupon,
'percent': percent
},
'total': round(total, 2)
}
new_order = Orders(new_user.id, json_data, sMethod, sStatus,
dt_string, dt_string)
db.session.add(new_order)
db.session.commit()
oOrder = Orders.query.with_entities(Orders.id).\
filter(Orders.created == dt_string, Orders.user_id == new_user.id).first()
msg = Message('Order success',
sender='*****@*****.**',
recipients=[new_user.email])
msg.body = 'Code: ' + str(oOrder.id) + \
'\nDate: ' + dt_string + \
'\nPayment method: ' + sMethod
mail.send(msg)
return jsonify(message='Order success'), 200
return jsonify(message="Invalid"), 200
def confirm_order(token):
try:
id = s.loads(token)['user_id']
sOrder = s.loads(token)['order']
sMethod = s.loads(token)['method']
sCoupon = s.loads(token)['coupon']
sStatus = 'To pay'
new_token = Tokens.query.filter(Tokens.user_id == id,
Tokens.action == 'order').first()
new_user = Users.query.filter(Users.id == id).first()
if new_token:
# check token
if new_token.status == 'finish':
return render_template('client/message.html',
message='The token is expired!')
# datetime object containing current date and time
now = datetime.now()
# dd/mm/YY H:M:S
dt_string = now.strftime("%d/%m/%Y %H:%M:%S")
dDateNow = datetime.strptime(dt_string, "%d/%m/%Y %H:%M:%S")
dCreated = datetime.strptime(new_token.created,
"%d/%m/%Y %H:%M:%S")
time = dDateNow - dCreated
if time.total_seconds() > 3600:
return render_template('client/message.html',
message='The token is expired!')
# check money
total = calculateTotal(sOrder, sCoupon)
if total == 'error':
return jsonify(message='error'), 200
if float(new_user.money) < float(total):
return render_template(
'client/message.html',
message='Your account does not have enough money!')
new_money = float(new_user.money) - float(total)
user_update = Users.query.\
filter(Users.id == new_user.id).\
update(dict(money = str(new_money)))
db.session.commit()
# insert table order
percent = ''
if sCoupon != '':
new_coupon = Coupons.query.with_entities(
Coupons.percent).filter(Coupons.code == sCoupon).first()
if new_coupon:
percent = new_coupon.percent
json_data = {
'order': sOrder,
'coupon': {
'code': sCoupon,
'percent': percent
},
'total': round(total, 2)
}
new_order = Orders(new_user.id, json_data, sMethod, sStatus,
dt_string, dt_string)
db.session.add(new_order)
db.session.commit()
oOrder = Orders.query.with_entities(Orders.id).\
filter(Orders.created == dt_string, Orders.user_id == new_user.id).first()
msg = Message('Order success',
sender='*****@*****.**',
recipients=[new_user.email])
msg.body = 'Code: ' + str(oOrder.id) + \
'\nDate: ' + dt_string + \
'\nPayment method: ' + sMethod
mail.send(msg)
update_token = Tokens.query.filter(Tokens.user_id == id, Tokens.action == 'order').\
update(dict(created = dDateNow, status = 'finish'))
db.session.commit()
else:
return render_template('client/message.html',
message='The token is expired!')
except SignatureExpired:
return render_template('client/message.html',
message='The token is expired!')
return render_template('client/message.html',
message='Order success. Please check email!')
def send_email(to, subject, template, user, token):
msg = Message(subject, sender=from_email, recipients=[to])
msg.html = render_template(template + '.txt', user=user, token=token)
mail.send(msg)
def send_email(user,msgg):
msg = Message('Public Key for logging in',
sender='*****@*****.**',
recipients=[user['email']])
msg.body = msgg['public_key']
mail.send(msg)