Example #1
0
def access_bank():
    """
    Allows login to banking institutions using Intuit API and
    Python library aggcat. Calls functions in accounts.py.

    Assumes that all account assets will be checking accounts.
    """
    form = BankLoginForm(request.form)
    if form.validate_on_submit():
        institution = str(request.form["institution"])
        username = request.form["user_name"]
        password = request.form["user_password"]

        user_fields = accounts.get_credential_fields(
            accounts.create_client(), institution)
        credentials = {}
        credentials[user_fields["username"]] = username
        credentials[user_fields["password"]] = password

        try:
            account = accounts.discover_add_account(
                accounts.create_client(), institution, credentials)
            account_data = account.content

            # Checks the HTTP error code if account needs further
            # authentication
            if account.status_code in [200, 201]:
                checking_balance = account_data.balance_amount

                # Checks that user's assets are getting updated each time
                # they change their input, and not getting added to the
                # database.
                user_assets = m_session.query(model.UserBanking).filter_by(
                    user_id=g.user.id).first()
                if user_assets is not None:
                    update_assets = m_session.query(
                        model.UserBanking).filter_by(user_id=g.user.id).update(
                        {model.UserBanking.checking_amt: checking_balance})
                else:
                    new_account = model.UserBanking(
                        user_id=g.user.id, inputted_assets=0,
                        checking_amt=checking_balance, savings_amt=0,
                        IRA_amt=0, comp401k_amt=0, investment_amt=0)
                    m_session.add(new_account)
                m_session.commit()
                flash("%s account XXXX%s with $%s has been added to your \
                    assets." % (account_data.account_nickname,
                                account_data.account_number[-4:],
                                account_data.balance_amount))
                return redirect("/input/assets")
            else:
                return redirect("/banklogin/challenge")
        except:
            flash("There was an error accessing your account. Please try \
                again.")
            return redirect("/banklogin")
    else:
        flash("Please enter a valid email and password.")
        return redirect("/banklogin")
Example #2
0
def process_challenge():
    """
    Authenticates access to banking institutions if there is a challenge
    response with HTTP code 401.
    """
    try:
        institution = str(request.form["institution"])
        username = request.form["user_name"]
        password = request.form["user_password"]
        # Responses must be in a list for XML to parse
        responses = request.form[[challenge]]

        user_fields = accounts.get_credential_fields(
            accounts.create_client(), institution)
        credentials = {}
        credentials[user_fields["username"]] = username
        credentials[user_fields["password"]] = password

        account = accounts.discover_and_add_accounts(
            accounts.create_client(), institution, credentials)

        # Access "account" dictionary to pull the session and node id
        challenge_session_id = account.headers["challengesessionid"]
        challenge_node_id = account.headers["challengenodeid"]

        confirmed_account = accounts.confirm_challenge(
            create_client(), institution, challenge_session_id,
            challenge_node_id, responses)

        print accounts.content.account_nickname, \
            accounts.content.account_number
        checking_balance = confirmed_account.balance_amount

        user_assets = m_session.query(model.UserBanking).filter_by(
            user_id=g.user.id).first()
        if user_assets is not None:
            update_assets = m_session.query(model.UserBanking).filter_by(
                user_id=g.user.id).update(
                {model.UserBanking.checking_amt: checking_balance})
        else:
            new_account = model.UserBanking(
                user_id=g.user.id, checking_amt=checking_balance)
            m_session.add(new_account)
        m_session.commit()
        flash("%s account XXXX%s with $%s has been added to your assets."
              % (confirmed_account.content.account_nickname,
                 confirmed_account.content.account_number[-4:],
                 confirmed_account.content.balance_amount))
        return redirect("/input/assets")
    except:
        flash("There was an error authenticating your account. Please \
            try again.")
        return redirect("/banklogin/challenge")