2015-11-29 01:36:59 +03:00
|
|
|
|
# coding: utf-8
|
|
|
|
|
|
|
|
|
|
|
|
from sshpubkeys import SSHKey
|
|
|
|
|
|
from flask import render_template, session, redirect, url_for, request
|
|
|
|
|
|
from flask import g
|
|
|
|
|
|
from flask import Blueprint
|
|
|
|
|
|
from app import models
|
|
|
|
|
|
from app.cloud.controllers.common import special_match
|
|
|
|
|
|
from app.cloud.controllers.common import ControllerMessagesEmail
|
|
|
|
|
|
from app.cloud.controllers.users import ControllerUsers
|
2015-12-24 01:52:14 +03:00
|
|
|
|
from app.cloud.controllers.users import ControllerAPI
|
2015-11-29 01:36:59 +03:00
|
|
|
|
from app.cloud.controllers.users import ControllerSSHKey
|
|
|
|
|
|
from app.cloud.controllers.users import ControllerUsersDetails
|
|
|
|
|
|
from app.cloud.controllers.users import ControllerUsersRecoveryCodes
|
2015-12-12 17:29:45 +03:00
|
|
|
|
from app.cloud.controllers.billing import ControllerBilling
|
2015-11-29 01:36:59 +03:00
|
|
|
|
|
|
|
|
|
|
viewAccount = Blueprint('account', __name__, url_prefix='/account')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/', methods=['GET', 'POST'])
|
|
|
|
|
|
def index():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
cud = ControllerUsersDetails(session['user_id'])
|
|
|
|
|
|
user = cud.details_get()
|
|
|
|
|
|
|
|
|
|
|
|
# проверяем, есть ли запись в таблице usersdetails, чтобы небыло ошибок
|
|
|
|
|
|
if not cud.details_exists():
|
|
|
|
|
|
# если нет, то делаем запись в таблицу, чтобы небыло ошибок
|
|
|
|
|
|
cud.details_create()
|
|
|
|
|
|
|
|
|
|
|
|
# извлекаем из базы детали пользователя
|
|
|
|
|
|
user_details = cud.details_get()
|
|
|
|
|
|
|
|
|
|
|
|
return render_template(
|
|
|
|
|
|
'default/id/index.html',
|
|
|
|
|
|
user=user,
|
|
|
|
|
|
user_details=user_details
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/edit', methods=['GET', 'POST'])
|
|
|
|
|
|
def edit():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
cud = ControllerUsersDetails(session['user_id'])
|
|
|
|
|
|
user = cud.details_get()
|
|
|
|
|
|
|
|
|
|
|
|
if not cud.details_exists():
|
|
|
|
|
|
cud.details_create()
|
|
|
|
|
|
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
|
if not request.form['zipcode'].isdigit():
|
|
|
|
|
|
g.errors['items'].append(u'Индекс должен содержать только цифры')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
|
|
|
|
|
|
if g.errors['total'] == 0:
|
|
|
|
|
|
cud.details_update(
|
|
|
|
|
|
fname=request.form['fname'],
|
|
|
|
|
|
lname=request.form['lname'],
|
|
|
|
|
|
address=request.form['address'],
|
|
|
|
|
|
city=request.form['city'],
|
|
|
|
|
|
country=request.form['country'],
|
|
|
|
|
|
state=request.form['state'],
|
|
|
|
|
|
zipcode=request.form['zipcode']
|
|
|
|
|
|
)
|
|
|
|
|
|
return redirect(url_for('account.edit'))
|
|
|
|
|
|
# get user details
|
|
|
|
|
|
user_details = cud.details_get()
|
|
|
|
|
|
|
|
|
|
|
|
return render_template('default/id/edit.html', user=user, user_details=user_details)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/settings', methods=['GET', 'POST'])
|
|
|
|
|
|
def settings():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# get user data
|
|
|
|
|
|
user = ControllerUsers(session['user_id']).get()
|
|
|
|
|
|
|
|
|
|
|
|
return render_template('default/id/index.html', user_details=user)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/billing', methods=['GET', 'POST'])
