def manage(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
outcome = account.cost
balance = account.balance
image = account.avatar
outs_d = list(
Bills.objects.values("amount").filter(payer_card=user.card))[-7:]
incomes_d = list(
Bills.objects.values("amount").filter(beneficiary=user.card))[-7:]
outs = []
incomes = []
for i in range(len(outs_d)):
outs.append(outs_d[i]["amount"])
for i in range(len(incomes_d)):
incomes.append(incomes_d[i]["amount"])
outs += (7 - len(outs)) * [0]
incomes += (7 - len(incomes)) * [0]
month = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul"]
outs_dic = dict(zip(month, outs))
incomes_dic = dict(zip(month, incomes))
return render(
request, "usersModule/manage.html", {
"name": name,
"outcome": outcome,
"income": balance,
"image": image,
"outs": outs_dic,
"incomes": incomes_dic
})
def transfer(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
card = user.card
image = get_account(name).avatar
if request.method == "POST":
amount = request.POST.get("amount")
passwd = request.POST.get("passwd")
b_phone = request.POST.get("b_phone")
phone = request.POST.get("phone")
salt = request.session[name]['salt']
signature = request.POST.get("signature")
ciphers = [amount, passwd, b_phone, phone]
plaintext = rsa_decrypt(ciphers)
success = ""
try:
beneficiary = Account.objects.get(user=plaintext[2])
except:
return JsonResponse({"message": "no such user"})
if verify_sign(ciphers, signature, name):
if md5(user.pay_passwd + salt) == plaintext[1]:
money = float(plaintext[0])
if money < 0:
return JsonResponse({"message": "wrong amount"})
if account.balance < money:
return JsonResponse(
{"message": "Insufficient account balance"})
if not creat_bill(name,
get_userby_phone(beneficiary.user).card,
money, "transfer"):
return JsonResponse({"message": "create bill wrong"})
account.balance -= money
account.cost += money
account.save()
beneficiary.balance += money
beneficiary.save()
logger.info(
'user:%s operation:%s amount:%s $ to beneficiary:%s' %
(name, 'transfer', str(money), beneficiary.name))
message = "You have already transfer " + plaintext[
0] + " yuan, Coming back to the homepage"
success = True
else:
message = "wrong password"
else:
message = "Signature verification failed"
return JsonResponse({"message": message, "success": success})
return render(request, "usersModule/Transfer.html", {
"name": name,
"card": card,
"image": image
})
def bills(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
image = account.avatar
outs = list(Bills.objects.filter(payer_card=user.card))
outs.reverse()
incomes = list(Bills.objects.filter(beneficiary=user.card))
incomes.reverse()
return render(
request, "usersModule/Bills.html", {
"name": name,
"image": image,
"outs": outs[0:Config.max_num],
"incomes": incomes[0:Config.max_num]
})
def withdraw(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
card = user.card
image = account.avatar
if request.method == "POST":
amount = request.POST.get("amount")
passwd = request.POST.get("passwd")
signature = request.POST.get("signature")
salt = request.session[name]['salt']
plaintext = rsa_decrypt([amount, passwd])
success = ""
money = float(plaintext[0])
if money < 0:
return JsonResponse({"message": "wrong amount"})
if verify_sign([amount, passwd], signature, name):
if md5(user.pay_passwd + salt) == plaintext[1]:
if account.balance < money:
message = " Insufficient account balance"
return JsonResponse({"message": message})
if not creat_bill(name, "", money, "withdraw"):
return JsonResponse({"message": "create bill wrong"})
account.balance -= money
account.cost += money
account.save()
logger.info('user:%s operation:%s amount:%s $' %
(name, 'withdraw', str(money)))
message = "You have already withdraw " + plaintext[
0] + " yuan, Coming back to the homepage"
success = True
else:
message = "wrong password"
else:
message = "Signature verification failed"
return JsonResponse({"message": message, "success": success})
return render(request, "usersModule/Withdraw.html", {
