def register():
if current_user.is_authenticated and current_user.type == 'admin':
form = RegistrationForm()
if form.userType.data == 'admin':
del form.account_number
del form.username
if form.validate_on_submit():
if form.userType.data == 'admin':
user = Admin(email=form.email.data,
password=encrypt(form.password.data),
type=form.userType.data)
else:
user = Merchant(email=form.email.data,
password=encrypt(form.password.data),
type=form.userType.data,
name=form.username.data,
api_key=encrypt(
str(random_with_N_digits(2)) +
form.email.data + form.username.data),
account_number=form.account_number.data)
db.session.add(user)
db.session.commit()
flash("Utilisateur créé")
return redirect('transaction')
return render_template('register.html', title='Register', form=form)
else:
return redirect('login')
def preauthorize_payment(card_holder_name, amount, merchant_name, card_number, cvv, month_exp, year_exp):
url = BANK2_BASE_URL + "/api/v1/paymentGateway/preAuth"
headers = {"X-API-KEY": "15489123311"}
data = {
"amount": amount,
"merchantDesc": merchant_name,
"merchantAccountNumber": merchant_name,
"account": {
"cardholderName": card_holder_name,
"number": encrypt(card_number),
"exp": "{}/{}".format(month_exp, year_exp),
"cvv": encrypt(cvv)
}
}
r = requests.post(url, headers=headers, data=data)
return r
def settings():
if current_user.is_authenticated:
form = RegistrationForm()
if form.validate_on_submit():
if form.username:
current_user.name = form.username.data
if not form.password.data == "":
current_user.password = encrypt(form.password.data)
db.session.commit()
flash("Modification enregister")
return redirect('settings')
return render_template('settings.html',
title='Settings',
form=form,
user=current_user)
else:
return redirect('login')
def login():
if not current_user.is_authenticated:
error = None
if request.method == 'GET':
return render_template('login.html', title='Connexion')
elif request.method == 'POST':
email = request.form['email']
password = encrypt(request.form['password'])
registered_user = User.query.filter_by(email=email,
password=password).first()
# registered_user = User(email, password, 'admin')
if registered_user is None:
return render_template(
'login.html', error="Courriel ou mot de passe invalide")
login_user(registered_user)
return redirect('transaction')
else:
return redirect('transaction')
def encrypt_data(self):
self.credit_card_number = encrypt(self.credit_card_number)
def test_encryption(self, text):
assert text == decrypt(encrypt(text))