|
|
|
|
|
|
def billing():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
user_id = session['user_id']
|
|
|
|
|
|
|
|
|
|
|
|
if models.UsersBalance.select().where(models.UsersBalance.user == user_id).count() == 0:
|
|
|
|
|
|
models.UsersBalance.create(user=user_id, balance=10)
|
|
|
|
|
|
user_balance = models.UsersBalance.select().where(models.UsersBalance.user == user_id).limit(1)[0].balance
|
|
|
|
|
|
|
|
|
|
|
|
user_details = models.Users.select().where(models.Users.id == session['user_id']).limit(1)[0]
|
|
|
|
|
|
|
2015-12-06 17:18:48 +03:00
|
|
|
|
# выгрузка истории платежей
|
2015-11-29 01:36:59 +03:00
|
|
|
|
history = dict()
|
|
|
|
|
|
history['total'] = models.UsersBalanceTransactions.select().\
|
|
|
|
|
|
where(models.UsersBalanceTransactions.user == user_id).count()
|
|
|
|
|
|
history['items'] = models.UsersBalanceTransactions.select().\
|
|
|
|
|
|
where(models.UsersBalanceTransactions.user == user_id)
|
2015-12-06 17:18:48 +03:00
|
|
|
|
|
2015-11-29 01:36:59 +03:00
|
|
|
|
return render_template(
|
|
|
|
|
|
'default/id/balance.html',
|
2015-12-06 17:18:48 +03:00
|
|
|
|
user_details=user_details,
|
|
|
|
|
|
user_balance=user_balance,
|
|
|
|
|
|
history=history
|
2015-11-29 01:36:59 +03:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/registration', methods=['GET', 'POST'])
|
|
|
|
|
|
def registration():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if ControllerUsers().check_session():
|
2015-12-06 02:28:21 +03:00
|
|
|
|
return redirect(url_for("containers.index"))
|
2015-11-29 01:36:59 +03:00
|
|
|
|
|
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
|
check_password = False
|
|
|
|
|
|
if request.form['password'] == request.form['password2']:
|
|
|
|
|
|
check_password = True
|
|
|
|
|
|
|
|
|
|
|
|
if not special_match(request.form['email'], r"^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$")\
|
|
|
|
|
|
or len(request.form['password']) < 5\
|
|
|
|
|
|
or not check_password:
|
|
|
|
|
|
g.errors['items'].append('Invalid registration data.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
|
|
|
|
|
|
if g.errors['total'] == 0:
|
|
|
|
|
|
# count user with email and password
|
|
|
|
|
|
if models.Users.select().where(models.Users.email == request.form['email']).count():
|
|
|
|
|
|
g.errors['items'].append('Invalid registration. User already exists.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
else:
|
|
|
|
|
|
if ControllerUsers().registration(request.form['email'], request.form['password']):
|
2015-12-12 17:29:45 +03:00
|
|
|
|
user_id = ControllerUsers().get_id_by_email(request.form['email'])
|
|
|
|
|
|
|
|
|
|
|
|
ControllerUsersDetails(user_id).details_create()
|
|
|
|
|
|
ControllerBilling().create(user_id, g.settings['bonus'])
|
|
|
|
|
|
# ControllerU
|
2015-11-29 01:36:59 +03:00
|
|
|
|
# send mail message with recovery code
|
|
|
|
|
|
message = u"""
|
|
|
|
|
|
Е-почта: %s
|
|
|
|
|
|
Пароль: %s
|
|
|
|
|
|
""" % (request.form['email'], request.form['password'])
|
2015-12-06 02:28:21 +03:00
|
|
|
|
subject = u'GoCloud.ru: Успешная регистрация'
|
2015-11-29 01:36:59 +03:00
|
|
|
|
lead = u"""
|
|
|
|
|
|
Поздравляем с успешной зарегистрацией.
|
|
|
|
|
|
"""
|
|
|
|
|
|
callout = u"""
|
|
|
|
|
|
Для входа в личный кабинет воспользуйтесь
|
2015-12-06 02:28:21 +03:00
|
|
|
|
<a href="https://gocloud.ru/account/login">страницей авторизации</a>.
