def login():
try:
if session['user_id']:
return redirect("/index")
except:
pass
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
session['block'] = exists[2]
return redirect("/index")
else:
all_data = user_model.get_all()
for x in all_data:
if user_name == x[1]:
return render_template('login.html',
title='Авторизация',
form=form,
alert='Неправильный пароль')
return render_template('login.html',
title='Авторизация',
form=form,
alert='Такой пользователь не существует')
return render_template('login.html',
title='Авторизация',
form=form,
alert='')
def reg():
form = RegForm()
if form.validate_on_submit():
username = form.username.data
name = form.name.data
surname = form.surname.data
password = form.password.data
confirm = form.confirm.data
password_hash = generate_password_hash(password)
user_model = UsersModel(users_db.get_connection())
all_data = user_model.get_all()
for x in all_data:
if username == x[1]:
return render_template(
'reg.html',
title='Регистрация',
form=form,
alert='Такой пользователь уже зареестрирован')
exists = user_model.exists(username, password_hash)
if not exists[0] and password == confirm:
user_model.insert(username, name, surname, password_hash)
exists = user_model.exists(username, password_hash)
session['username'] = username
session['user_id'] = exists[1]
return redirect("/index")
return render_template('reg.html',
title='Регистрация',
form=form,
alert='')
def transfer():
u_model = UsersModel(u_db.get_connection())
o_model = OperationsModel(o_db.get_connection())
form = TransferForm()
money1 = u_model.get_money(session['user_id'])[0]
if form.validate_on_submit():
if 0 < int(form.money.data) <= int(money1):
if u_model.exist_card_number(form.card_number.data)[0]:
id = u_model.get_id(form.card_number.data)[0]
money2 = u_model.get_money(id)[0]
u_model.update_money(form.card_number.data,
int(money2) + int(form.money.data))
u_model.update_money(
u_model.get_card_number(session['user_id'])[0],
int(money1) - int(form.money.data))
string = 'Перевод держателю карты {}'.format(
form.card_number.data)
o_model.insert(string, id)
return redirect('/success')
else:
return render_template('transfer2.html',
title='Перевод денег',
form=form)
else:
return render_template('transfer2.html',
title='Перевод денег',
form=form)
return render_template('transfer.html', title='Перевод денег', form=form)
def unblock(user_id):
if 'username' not in session:
return redirect('/ban')
if session['username'] != 'admin':
return redirect('/index')
user = UsersModel(users_db.get_connection())
user.unblock(user_id)
return redirect('/index')
def admin_only():
if 'username' not in session:
return redirect('/ban')
if session['username'] != 'admin':
return redirect('/index')
news = UsersModel(users_db.get_connection()).get_all()
return render_template('users.html',
username=session['username'],
news=news)
def login():
global ind
form = LoginForm()
if form.validate_on_submit():
f = open('admins', encoding="utf-8", mode='r+')
data = f.read().split('\n')
ff = open('users', encoding="utf-8", mode='r+')
data1 = ff.read().split('\n')
logins = {}
login = []
for i in data:
i = i.split(':')
logins[str(i[0])] = str(i[1])
login.append(str(i[0]))
user_name = str(form.username.data)
password = str(form.password.data)
if user_name in login:
if str(logins[user_name]) == str(password):
user_model = UsersModel(db.get_connection())
user_model.insert(user_name, password)
exists = user_model.exists(user_name, password)
if (exists[0]):
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/admin")
else:
for i in data1:
i = i.split(':')
logins[i[0]] = i[1]
login.append(i[0])
user_name = form.username.data
password = form.password.data
if user_name in login:
if str(logins[user_name]) == str(password):
user_model = UsersModel(db.get_connection())
user_model.insert(user_name, password)
exists = user_model.exists(user_name, password)
if (exists[0]):
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/user")
return render_template('login.html', title='Авторизация', form=form)
def sign_in():
form = SigninForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(u_db.get_connection())
exists = user_model.exists(user_name, password)
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
return redirect('/home')
return render_template('sign_in.html', title='Авторизация', form=form)
def login():
form = LoginForm()
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
exists = user_model.exists(user_name, password)
if form.validate_on_submit():
if (exists[0]):
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
return render_template('login.html', form=form, message=user_model.exists(user_name, password)[1])
def login():
form = LoginForm()
if form.validate_on_submit():
user_name = form.username.data
password = form.password.data
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
