refactoring some blueprints, adjusting static, adding more templates and routes

mm-logging
lza_menace 4 years ago
parent 59ea26b8f1
commit fb5e93232a

@ -1,3 +1,3 @@
from .wallet import wallet_bp
from .authentication import authentication_bp
from .auth import auth_bp
from .meta import meta_bp

@ -0,0 +1,5 @@
from flask import Blueprint
auth_bp = Blueprint("auth", __name__)
from . import routes

@ -1,13 +1,13 @@
from flask import request, render_template, session, redirect, url_for, flash
from flask_login import login_user, logout_user, current_user
from wowstash.blueprints.authentication import authentication_bp
from wowstash.blueprints.auth import auth_bp
from wowstash.forms import Register, Login
from wowstash.models import User
from wowstash.library.jsonrpc import wallet
from wowstash.factory import db, bcrypt
@authentication_bp.route("/register", methods=["GET", "POST"])
@auth_bp.route("/register", methods=["GET", "POST"])
def register():
form = Register()
if current_user.is_authenticated:
@ -18,13 +18,13 @@ def register():
# Check if Wownero wallet is available
if wallet.connected is False:
flash('Wallet RPC interface is unavailable at this time. Try again later.')
return redirect(url_for('authentication.register'))
return redirect(url_for('auth.register'))
# Check if email already exists
user = User.query.filter_by(email=form.email.data).first()
if user:
flash('This email is already registered.')
return redirect(url_for('authentication.login'))
return redirect(url_for('auth.login'))
# Create new subaddress
subaddress = wallet.new_address(label=form.email.data)
@ -42,9 +42,9 @@ def register():
login_user(user)
return redirect(url_for('wallet.dashboard'))
return render_template("authentication/register.html", form=form)
return render_template("auth/register.html", form=form)
@authentication_bp.route("/login", methods=["GET", "POST"])
@auth_bp.route("/login", methods=["GET", "POST"])
def login():
form = Login()
if current_user.is_authenticated:
@ -56,7 +56,7 @@ def login():
user = User.query.filter_by(email=form.email.data).first()
if not user:
flash('Invalid username or password.')
return redirect(url_for('authentication.login'))
return redirect(url_for('auth.login'))
# Check if password is correct
password_matches = bcrypt.check_password_hash(
@ -65,15 +65,15 @@ def login():
)
if not password_matches:
flash('Invalid username or password.')
return redirect(url_for('authentication.login'))
return redirect(url_for('auth.login'))
# Login user and redirect to wallet page
login_user(user)
return redirect(url_for('wallet.dashboard'))
return render_template("authentication/login.html", form=form)
return render_template("auth/login.html", form=form)
@authentication_bp.route("/logout")
@auth_bp.route("/logout")
def logout():
logout_user()
return redirect(url_for('meta.index'))

@ -1,5 +0,0 @@
from flask import Blueprint
authentication_bp = Blueprint("authentication", __name__)
from . import routes

@ -7,7 +7,20 @@ from wowstash.library.db import Database
@meta_bp.route('/')
def index():
return render_template('index.html', node=daemon.info(), info=info.get_info())
return render_template('meta/index.html', node=daemon.info(), info=info.get_info())
@meta_bp.route('/faq')
def faq():
return render_template('meta/faq.html')
@meta_bp.route('/terms')
def terms():
return render_template('meta/terms.html')
@meta_bp.route('/privacy')
def privacy():
return render_template('meta/privacy.html')
@meta_bp.route('/health')
def health():

@ -14,7 +14,7 @@ def dashboard():
daemon_height = daemon.height()['height']
subaddress = wallet.get_address(0, user.subaddress_index)['addresses'][0]['address']
return render_template(
"account/dashboard.html",
"wallet/dashboard.html",
wallet_height=wallet_height,
daemon=daemon_height,
subaddress=subaddress

@ -54,7 +54,7 @@ def create_app():
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'authentication.login'
login_manager.login_view = 'auth.login'
@login_manager.user_loader
def load_user(user_id):
@ -62,11 +62,11 @@ def create_app():
return User.query.get(user_id)
# Routes
from wowstash.blueprints.authentication import authentication_bp
from wowstash.blueprints.auth import auth_bp
from wowstash.blueprints.wallet import wallet_bp
from wowstash.blueprints.meta import meta_bp
app.register_blueprint(meta_bp)
app.register_blueprint(authentication_bp)
app.register_blueprint(auth_bp)
app.register_blueprint(wallet_bp)
app.app_context().push()