|
2015-11-29 01:36:59 +03:00
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
email = ControllerMessagesEmail()
|
|
|
|
|
|
email.send(title=subject, to=request.form['email'], lead=lead, message=message, callout=callout)
|
|
|
|
|
|
|
|
|
|
|
|
# redirect to login page
|
|
|
|
|
|
return redirect(url_for('account.login'))
|
|
|
|
|
|
else:
|
|
|
|
|
|
g.errors['items'].append('Invalid registration. Try again.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
return render_template('default/id/registration.html')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/login', methods=['GET', 'POST'])
|
|
|
|
|
|
def login():
|
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
|
# validation entered data
|
|
|
|
|
|
if not special_match(request.form['email'], r"^[A-Za-z0-9\.\+_-]+@[A-Za-z0-9\._-]+\.[a-zA-Z]*$")\
|
|
|
|
|
|
or len(request.form['password']) < 5:
|
|
|
|
|
|
g.errors['items'].append('Invalid registration data.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
|
|
|
|
|
|
if g.errors['total'] == 0:
|
|
|
|
|
|
# try auth only active users (with status code 1)
|
|
|
|
|
|
if ControllerUsers().auth(request.form['email'], request.form['password'], 1):
|
|
|
|
|
|
# get user_id
|
|
|
|
|
|
user_id = ControllerUsers().get_id_by_email(request.form['email'])
|
|
|
|
|
|
# save user data to session
|
|
|
|
|
|
session['user_id'] = user_id
|
|
|
|
|
|
session['email'] = request.form['email']
|
|
|
|
|
|
session['password'] = request.form['password']
|
|
|
|
|
|
# redirect to rules list
|
|
|
|
|
|
return redirect(url_for('containers.index'))
|
|
|
|
|
|
else:
|
|
|
|
|
|
g.errors['items'].append('Invalid login. Please try again.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
return render_template("default/id/login.html")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/logout')
|
|
|
|
|
|
def logout():
|
|
|
|
|
|
session.pop('user_id', None)
|
|
|
|
|
|
session.pop('email', None)
|
|
|
|
|
|
session.pop('password', None)
|
|
|
|
|
|
return redirect(url_for('account.login'))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route("/password_reset", methods=['GET', 'POST'])
|
|
|
|
|
|
def password_reset():
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
|
# check exists email
|
|
|
|
|
|
if ControllerUsers().user_exists_by_email(request.form['email']):
|
|
|
|
|
|
# get user_id by email
|
|
|
|
|
|
user_id = str(ControllerUsers().user_id_by_email(request.form['email']))
|
|
|
|
|
|
|
|
|
|
|
|
# create recovery code
|
|
|
|
|
|
recovery_code = ControllerUsersRecoveryCodes().code_generate()
|
|
|
|
|
|
|
|
|
|
|
|
# remove old recovery codes for user
|
|
|
|
|
|
ControllerUsersRecoveryCodes().delete(user_id)
|
|
|
|
|
|
# write new recovery code to database
|
|
|
|
|
|
ControllerUsersRecoveryCodes().create(user_id, recovery_code)
|
|
|
|
|
|
|
|
|
|
|
|
# send mail message with recovery code
|
2015-12-06 02:28:21 +03:00
|
|
|
|
subject = u'GoCloud.ru: Код восстановления доступа'
|
2015-11-29 01:36:59 +03:00
|
|
|
|
message = u'Код восстановления: %s' % recovery_code
|
|
|
|
|
|
lead = u"""
|
|
|
|
|
|
Данный код необходимо ввести на странице подтверждения
|
2015-12-06 02:28:21 +03:00
|
|
|
|
<a href="https://gocloud.ru/account/password_reset_step2">сброса пароля</a>.
|
2015-11-29 01:36:59 +03:00
|
|
|
|
"""
|
|
|
|
|
|
callout = u'Если вы не хотите сбрасывать пароль, то просто проигнорируйте (или удалите) данное письмо.'
