def reset_confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s' % buyer.uuid,
request,
severity=1)
else:
if buyer.new_pin == form.cleaned_data['pin']:
buyer.pin = form.cleaned_data['pin']
buyer.new_pin = None
buyer.needs_pin_reset = False
buyer.pin_confirmed = True
buyer.pin_was_locked_out = False
buyer.save()
confirmed = True
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def verify_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
valid = False
locked = False
if buyer.pin_confirmed:
# Note that the incr_lockout and clear_lockout methods
# trigger saves on the object. You should not do a save
# in this view as well for fear of stomping on the save
# caused by those methods.
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s'
% buyer.uuid, request, severity=1)
locked = True
else:
valid = buyer.pin == form.cleaned_data['pin']
if not valid:
locked = buyer.incr_lockout()
if locked:
locked = True
log_cef('Locked out account: %s' % buyer.uuid,
request, severity=1)
else:
buyer.clear_lockout(clear_was_locked=True)
output = VerifiedSerializer(instance=buyer, valid=valid, locked=locked)
return Response(output.data)
raise FormError(form.errors)
def confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.pin == form.cleaned_data['pin']:
buyer.pin_confirmed = True
confirmed = True
buyer.save()
else:
buyer.pin_confirmed = False
buyer.save()
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.pin == form.cleaned_data['pin']:
buyer.pin_confirmed = True
confirmed = True
buyer.save()
else:
buyer.pin_confirmed = False
buyer.save()
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def verify_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
valid = False
locked = False
if buyer.pin_confirmed:
# Note that the incr_lockout and clear_lockout methods
# trigger saves on the object. You should not do a save
# in this view as well for fear of stomping on the save
# caused by those methods.
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s' %
buyer.uuid,
request,
severity=1)
locked = True
else:
valid = buyer.pin == form.cleaned_data['pin']
if not valid:
locked = buyer.incr_lockout()
if locked:
locked = True
log_cef('Locked out account: %s' % buyer.uuid,
request,
severity=1)
else:
buyer.clear_lockout(clear_was_locked=True)
output = VerifiedSerializer(instance=buyer, valid=valid, locked=locked)
return Response(output.data)
raise FormError(form.errors)
def reset_confirm_pin(request):
form = PinForm(data=request.DATA)
if form.is_valid():
buyer = form.cleaned_data['buyer']
confirmed = False
if buyer.locked_out:
log_cef('Attempted access to locked out account: %s'
% buyer.uuid, request, severity=1)
else:
if buyer.new_pin == form.cleaned_data['pin']:
buyer.pin = form.cleaned_data['pin']
buyer.new_pin = None
buyer.needs_pin_reset = False
buyer.pin_confirmed = True
buyer.pin_was_locked_out = False
buyer.save()
confirmed = True
output = ConfirmedSerializer(instance=buyer, confirmed=confirmed)
return Response(output.data)
raise FormError(form.errors)
def test_completely_alpha_pin(self):
self.data['pin'] = 'asfa'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_ONLY_NUMBERS in form.errors['pin']
def test_too_short_pin(self):
self.data['pin'] = '123'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_4_NUMBERS_LONG in form.errors['pin']
def test_partially_numeric_pin(self):
self.data['pin'] = '123a'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_ONLY_NUMBERS in form.errors['pin']
def test_good_pin(self):
self.data['pin'] = '1234'
form = PinForm(self.data)
assert form.is_valid()
def test_completely_alpha_pin(self):
self.data['pin'] = 'asfa'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_ONLY_NUMBERS in form.errors['pin']
def test_partially_numeric_pin(self):
self.data['pin'] = '123a'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_ONLY_NUMBERS in form.errors['pin']
def test_too_short_pin(self):
self.data['pin'] = '123'
form = PinForm(self.data)
assert not form.is_valid()
assert PIN_4_NUMBERS_LONG in form.errors['pin']
def test_good_pin(self):
self.data['pin'] = '1234'
form = PinForm(self.data)
assert form.is_valid()
