def participate_factor():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'snd_acc_id' in request.form and 'factor_id' in request.form:
factor = Factor.query.filter(Factor.id == request.form['factor_id'])
if factor is not None:
factor.snd_acc_id = request.form['snd_acc_id']
factor.tried = True
factor.pay_time = datetime.datetime.utcnow()
db_session.commit()
# random_generator = Random.new().read
# key = RSA.generate(1024, random_generator)
transaction_token = TransactionToken()
transaction_token.user_id = user.id
transaction_token.token = sha256(user.id +
str(datetime.datetime.utcnow()) +
TOKEN_KEY).hexdigest()
db_session.add(transaction_token)
db_session.commit()
return json.dumps({
'status': 'OK',
'factor': factor,
'transaction_token': transaction_token.token,
'public_key': ''
})
return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def complete_factor():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'factor_id' in request.form:
factor = Factor.query.filter(Factor.id == request.form['factor_id'])
if factor is not None:
sender_account = Factor.snd_acc
receiver_account = Factor.rcv_acc
balance = sender_account.value - sender_account.blocked_balance
if balance >= factor.value:
sender_account.value -= factor.value
receiver_account.value += factor.value
factor.successfull = True
transaction = Transaction()
transaction.snd_acc_id = factor.snd_acc_id
transaction.rcv_acc_id = factor.rcv_acc_id
transaction.value = factor.value
transaction.factor_id = factor.id
db_session.add(transaction)
db_session.commit()
return json.dumps({'status': 'OK', 'transaction': transaction})
return json.dumps({
'status': 'ERROR',
'code': 'NOT_ENOUGH_BALANCE'
})
return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_transaction():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'rcv_acc_id' in request.form and 'snd_acc_id' and 'value' in request.form:
sender_account = Account.query.filter(
Account.id == request.form['snd_acc_id'])
receiver_account = Account.query.filter(
Account.id == request.form['rcv_acc_id'])
balance = sender_account.value - sender_account.blocked_balance
if balance >= request.form['value']:
sender_account.value -= request.form['value']
receiver_account.value += request.form['value']
transaction = Transaction()
transaction.snd_acc_id = request.form['snd_acc_id']
transaction.rcv_acc_id = request.form['rcv_acc_id']
transaction.value = request.form['value']
db_session.add(transaction)
db_session.commit()
return json.dumps({'status': 'OK', 'transaction': transaction})
return json.dumps({'status': 'ERROR', 'code': 'NOT_ENOUGH_BALANCE'})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_account():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
account = Account()
account.user_id = user.id
db_session.add(account)
db_session.commit()
return json.dumps({'status': 'OK', 'account': account})
def request_sms():
if 'phone' in request.form:
temp = TempUser()
temp.phone = request.form['phone']
temp.code = '452629'
temp.hash_string = sha256(request.form['phone'] +
str(datetime.datetime.utcnow()) +
TOKEN_KEY).hexdigest()
db_session.add(temp)
db_session.commit()
return json.dumps({'status': 'OK', 'hash_string': temp.hash_string})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def remove_card():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'card_id' in request.form:
card = Card.query.filter(Card.id == request.form['card_id'])
if card is not None:
db_session.remove(card)
db_session.commit()
return json.dumps({'status': 'OK'})
return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_factor():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'rcv_acc_id' in request.form and 'value' in request.form and 'details' in request.form:
factor = Factor()
factor.rcv_acc_id = request.form['rcv_acc_id']
factor.value = request.form['value']
factor.details = request.form['details']
db_session.add(factor)
db_session.commit()
