def din_side():
print("13")
session_cookie = get_valid_cookie()
if session_cookie is not None:
cookie = Cookies.query.filter_by(session_cookie=session_cookie).first()
user = User.query.filter_by(user_id=cookie.user_id).first()
resp1 = make_response(
render_template(
"pages/din_side.html",
fname=user.fname,
mname=user.mname,
lname=user.lname,
email=user.email,
id=user.user_id,
phone_num=user.phone_num,
dob=user.dob,
city=user.city,
postcode=user.postcode,
address=user.address)) # Ønsket side for når vi er innlogget
else:
resp1 = make_response(
) # Tom respons, denne skal ikke trigge uansett siden brukeren ikke er logget inn. Ønsket side for når vi er innlogget
resp2 = redirect(url_for('index'),
code=302) # Side for når en ikke er innlogget
try:
return signed_in(resp1, resp2)
except jinja2.exceptions.TemplateNotFound: # Hvis siden/html filen ikke blir funnet
abort(404) # Returner feilmelding 404
def edit():
print("14")
# Henter argumenteer fra URL som kommer med forespørselen fra nettleseren til brukeren.
fname_error = request.args.get('fname')
mname_error = request.args.get('mname')
lname_error = request.args.get('lname')
phone_num_error = request.args.get('phone_num')
dob_error = request.args.get('dob')
city_error = request.args.get('city')
postcode_error = request.args.get('postcode')
address_error = request.args.get('address')
pswd_error = request.args.get('pswd')
new_pswd_error = request.args.get('new_pswd')
auth_error = request.args.get('auth')
session_cookie = get_valid_cookie()
if session_cookie is not None:
cookie = Cookies.query.filter_by(session_cookie=session_cookie).first()
user = User.query.filter_by(user_id=cookie.user_id).first()
resp1 = make_response(
render_template(
"pages/edit.html",
fname=user.fname,
mname=user.mname,
lname=user.lname,
email=user.email,
id=user.user_id,
phone_num=user.phone_num,
dob=user.dob,
city=user.city,
postcode=user.postcode,
address=user.address,
fname_error=fname_error,
mname_error=mname_error,
lname_error=lname_error,
phone_num_error=phone_num_error,
dob_error=dob_error,
city_error=city_error,
postcode_error=postcode_error,
address_error=address_error,
pswd_error=pswd_error,
new_pswd_error=new_pswd_error,
auth_error=auth_error)) # Ønsket side for når vi er innlogget
else:
resp1 = make_response(
) # Tom respons, denne skal ikke trigge uansett siden brukeren ikke er logget inn. Ønsket side for når vi er innlogget
resp2 = redirect(url_for('index'),
code=302) # Side for når en ikke er innlogget
try:
return signed_in(resp1, resp2)
except jinja2.exceptions.TemplateNotFound: # Hvis siden/html filen ikke blir funnet
abort(404) # Returner feilmelding 404
def get_data(data = None):
print("get_handlers - 1")
# Denne kjøres når logg ut knappen trykkes på
if data == "logout":
session_cookie = get_valid_cookie() # Henter gyldig cookie fra headeren hvis det er en
# Om vi fikk en gyldig header, med en gyldig cookie, da er vi faktisk logget inn, og kan derfor logge ut brukeren.
if session_cookie is not None:
resp = redirect(url_for('login'), code=302)
delete_cookie(session_cookie)
update_cookie_clientside(session_cookie, resp, 0)
return resp
return redirect(url_for('index'), code=302)
def header():
print("20")
resp = make_response(render_template("header.html", logged_in=False))
session_cookie = get_valid_cookie()
whitelist = [
'startside.html', 'din_side.html', 'edit.html', 'transaction_view.html'
]
allowed = False
for el in whitelist:
if el in request.headers['Referer']:
allowed = True
if session_cookie is not None and (
'Referer' in request.headers
and request.host_url in request.headers['Referer'] and allowed):
cookie = Cookies.query.filter_by(session_cookie=session_cookie).first()
user = User.query.filter_by(user_id=cookie.user_id).first()
resp = make_response(
render_template("header.html",
fname=user.fname.split(' ')[0],
mname=user.mname.split(' ')[0],
lname=user.lname.split(' ')[0],
id=user.user_id,
logged_in=True,
session_duration=cookie_maxAge * 1000 * 0.8,
session_remaining=cookie_maxAge * 0.2 /
60)) # session_duration [ms]
try:
return resp
except jinja2.exceptions.TemplateNotFound: # Hvis siden/html filen ikke blir funnet
abort(404) # Returner feilmelding 404
def transaction_overview(page=None):
print("25")
resp1 = redirect(url_for('startpage'),
code=302) # Side for når en er innlogget
resp2 = redirect(url_for('index'),
code=302) # Side for når en ikke er innlogget
# Les ut variabler
account_number_hash = request.args.get('cnr')
session_cookie = get_valid_cookie()
if session_cookie is not None and contain_allowed_symbols(
