def access_bank():
"""
Allows login to banking institutions using Intuit API and
Python library aggcat. Calls functions in accounts.py.
Assumes that all account assets will be checking accounts.
"""
form = BankLoginForm(request.form)
if form.validate_on_submit():
institution = str(request.form["institution"])
username = request.form["user_name"]
password = request.form["user_password"]
user_fields = accounts.get_credential_fields(
accounts.create_client(), institution)
credentials = {}
credentials[user_fields["username"]] = username
credentials[user_fields["password"]] = password
try:
account = accounts.discover_add_account(
accounts.create_client(), institution, credentials)
account_data = account.content
# Checks the HTTP error code if account needs further
# authentication
if account.status_code in [200, 201]:
checking_balance = account_data.balance_amount
# Checks that user's assets are getting updated each time
# they change their input, and not getting added to the
# database.
user_assets = m_session.query(model.UserBanking).filter_by(
user_id=g.user.id).first()
if user_assets is not None:
update_assets = m_session.query(
model.UserBanking).filter_by(user_id=g.user.id).update(
{model.UserBanking.checking_amt: checking_balance})
else:
new_account = model.UserBanking(
user_id=g.user.id, inputted_assets=0,
checking_amt=checking_balance, savings_amt=0,
IRA_amt=0, comp401k_amt=0, investment_amt=0)
m_session.add(new_account)
m_session.commit()
flash("%s account XXXX%s with $%s has been added to your \
assets." % (account_data.account_nickname,
account_data.account_number[-4:],
account_data.balance_amount))
return redirect("/input/assets")
else:
return redirect("/banklogin/challenge")
except:
flash("There was an error accessing your account. Please try \
again.")
return redirect("/banklogin")
else:
flash("Please enter a valid email and password.")
return redirect("/banklogin")
def process_challenge():
"""
Authenticates access to banking institutions if there is a challenge
response with HTTP code 401.
"""
try:
institution = str(request.form["institution"])
username = request.form["user_name"]
password = request.form["user_password"]
# Responses must be in a list for XML to parse
responses = request.form[[challenge]]
user_fields = accounts.get_credential_fields(
accounts.create_client(), institution)
credentials = {}
credentials[user_fields["username"]] = username
credentials[user_fields["password"]] = password
account = accounts.discover_and_add_accounts(
accounts.create_client(), institution, credentials)
# Access "account" dictionary to pull the session and node id
challenge_session_id = account.headers["challengesessionid"]
challenge_node_id = account.headers["challengenodeid"]
confirmed_account = accounts.confirm_challenge(
create_client(), institution, challenge_session_id,
challenge_node_id, responses)
print accounts.content.account_nickname, \
accounts.content.account_number
checking_balance = confirmed_account.balance_amount
user_assets = m_session.query(model.UserBanking).filter_by(
user_id=g.user.id).first()
if user_assets is not None:
update_assets = m_session.query(model.UserBanking).filter_by(
user_id=g.user.id).update(
{model.UserBanking.checking_amt: checking_balance})
else:
new_account = model.UserBanking(
user_id=g.user.id, checking_amt=checking_balance)
m_session.add(new_account)
m_session.commit()
flash("%s account XXXX%s with $%s has been added to your assets."
% (confirmed_account.content.account_nickname,
confirmed_account.content.account_number[-4:],
confirmed_account.content.balance_amount))
return redirect("/input/assets")
except:
flash("There was an error authenticating your account. Please \
try again.")
return redirect("/banklogin/challenge")