module.py

    
    else:
        return abort( 403 )

################################################################################
#    Submission of a new donnor

@app.route( baseurl + '/new_donnor' )
@login_required
def submission_form():
    return render_template( 
        "new_donnor.html",
        baseurl = baseurl,
        js = config.cdnjs,
        css = config.cdncss,
        session_timeout = config.session_timeout
    )

@app.route( baseurl + '/create_submission', methods = [ "GET", "POST" ] )
@login_required
def create_submission_case():
    email = request.form.get( "email", False )
    
    if email:
        # Check for duplicate base upon the email data
        sql = "SELECT id, email_hash FROM submissions WHERE submitter_id = %s"
        r = config.db.query( sql, ( session[ 'user_id' ], ) )
        for case in r.fetchall():
            if pbkdf2( email, case[ 'email_hash' ] ):
                return jsonify( {
                    'error': True,
                    'msg': "Email already used"
                } )
                
                break
        
        else:
            # Insert the new donnor
            id = str( uuid4() )
            
            email_aes = do_encrypt( email )
            email_hash = pbkdf2( email, random_data( 50 ), 50000 )
            
            upload_nickname = request.form.get( "upload_nickname", None )
            upload_nickname = do_encrypt( upload_nickname )
            submitter_id = session[ 'user_id' ]
            
            status = "pending"
            
            sql = "INSERT INTO submissions ( uuid, email_aes, email_hash, nickname, status, submitter_id ) VALUES ( %s, %s, %s, %s, %s, %s ) RETURNING id"
            data = ( id, email_aes, email_hash, upload_nickname, status, submitter_id )
            
            config.db.query( sql, data )
            config.db.commit()
            
            return jsonify( {
                'error': False,
                'id': id
            } )
        
    else:
        return jsonify( {
            'error': True,
            'msg': "Email not provided"
        } )

@app.route( baseurl + '/donnor/<id>' )
@login_required
def update_donnor_folder( id ):
    sql = "SELECT email_aes as email, nickname, created_time FROM submissions WHERE submitter_id = %s AND uuid = %s"
    r = config.db.query( sql, ( session[ 'user_id' ], id ) )
    user = r.fetchone()
    for key in [ 'email', 'nickname' ]:
        user[ key ] = do_decrypt( user[ key ] )
    
    return render_template( 
        "update_donnor.html",
        baseurl = baseurl,
        js = config.cdnjs,
        css = config.cdncss,
        session_timeout = config.session_timeout,
        upload_id = id,
        **user
    )

################################################################################
#    Home page

@app.route( baseurl + '/' )
@login_required
def home():
    return render_template( 
        "index.html",
        baseurl = baseurl,
        admin = int( session[ 'account_type' ] ) == 1,
        js = config.cdnjs,
        css = config.cdncss,
        session_timeout = config.session_timeout,
        account_type = session.get( "account_type", None )
    )

################################################################################
#    Main startup

if __name__ == '__main__':
    gpg = gnupg.GPG()
    
    for file in os.listdir( config.keys_folder ):
        with open( config.keys_folder + "/" + file, "r" ) as fp:
            gpg.import_keys( fp.read() )
    
    app.run( debug = debug, host = "0.0.0.0", threaded = True )