|
|
|
|
|
|
# controllers.Mail().send(request.form['email'], subject, message)
|
|
|
|
|
|
|
|
|
|
|
|
email = ControllerMessagesEmail()
|
|
|
|
|
|
email.send(title=subject, to=request.form['email'], lead=lead, message=message, callout=callout)
|
|
|
|
|
|
|
|
|
|
|
|
# redirect to step 2
|
|
|
|
|
|
return redirect(url_for('account.password_reset_step2'))
|
|
|
|
|
|
else:
|
|
|
|
|
|
g.errors['items'].append(u'Произошла ошибка. Введите корректный адрес е.почты.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
return render_template('default/id/password_reset_step1.html')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route("/password_reset_step2", methods=['GET', 'POST'])
|
|
|
|
|
|
def password_reset_step2():
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
|
# check exists email
|
|
|
|
|
|
if ControllerUsers().user_exists_by_email(request.form['email']):
|
|
|
|
|
|
# get user_id by email
|
|
|
|
|
|
user_id = ControllerUsers().user_id_by_email(request.form['email'])
|
|
|
|
|
|
recovery_code = request.form['recovery_code']
|
|
|
|
|
|
|
|
|
|
|
|
# check valid recovery codes
|
|
|
|
|
|
if ControllerUsersRecoveryCodes().check(user_id, recovery_code):
|
|
|
|
|
|
# remove old recovery codes for user
|
|
|
|
|
|
ControllerUsersRecoveryCodes().delete(user_id)
|
|
|
|
|
|
|
|
|
|
|
|
# generate new password
|
|
|
|
|
|
new_password = ControllerUsers().generate_password()
|
|
|
|
|
|
|
|
|
|
|
|
# save password
|
|
|
|
|
|
ControllerUsers().update(user_id, password=new_password)
|
|
|
|
|
|
|
|
|
|
|
|
# send mail message with new password
|
|
|
|
|
|
message = u"""Новый пароль: %s""" % new_password
|
2015-12-06 02:28:21 +03:00
|
|
|
|
subject = u"""GoCloud.ru: Новый пароль"""
|
2015-11-29 01:36:59 +03:00
|
|
|
|
lead = u"""
|
2015-12-06 02:28:21 +03:00
|
|
|
|
Пароль для доступа в a< href="https://gocloud.ru/account/login">личный кабинет</a> был сброшен.
|
2015-11-29 01:36:59 +03:00
|
|
|
|
"""
|
|
|
|
|
|
callout = u"""Запомните новый пароль и удалите данное сообщение."""
|
|
|
|
|
|
# controllers.Mail().send(request.form['email'], subject, message)
|
|
|
|
|
|
|
|
|
|
|
|
email = ControllerMessagesEmail()
|
|
|
|
|
|
email.send(title=subject, to=session['email'], lead=lead, message=message, callout=callout)
|
|
|
|
|
|
|
|
|
|
|
|
# redirect to login page
|
|
|
|
|
|
return redirect(url_for('account.login'))
|
|
|
|
|
|
# redirect to step 2
|
|
|
|
|
|
g.errors['items'].append(u'Ошибочный код')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
return redirect(url_for('account.password_reset_step2'))
|
|
|
|
|
|
else:
|
|
|
|
|
|
g.errors['items'].append(u'Произошла ошибка. Введите корректный адрес е.почты.')
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
return render_template('default/id/password_reset_step2.html')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route("/password_update", methods=['GET', 'POST'])
|
|
|
|
|
|
def password_update():
|
|
|
|
|
|
"""
|
|
|
|
|
|
Обновление пароля из личного кабинета с уведомлением владельца по ел.почте
|
|
|
|
|
|
:return:
|
|
|
|
|
|
"""
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
|
# Проверка старого пароля
|
|
|
|
|
|
check_old = ControllerUsers().auth(session['email'], request.form['old_password'])
|
|
|
|
|
|
|
|
|
|
|
|
if check_old and request.form['new_password'] == request.form['new_password_confirm']:
|
|
|
|
|
|
# Обновляем пароль
|
|
|
|
|
|
ControllerUsers().update(session['user_id'], password=request.form['new_password'])
|
|
|
|
|
|
|
|
|
|
|
|
# send mail message with recovery code
|
|
|
|
|
|
lead = u"""
|
|
|
|
|
|
Пароль для достуна в личный кабинет был успешно изменён.