@ -492,3 +492,12 @@ footer ul li a:hover, footer ul li a:focus, footer ul li a:active, footer ul li
.list-inline-item i {
color: rgb(76, 76, 76);
}
#register .form-control {
width: 60%;
margin: 0 auto;
}
header.masthead .header-content-lg {
max-width: 70%;
}

@ -12,7 +12,7 @@
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<form method="POST" action="{{ url_for('authentication.login') }}">
<form method="POST" action="{{ url_for('auth.login') }}">
{{ form.csrf_token }}
{% for f in form %}
{% if f.name != 'csrf_token' %}
@ -30,7 +30,7 @@
<input type="submit" value="Login" class="btn btn-link btn-outline btn-xl">
</form>
<hr>
<p class="small">Click <a href="{{ url_for('authentication.register') }}" class="">here</a> if you need to register.</p>
<p class="small">Click <a href="{{ url_for('auth.register') }}" class="">here</a> if you need to register.</p>
</div>
</div>

@ -0,0 +1,107 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<h1 class="mb-4">Be Advised</h1>
<p>Wownero is a privacy centric cryptocurrency and is most safely managed on your own personal devices, on your own network, and with your own copy of the blockchain. This is a publicly accessible website, and while strict security measures are implemented on our servers, your account's security <strong>cannot</strong> be guaranteed. </p>
<p>If you decide to use this site for managing your funds, you do so at your own risk and are bound by the terms and conditions of this site. Practice good operational security and do not use this site for large amounts of funds.</p>
<div>
<a href="{{ url_for('meta.faq') }}">FAQ</a> -
<a href="{{ url_for('meta.terms') }}">Terms</a> -
<a href="{{ url_for('meta.privacy') }}">Privacy</a>
</div><br>
<a href="#register" class="btn btn-outline btn-xl js-scroll-trigger">Proceed</a>
</div>
</div>
</div>
</div>
</header>
<section class="section1" id="register">
<div class="container">
<div class="section-heading text-center">
<form method="POST" action="{{ url_for('auth.register') }}">
{{ form.csrf_token }}
{% for f in form %}
{% if f.name != 'csrf_token' %}
{% if f.type == 'BooleanField' %}
<div class="form-group-span">
{{ f.label }}
{{ f }}
</div>
{% else %}
<div class="form-group">
{{ f.label }}
{{ f }}
</div>
{% endif %}
{% endif %}
{% endfor %}
<ul>
{% for field, errors in form.errors.items() %}
<li>{{ form[field].label }}: {{ ', '.join(errors) }}</li>
{% endfor %}
</ul>
<input type="submit" value="Register" class="btn btn-link btn-outline-inverse btn-xl">
</form>
</div>
</div>
</section>
<!-- <header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<form method="POST" action="{{ url_for('auth.register') }}">
{{ form.csrf_token }}
{% for f in form %}
{% if f.name != 'csrf_token' %}
{% if f.type == 'BooleanField' %}
<div class="form-group-span">
{{ f.label }}
{{ f }}
</div>
{% else %}
<div class="form-group">
{{ f.label }}
{{ f }}
</div>
{% endif %}
{% endif %}
{% endfor %}
<ul>
{% for field, errors in form.errors.items() %}
<li>{{ form[field].label }}: {{ ', '.join(errors) }}</li>
{% endfor %}
</ul>
<div>
<a href="{{ url_for('meta.faq') }}">FAQ</a> -
<a href="{{ url_for('meta.terms') }}">Terms</a> -
<a href="{{ url_for('meta.privacy') }}">Privacy</a>
</div><br>
<input type="submit" value="Register" class="btn btn-link btn-outline btn-xl">
</form>
</div>
</div>
</div>
</div>
</header> -->
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -1,51 +0,0 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<form method="POST" action="{{ url_for('authentication.register') }}">
{{ form.csrf_token }}
{% for f in form %}
{% if f.name != 'csrf_token' %}
{% if f.type == 'BooleanField' %}
<div class="form-group-span">
{{ f.label }}
{{ f }}
</div>
{% else %}
<div class="form-group">
{{ f.label }}
{{ f }}
</div>
{% endif %}
{% endif %}
{% endfor %}
<ul>
{% for field, errors in form.errors.items() %}