return json.dumps({'status': 'OK', 'factor': factor})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_card():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
if 'card_num' in request.form and 'cvv2' in request.form and 'name' in request.form \
and 'exp_date' in request.form :
card = Card()
card.card_num = request.form['card_num']
card.cvv2 = request.form['cvv2']
card.exp_date = request.form['exp_date']
card.name = request.form['name']
card.user_id = user.id
db_session.add(card)
db_session.commit()
return json.dumps({'status': 'OK', 'card': card})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def participate_transaction():
user = check_token()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'})
transaction_token = TransactionToken()
transaction_token.user_id = user.id
transaction_token.token = sha256(user.id +
str(datetime.datetime.utcnow()) +
TOKEN_KEY).hexdigest()
db_session.add(transaction_token)
db_session.commit()
return json.dumps({
'status': 'OK',
'transaction_token': transaction_token.token,
'public_key': ''
})
def verify_sms():
if 'verification_code' in request.form and 'hash_string' in request.form:
temp = TempUser.query.filter(
TempUser.hash_string == request.form['hash_string']).first()
if temp is None:
return json.dumps({'status': 'ERROR', 'code': 'WRONG_HASH'})
if request.form['verification_code'] == temp.code:
temp.verified = True
db_session.commit()
user = User.query.filter(User.phone == temp.phone).first()
if user is not None:
return json.dumps({
'status': 'OK',
'hash_string': temp.hash_string
})
else:
return json.dumps({
'status': 'SIGNUP',
'hash_string': temp.hash_string
})
return json.dumps({'status': 'ERROR', 'code': 'WRONG_CODE'})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def login():
if 'sha256password' in request.form and 'hash_string' in request.form:
tmp_user = TempUser.query.filter(
TempUser.hash_string == request.form['hash_string']).first()
if tmp_user is None:
return json.dumps({'status': 'ERROR', 'code': 'NO_SUCH_LOGIN'})
if not tmp_user.verified:
return json.dumps({
'status': 'ERROR',
'code': 'PHONE_NOT_VERIFIED'
})
user = User.query.filter(User.phone == tmp_user.phone).first()
if user is None:
return json.dumps({'status': 'ERROR', 'code': 'SIGNUP_FIRST'})
if user.password == sha256(request.form['sha256password'] +
PASSWORD_KEY).hexdigest():
token = Token()
token.token = sha256(user.username + str(user.id) +
str(datetime.datetime.utcnow()) +
TOKEN_KEY).hexdigest()
token.user_id = user.id
user.last_seen = datetime.datetime.utcnow()
tmp_user.used = True
db_session.add(token)
db_session.commit()
return json.dumps({
'status': 'OK',
'user_id': user.id,
'token': token.token
})
return json.dumps({
'status':
'ERROR',
'error':
'WRONG_USER' if user is None else 'WRONG_PASS'
})
return json.dumps({'status': 'ERROR', 'error': 'BAD_INPUT'})
def signup():
if 'hash_string' in request.form and 'first_name' in request.form and 'last_name' in request.form \
and 'sha256password' in request.form:
temp = TempUser.query.filter(
TempUser.hash_string == request.form['hash_string']).first()
if temp is None:
return json.dumps({'status': 'ERROR', 'code': 'NO_SUCH_LOGIN'})
if not temp.verified:
return json.dumps({
'status': 'ERROR',
'code': 'PHONE_NOT_VERIFIED'
})
user = User.query.filter(User.phone == temp.phone).first()
if user is not None:
return json.dumps({'status': 'ERROR', 'code': 'ALREADY_SIGNED_UP'})
temp.used = True
user = User()
user.first_name = request.form['first_name']
user.last_name = request.form['last_name']
user.password = request.form['sha256password']
user.phone = temp.phone
db_session.add(user)
db_session.commit()
token = Token()
token.user_id = user.id
token.token = sha256(user.phone + str(user.id) +
str(datetime.datetime.utcnow()) +
TOKEN_KEY).hexdigest()
db_session.add(token)
db_session.commit()
account = Account()
account.user_id = user.id
db_session.add(account)
db_session.commit()
return json.dumps({
'status': 'OK',
'user_id': token.user_id,
'token': token.token
})
return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