"name": name,
"card": card,
"image": image
})
def edit(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
image = account.avatar
if request.method == "POST":
name = request.POST.get("name", None)
ppasswd = request.POST.get("ppasswd", None)
card = request.POST.get("card", None)
phone = request.POST.get("phone", None)
passwd = request.POST.get("passwd", None)
opasswd = request.POST.get("opasswd", None)
success = False
if opasswd:
opasswd = rsa_decrypt([opasswd])[0]
if user.passwd == md5(opasswd):
if name:
user.name = rsa_decrypt([name])[0]
if ppasswd:
user.pay_passwd = md5(rsa_decrypt([ppasswd])[0])
if card:
user.card = rsa_decrypt([card])[0]
if phone:
phone = rsa_decrypt([phone])[0]
user.phone = phone
account.user = phone
if passwd:
user.passwd = md5(rsa_decrypt([passwd])[0])
user.save()
account.save()
message = "success"
success = True
else:
message = "wrong password"
else:
message = "old password could not be empty"
return JsonResponse({"message": message, "success": success})
return render(request, "usersModule/Edit.html", {
"name": name,
"image": image
})
def info(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
if request.method == "POST":
file = request.FILES['avatar']
if file:
account.avatar = file
account.save()
card = user.card
phone = user.phone
time = account.regtime
image = account.avatar
return render(request, "usersModule/Info.html", {
"name": name,
"card": card,
"phone": phone,
"time": time,
"image": image
})
def pay_transfer(request, pay_id):
if request.method != "POST":
return HttpResponse("method should be POST")
success = False
info_dict = get_paybill(pay_id)
aes_key = base64.b64decode(info_dict.key.encode())
user_cert = json.loads(request.POST.get('cert'))
hash_oi = request.POST.get('hashOI')
sign = request.POST.get('sign')
[hash_oi, sign] = aes_decrypt([hash_oi, sign], aes_key)
hash_pi = info_dict.hash_pi
if not part_and_verify(user_cert):
message = "cert verify failed"
elif not verify_sign([hash_pi, hash_oi], sign, user_cert['DN']):
message = "signature verify failed"
else:
amount = info_dict.amount
card = info_dict.card
beneficiary = get_account_by_card(card)
money = float(amount)
user_name = info_dict.payer_name
user = get_user(user_name)
account = get_account(user_name)
if account.balance < money:
message = "Insufficient account balance"
elif not creat_bill(user.name, card, money, "transfer"):
message = "create bill wrong"
else:
if not creat_bill(user.name, card, money, "transfer"):
return JsonResponse({"message": "create bill wrong"})
account.balance -= money
account.cost += money
account.save()
beneficiary.balance += money
beneficiary.save()
message = "You have already pay " + amount + " yuan"
success = True
return HttpResponse("success" if success else message)
def recharge(request, name):
if not if_login(request, name):
return redirect(reverse('signin'))
user = get_user(name)
account = get_account(name)
card = user.card
image = account.avatar
if request.method == "POST":
amount = request.POST.get("amount")
passwd = request.POST.get("passwd")
signature = request.POST.get("signature")
salt = request.session[name]['salt']
plaintext = rsa_decrypt([amount, passwd])
success = ""
money = float(plaintext[0])
if money < 0:
return JsonResponse({"message": "wrong amount"})
if verify_sign([amount, passwd], signature, name):
if md5(user.pay_passwd + salt) == plaintext[1]:
if not creat_bill(name, "", money, "recharge"):
return JsonResponse({"message": "create bill wrong"})
account.balance += money
account.save()
logger.info('user: '******' operation: ' +
'recharge amount: ' + str(money) + '$')
message = "Your account has been recharged " + plaintext[
0] + " yuan, Coming back to the homepage"
success = True
else:
message = "wrong password"
else:
message = "Signature verification failed"
return JsonResponse({"message": message, "success": success})
return render(request, "usersModule/Recharge.html", {
"name": name,
"card": card,
"image": image
})