<li>{{ form[field].label }}: {{ ', '.join(errors) }}</li>
{% endfor %}
</ul>
<input type="submit" value="Register" class="btn btn-link btn-outline btn-xl">
</form>
</div>
</div>
</div>
</div>
</header>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -0,0 +1,49 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content-lg mx-auto">
<h2 class="mb-4">Frequently Asked Questions</h2>
<h4>What Is This Site?</h4>
<p>
This is a website that allows you to send and receive <a href="https://wownero.org" target="
">Wownero</a>, a meme cryptocurrency which started as a joke and fork of <a href="https://web.getmonero.org/get-started/what-is-monero/" target="_blank">Monero</a>.
</p>
<h4>How Does It Work?</h4>
<p>
The site operator creates a new Wownero wallet and interfaces this website to it in the background. When new users sign up, a new <a href="https://monerodocs.org/public-address/subaddress/" target="_blank">subaddress</a> gets generated and assigned to the user. Users can then use the site to send and receive transactions.
</p>
<h4>Is It Safe?</h4>
<p>
No. Web wallets in general are not recommended for use as there are too many attack vectors and possible ways to potentially bypass security. Additionally, this is a custodial wallet, which means the site operator holds the mnemonic seed and technically owns all the funds within. However, if you're willing to accept the risks, web wallets do make it very easy and convenient to get started, but you have to trust that A. we won't get hacked and B. we won't scam you.
</p>
<h4>Why Should I Trust You?</h4>
<p>
You shouldn't. I am a stranger on the internet operating a custodial web wallet for a privacy-oriented, joke, memecoin. This should be all the red flags you need.
</p>
<h4>What Should I Use Instead?</h4>
<p>
Check the "Wallets" sections on the main <a href="https://wownero.org/" target="_blank">Wownero website</a> for the most recent software wallets available. Anything you can install on your own computer is the safest bet.
</p>
</div>
</div>
</div>
</div>
</header>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -16,8 +16,8 @@
{% if current_user.is_authenticated %}
<a href="{{ url_for('wallet.dashboard') }}" class="btn btn-outline btn-xl">Wallet Dashboard</a>
{% else %}
<a href="{{ url_for('authentication.register') }}" class="btn btn-outline btn-xl">Register</a>
<a href="{{ url_for('authentication.login') }}" class="btn btn-outline btn-xl">Login</a>
<a href="{{ url_for('auth.register') }}" class="btn btn-outline btn-xl">Register</a>
<a href="{{ url_for('auth.login') }}" class="btn btn-outline btn-xl">Login</a>
{% endif %}
</div>
</div>
@ -42,7 +42,9 @@
<div class="container">
<div class="section-heading text-center">
<h2>About</h2>
<p>This is an <a href="https://git.wownero.com/lza_menace/wowstash" target="_blank">open source</a>, web based, <a href="https://atomicwallet.io/custodial-non-custodial-wallets-comparison">custodial</a> wallet for the <a href="https://wownero.org" target="_blank">Wownero</a> cryptocurrency. It's development and hosting service was funded by the community using the <a href="https://funding.wownero.com/proposal/49">Wownero Funding System</a>.</p>
<p>This is an <a href="https://git.wownero.com/lza_menace/wowstash" target="_blank">open source</a>, web based, <a href="https://atomicwallet.io/custodial-non-custodial-wallets-comparison" target="
_blank">custodial</a> wallet for the <a href="https://wownero.org" target="_blank">Wownero</a> cryptocurrency. It's development and hosting service was funded by the community using the <a href="https://funding.wownero.com/proposal/49" target="
_blank">Wownero Funding System</a>.</p>
<br>
<p>For more information about this system please read the <a href="/faq">FAQ</a>. For contact information, please see the <a href="#contact" class="js-scroll-trigger">contact</a> section.</p>
<hr>