return render_template('login.html', title='Sign in', form=form)
def register():
form = RegisterForm()
if request.method == 'GET':
return render_template('register.html', form=form)
elif request.method == 'POST':
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
user_model.insert(user_name, password)
exists = user_model.exists(user_name, password)
if (exists[0]):
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
def news_data(news_id):
if 'username' not in session:
return redirect('/ban')
form = CommentForm()
if form.validate_on_submit():
content = form.content.data
cm = CommentsModel(comments_db.get_connection())
author_data = UsersModel(users_db.get_connection()).get(
session['user_id'])
username = author_data[2] + ' ' + author_data[3]
cm.insert(session['user_id'], news_id, content, username)
return redirect("/news/" + str(news_id))
news = NewsModel(news_db.get_connection()).get(news_id)
author_data = UsersModel(users_db.get_connection()).get(news[4])
username = author_data[2] + ' ' + author_data[3]
cm = CommentsModel(comments_db.get_connection()).get_all(news[0])
cm.reverse()
return render_template('news_data.html',
title=news[1],
author=username,
cur_user_id=session['user_id'],
news=news,
cm=cm,
form=form)
def admin_only():
if 'username' not in session:
return redirect('/login')
news = NewsModel(news_db.get_connection()).get_all()
news.sort(key=lambda x: x[3])
user_model = UsersModel(users_db.get_connection())
usernames = {}
for item in news:
data = user_model.get(item[4])
if item[4] not in usernames:
usernames.update(
{item[4]: [str(data[2] + ' ' + data[3]), data[1]]})
return render_template('index.html',
username=session['username'],
news=news,
users=usernames)
def reg():
form = RegistForm()
if form.validate_on_submit():
ind = ''
f = open('users', encoding="utf-8", mode='r+')
ff = open('admins', encoding="utf-8", mode='r+')
datauser = f.read()
dataadmin = ff.read()
user_name = form.username.data
password = form.password.data
repeat = form.repeat.data
mail = form.mail.data
code = form.user_admin.data
user_model = UsersModel(db.get_connection())
user_model.insert(user_name, password)
exists = user_model.exists(user_name, password)
if str(code) == 'sell':
ind = 'admin'
else:
ind = 'user'
if password != repeat:
return redirect('/register')
if ind == 'admin':
if user_name not in dataadmin:
ff.write('\n')
ff.write(user_name)
ff.write(':')
ff.write(password)
ff.write(':')
ff.write(mail)
else:
return redirect('/register')
else:
if user_name not in datauser:
f.write('\n')
f.write(user_name)
f.write(':')
f.write(password)
f.write(':')
f.write(mail)
else:
return redirect('/register')
if exists[0]:
session['username'] = user_name
session['user_id'] = exists[1]
return redirect("/index")
return render_template('regist.html', title='Регистрация', form=form)
def api_auth():
if not request.json:
return json.dumps({'error': 'Empty request'})
elif not all(key in request.json for key in ['pass', 'login']):
return json.dumps({'error': 'Bad request'})
password = request.json['pass']
user_name = request.json['login']
user_model = UsersModel(users_db.get_connection())
true_pass = user_model.password_check(user_name)
exists = user_model.exists(user_name, true_pass)
if check_password_hash(true_pass, password) and exists[0]:
token = generate_password_hash(str(password) + str(user_name))
user_model.add_token(token, exists[1])
return json.dumps({'token': token})
else:
return json.dumps({'error': 'Incorrect info'})
def user_edit():
if 'username' not in session:
return redirect('/ban')
form = EditForm()
if form.validate_on_submit():
url = form.photo.data
status = form.status.data
nm = UsersModel(users_db.get_connection())
nm.update_status(status, session['user_id'])
nm.update_photo(url, session['user_id'])
my_page = '/' + str(session['user_id'])
return redirect(my_page)
return render_template('edit.html',
title='Редактирование',
form=form,
my_page=False,
cur_user_id=session['user_id'],
username=session['username'])
def reg():
form = RegForm()
if form.validate_on_submit():
username = form.username.data
name = form.name.data
surname = form.surname.data
password = form.password.data
confirm = form.confirm.data
password_hash = generate_password_hash(password)
user_model = UsersModel(users_db.get_connection())
exists = user_model.exists(username, password_hash)
if not exists[0] and password == confirm:
user_model.insert(username, name, surname, password_hash)
exists = user_model.exists(username, password_hash)
session['username'] = username
session['user_id'] = exists[1]
return redirect("/index")
return render_template('reg.html', title='Sign up', form=form)
def index():
if 'username' not in session:
return redirect('/ban')
news = NewsModel(news_db.get_connection()).get_all(session['user_id'])
news.sort(key=lambda x: x[3])
news.reverse()
user_model = UsersModel(users_db.get_connection())