account_number_hash,
whitelist=string.ascii_letters + string.digits +
string.punctuation + ' '):
cookie = Cookies.query.filter_by(session_cookie=session_cookie).first()
user = User.query.filter_by(user_id=cookie.user_id).first()
accounts = Account.query.filter_by(user_id=cookie.user_id).all()
match = False
for account in accounts:
actuall_hash = generate_password_hash(account.account_number,
'').decode('utf-8').replace(
'+', ' ')
if account_number_hash == actuall_hash:
match = True
break
# Sjekker om dette er brukeren sin konto
if account is not None and user is not None and account.user_id == user.user_id and match:
transactions = Transaction.query.filter_by(
to_acc=account.account_number).all(
) + Transaction.query.filter_by(
from_acc=account.account_number).all()
transfer_time = []
From = []
To = []
Msg = []
Inn = []
Out = []
insertion_sort_transactions(
transactions) # Sorterer transaksjonene, synkende rekkefølge
for transaction in transactions:
transfer_time.append(
str(
datetime.strptime(transaction.transfer_time,
"%Y-%m-%d %H:%M:%S.%f").strftime(
"%Y-%m-%d, %H:%M:%S")))
Msg.append(transaction.message)
From.append(transaction.from_acc)
To.append(transaction.to_acc)
if transaction.to_acc == account.account_number:
Inn.append(transaction.amount)
Out.append("")
if transaction.from_acc == account.account_number:
Inn.append("")
Out.append(transaction.amount)
resp1 = make_response(
render_template("pages/transaction_view.html",
len=len(transactions),
transfer_time=transfer_time,
From=From,
To=To,
Msg=Msg,
Inn=Inn,
Out=Out,
account=account.account_number,
name=account.account_name))
try:
return signed_in(resp1, resp2)
except jinja2.exceptions.TemplateNotFound: # Hvis siden/html filen ikke blir funnet
abort(404) # Returner feilmelding 404
def startpage():
print("3")
resp1 = make_response() # Ønsket side for når vi er innlogget
resp2 = redirect(url_for('index'),
code=302) # Side for når en ikke er innlogget
session_cookie = get_valid_cookie()
if session_cookie is not None:
cookie = Cookies.query.filter_by(session_cookie=session_cookie).first()
user = User.query.filter_by(user_id=cookie.user_id).first()
accounts = Account.query.filter_by(user_id=user.user_id).all()
ac_name = []
ac_nr = []
ac_balance = []
btn = []
transactions = set() # Bruker set for å fjerne duplikater
for account in accounts:
ac_name.append(account.account_name)
ac_nr.append(account.account_number)
btn.append(
generate_password_hash(account.account_number,
'').decode('utf-8'))
ac_balance.append(account.balance)
for transaction in Transaction.query.filter_by(
to_acc=account.account_number).all():
transactions.add(transaction)
for transaction in Transaction.query.filter_by(
from_acc=account.account_number).all():
transactions.add(transaction)
transactions_list = []
for transaction in transactions:
transactions_list.append(transaction)
insertion_sort_transactions(
transactions_list) # Sorterer transaksjonene, synkende rekkefølge
transfer_time = []
From = []
To = []
Msg = []
Inn = []
Out = []
for transaction in transactions_list:
for account in accounts:
if transaction.to_acc == account.account_number:
transfer_time.append(
str(
datetime.strptime(transaction.transfer_time,
"%Y-%m-%d %H:%M:%S.%f").strftime(
"%Y-%m-%d, %H:%M:%S")))
Msg.append(transaction.message)
From.append(transaction.from_acc)
To.append(transaction.to_acc)
Inn.append(transaction.amount)
Out.append("")
if transaction.from_acc == account.account_number:
Inn.append("")
Out.append(transaction.amount)
transfer_time.append(
str(
datetime.strptime(transaction.transfer_time,
"%Y-%m-%d %H:%M:%S.%f").strftime(
"%Y-%m-%d, %H:%M:%S")))
Msg.append(transaction.message)
From.append(transaction.from_acc)
To.append(transaction.to_acc)
account_num_error = request.args.get('account_num_error')
account_balance_error = request.args.get('account_balance_error')
amount_error = request.args.get('amount_error')
kid_error = request.args.get('kid_error')
auth_error = request.args.get('auth_error')
resp1 = make_response(
render_template("pages/startside.html",
len=len(transactions_list),
transfer_time=transfer_time,
From=From,
To=To,
Msg=Msg,
Inn=Inn,
Out=Out,
account=accounts[0].account_number,
ac_name=ac_name,
ac_nr=ac_nr,
ac_balance=ac_balance,
account_num_error=account_num_error,
account_balance_error=account_balance_error,
amount_error=amount_error,
kid_error=kid_error,
auth_error=auth_error,
btn=btn))
try:
return signed_in(resp1, resp2)
except jinja2.exceptions.TemplateNotFound: # Hvis siden/html filen ikke blir funnet
abort(404) # Returner feilmelding 404