@ -0,0 +1,35 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<h1 class="mb-4">Privacy Policy</h1>
<p>Here is the information we collect:</p>
<ul>
<li>Web server access logs (Source IP address, browser user-agent, page requests, etc)</li>
<li>Email address and salted/hashed password (registration)</li>
</ul>
<p>We don't actively track or monitor any of this though. We don't even know what the privacy policy is supposed to be for, to be honest. Just trying to be legit.</p>
<p>None of this data is shared with any third parties; we're not lame.</p>
</div>
</div>
</div>
</div>
</header>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -0,0 +1,34 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<h1 class="mb-4">Terms of Service</h1>
<p>By using this service you accept and agree to be bound by the terms of service outlined below.</p>
<p>1. You agree to not be an asshole.</p>
<p>2. You accept the risks in using this service to manage cryptocurrency funds.</p>
<p>3. You take responsibility for anything that occurs with your user account or wallet funds.</p>
<p>4. You accept that under no circumstances will this service be liable for any lost cryptocurrency due to any reason.</p>
<p>5. You agree to participate in the meme economy and support other Wownero projects.</p>
</div>
</div>
</div>
</div>
</header>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -20,9 +20,9 @@
{% endif %}
{% if current_user.is_authenticated %}
<li class="nav-item"><a class="nav-link" href="{{ url_for('wallet.dashboard') }}">Wallet</a></li>
<li class="nav-item"><a class="nav-link" href="{{ url_for('authentication.logout') }}">Logout</a></li>
<li class="nav-item"><a class="nav-link" href="{{ url_for('auth.logout') }}">Logout</a></li>
{% else %}
<li class="nav-item"><a class="nav-link" href="{{ url_for('authentication.login') }}">Login</a></li>
<li class="nav-item"><a class="nav-link" href="{{ url_for('auth.login') }}">Login</a></li>
{% endif %}
</ul>
</div>

@ -1,47 +0,0 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-12 my-auto">
<div class="header-content mx-auto">
<h1 class="mb-4">Be Advised</h1>
<p>Monero is a privacy centric cryptocurrency and is most safely managed on your own personal devices, on your own network, and with your own copy of the blockchain. This is a publicly accessible website, and while strict security measures are implemented on our servers, your account's security cannot be guaranteed. </p>
<p>If you decide to use this site for managing your funds, you do so at your own risk and are bound by the terms and conditions of this site. Practice good operational security and do not use this site for large amounts of funds.</p>
<p>The 25 word string below is your mnemonic seed. This is the password to your Monero account, and has full control over your account and funds. It can be used to restore your account on any device in the future. Never share it with anyone and store it in a secure location.</p>
<a href="#seed" class="btn btn-outline btn-xl js-scroll-trigger">Get Password</a>
</div>
</div>
</div>
</div>
</header>
<section class="section1" id="seed">
<div class="container">
<div class="section-heading text-center">
<h2>Your Account Password</h2>
<p class="text-muted">This is your mnemonic seed and account password.</p>
<p class="text-muted">Store it securely and never share it with anyone. Use this to log into {{ config.SITE_NAME }}.</p>
<p class="text-muted">If you'd like a new seed, refresh the page.</p>
<hr><br>
<p>{{ seed }}</p>
<hr><br>
<a href="/login" class="btn btn-outline-inverse btn-xl">Login</a>
</div>
</div>
</section>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>

@ -1,31 +0,0 @@
<!DOCTYPE html>
<html lang="en">
{% include 'head.html' %}
<body id="page-top">
{% include 'navbar.html' %}
<header class="masthead">
<div class="container h-100">
<div class="row h-100">
<div class="col-lg-7 my-auto">
<div class="header-content mx-auto">
<h1 class="mb-5">Sorry</h1>
<p>This site enforces strict session expirations for security reasons. You will need to log back in to continue.</p>
<a href="." class="btn btn-outline btn-xl">Go Home</a>
<a href="/login" class="btn btn-outline btn-xl">Login</a>
</div>
</div>
</div>
</div>
</header>
{% include 'footer.html' %}
{% include 'scripts.html' %}
</body>
</html>
Loading…
Cancel
Save