|
|
|
|
|
|
"""
|
|
|
|
|
|
message = u"""Пароль: %s""" % request.form['new_password']
|
|
|
|
|
|
callout = u"""
|
|
|
|
|
|
"""
|
2015-12-06 02:28:21 +03:00
|
|
|
|
subject = u'GoCloud.ru: Смена пароля'
|
2015-11-29 01:36:59 +03:00
|
|
|
|
|
|
|
|
|
|
email = ControllerMessagesEmail()
|
|
|
|
|
|
email.send(
|
|
|
|
|
|
title=subject,
|
|
|
|
|
|
to=session['email'],
|
|
|
|
|
|
lead=lead,
|
|
|
|
|
|
message=message,
|
|
|
|
|
|
callout=callout
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
return redirect(url_for('account.password_update'))
|
|
|
|
|
|
return render_template('default/id/password_update.html')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/sshkey', methods=['GET', 'POST'])
|
|
|
|
|
|
def sshkey():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
controllersshkey = ControllerSSHKey(session['user_id'])
|
|
|
|
|
|
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
|
|
try:
|
|
|
|
|
|
ssh = SSHKey(request.form['sshkey'])
|
|
|
|
|
|
except Exception as e:
|
|
|
|
|
|
g.errors['items'].append(u"Не корректный ssh-ключ.")
|
|
|
|
|
|
g.errors['total'] += 1
|
|
|
|
|
|
else:
|
|
|
|
|
|
print(ssh.bits)
|
|
|
|
|
|
print(ssh.hash())
|
|
|
|
|
|
|
|
|
|
|
|
controllersshkey.set(request.form['sshkey'])
|
|
|
|
|
|
|
|
|
|
|
|
sshkey = {
|
|
|
|
|
|
"exists": controllersshkey.check(),
|
|
|
|
|
|
"sshkey": controllersshkey.get()
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return render_template('default/id/sshkey.html', sshkey=sshkey)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/sshkey_delete', methods=['POST'])
|
|
|
|
|
|
def sshkey_delete():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
|
|
|
|
|
|
controllersshkey = ControllerSSHKey(session['user_id'])
|
|
|
|
|
|
controllersshkey.delete()
|
|
|
|
|
|
|
|
|
|
|
|
return redirect(url_for('account.sshkey'))
|
2015-12-24 01:52:14 +03:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/api', methods=['GET', 'POST'])
|
|
|
|
|
|
def api():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
#
|
|
|
|
|
|
if not ControllerAPI().check(session['user_id']):
|
2015-12-24 01:54:04 +03:00
|
|
|
|
ControllerAPI().set(session['user_id'], '', '', 0)
|
2015-12-24 01:52:14 +03:00
|
|
|
|
#
|
|
|
|
|
|
user_secret = ControllerAPI().get(session['user_id'])[0]
|
|
|
|
|
|
return render_template(
|
|
|
|
|
|
'default/id/api.html',
|
|
|
|
|
|
user_secret=user_secret
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@viewAccount.route('/api_update', methods=['POST'])
|
|
|
|
|
|
def api_update():
|
|
|
|
|
|
# check session
|
|
|
|
|
|
if not ControllerUsers().check_session():
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
# auth user
|
|
|
|
|
|
if not ControllerUsers().auth(session['email'], session['password']):
|
|
|
|
|
|
return redirect(url_for("account.logout"))
|
|
|
|
|
|
#
|
|
|
|
|
|
ControllerAPI().set(
|
|
|
|
|
|
session['user_id'],
|
|
|
|
|
|
request.form['secret'],
|
|
|
|
|
|
request.form['acl'],
|
|
|
|
|
|
request.form['status']
|
|
|
|
|
|
)
|
|
|
|
|
|
#
|
|
|
|
|
|
return redirect(url_for('account.api'))
|