usernames = {}
for item in news:
data = user_model.get(item[4])
if item[4] not in usernames:
usernames.update(
{item[4]: [str(data[2] + ' ' + data[3]), data[1]]})
return render_template('index.html',
title='a',
username=session['username'],
cur_user_id=session['user_id'],
news=news,
users=usernames)
def user_data(user_id):
if 'username' not in session:
return redirect('/ban')
user_model = UsersModel(users_db.get_connection())
data = user_model.get(user_id)
news = NewsModel(news_db.get_connection()).get_all(user_id)
path = data[6]
if session['user_id'] == user_id:
my_page = True
else:
my_page = False
name_surname = data[2] + ' ' + data[3]
return render_template('user_data.html',
title=name_surname,
my_page=my_page,
cur_user_id=session['user_id'],
path=path,
name=data[2],
surname=data[3],
status=data[4],
news=news)
def sign_up():
if request.method == 'POST':
user_name = request.form['login']
password = request.form['password']
card_number = request.form['card_number']
expiry_m = request.form['expiry_m']
expiry_y = request.form['expiry_y']
name = request.form['name']
safe_number = request.form['ccv']
money = request.form['money']
user_model = UsersModel(u_db.get_connection())
if not user_model.exists(user_name)[0] and card_check(card_number) and check_data(expiry_m, expiry_y) and\
name_check(name) and cvv_check(safe_number) and check_money(money):
if not user_model.exist_card_number(card_number)[0]:
user_model.insert(user_name, password, card_number, expiry_m,
expiry_y, name, safe_number, money)
session['username'] = user_name
session['user_id'] = user_model.exists(user_name, password)[1]
return redirect('/home')
else:
return render_template('sign_up2.html', title='Регистрация')
return render_template('sign_up.html', title='Регистрация')
def register():
form = RegisterForm()
if request.method == 'GET':
return render_template('register.html', form=form, message="")
elif request.method == 'POST':
if form.password.data != form.trypassword.data:
return render_template('register.html',
form=form,
message="Пароли не совпадают")
user_name = form.username.data
password = form.password.data
user_model = UsersModel(db.get_connection())
if user_model.get_by_name(user_name) is None:
user_model.insert(user_name, password)
exists = user_model.exists(user_name, password)
return redirect("/login")
else:
return render_template(
'register.html',
form=form,
message="Такой пользователь уже есть. Исправьте данные")
"""
def personal():
user_model = UsersModel(u_db.get_connection())
row = list(user_model.get(session['user_id']))
snippet = {
'Логин': '',
'Пароль': '',
'Номер карты': '',
'Дата истечения': '',
'Имя': '',
'Трехзначный код': '',
'Баланс': ''
}
i = 1
for el in snippet:
if i == 4:
snippet[el] = str(row[i]) + '/' + str(row[i + 1])
i += 2
else:
snippet[el] = str(row[i])
i += 1
tuple_s = []
for el in snippet:
tuple_s.append((el, snippet[el]))
return render_template('personal.html', lists=tuple_s)
def __init__(self):
MongoBase.__init__(self)
self.m_c = self.mongo_db.follow
self.following_per_page = int(options.following_per_page)
self.usersmodel = UsersModel()
from flask import Flask, render_template, redirect, session, request, make_response, jsonify
from db import DB
from operationsmodel import OperationsModel
from usersmodel import UsersModel
from signin_form import SigninForm
from transfer_form import TransferForm
from data_check import check_data, card_check, cvv_check, name_check, double, luhn_algorithm, check_money
app = Flask(__name__)
app.config['SECRET_KEY'] = 'online_bank_secret_key'
OPERATIONS = {}
o_db = DB('operations.db')
u_db = DB('users.db')
OperationsModel(o_db.get_connection()).init_table()
UsersModel(u_db.get_connection()).init_table()
@app.route('/home')
def home():
return render_template('main.html', title='Главная')
@app.errorhandler(404)
def not_found(error):
return make_response(jsonify({'error': 'Not found'}), 404)
@app.route('/sign_in', methods=['GET', 'POST'])
def sign_in():
form = SigninForm()
from regform import RegForm
from commentform import CommentForm
from usersmodel import UsersModel
from newsmodel import NewsModel
from commentsmodel import CommentsModel
from editform import EditForm
from shutil import copy
from db import DB
import datetime
app = Flask(__name__)
app.config['SECRET_KEY'] = 'yandexlyceum_secret_key'
users_db = DB('users.db')
news_db = DB('news.db')
comments_db = DB('comments.db')
users_init = UsersModel(users_db.get_connection())
users_init.init_table()
news_init = NewsModel(news_db.get_connection())
news_init.init_table()
comments_init = CommentsModel(comments_db.get_connection())
comments_init.init_table()
@app.route('/')
@app.route('/index')
def index():
if 'username' not in session:
return redirect('/ban')
news = NewsModel(news_db.get_connection()).get_all(session['user_id'])
news.sort(key=lambda x: x[3])
news.reverse()