def resetUser(request): if DEBUG: print("The resetUser function has been called\n") try: user_otp = get_any_user_profile(request.POST['username'], request.POST['email']) reCaptcha = request.POST['g-recaptcha-response'] if (user_otp and reCaptcha): if DEBUG: print("The username, email, and captcha have been verified\n") if ((user_otp.otp_timestamp + OTP_EXPIRATION_DATE) >= int( time.time())): # # if user's otpRequested and otpTimestamp < 15 minutes # do not send another OTP until the 15 minutes expires if DEBUG: print( "The current OTP is still valid, re-send current OTP until it is expired\n" ) check = send_mail( 'Group 16 SBS Password OTP', OTP_MESSAGE % (user_otp.otp_pass), '*****@*****.**', [user_otp.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) while (check == 0): check = send_mail( 'Group 16 SBS Password OTP', OTP_MESSAGE % (user_otp.otp_pass), '*****@*****.**', [user_otp.email], fail_silently=False, ) return render(request, 'reset/otpReset.html', { 'error_message': "OTP recently sent, please check email", }) else: # else e.g. user's otpRequested and otpTimestamp > 15 minutes or otpRequested is False # set user's OTP requested value to true # set the time stamp of the request # set the value of the user's generated OTP # if DEBUG: print("Generate an OTP code\n") user_otp.otp_pass = otpGenerator(size=OTP_LENGTH) user_otp.otp_timestamp = int(time.time()) user_otp.save() if DEBUG: print("OTP pass and timestamp set and saved\n") check = send_mail( 'Group 16 SBS Password OTP', OTP_MESSAGE % (user_otp.otp_pass), '*****@*****.**', [user_otp.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) while (check == 0): check = send_mail( 'Group 16 SBS Password OTP', OTP_MESSAGE % (user_otp.otp_pass), '*****@*****.**', [user_otp.email], fail_silently=False, ) if DEBUG: print("Password reset OTP code has been sent\n") return render(request, 'reset/otpReset.html', { 'error_message': "OTP sent, please check email", }) else: return render( request, 'reset/reset.html', { 'error_message': "Incorrect username and email combination or missing reCaptcha", }) except: if DEBUG: print("Threw an exception, did not complete try-block") return render(request, 'reset/reset.html')
def otpUserReset(request): if DEBUG: print("The otpUserReset function has been called\n") try: username = request.POST['username'] email = request.POST['email'] reCaptcha = request.POST['g-recaptcha-response'] if not validate_email(email=email) or not validate_username( username=username): return render( request, 'reset/otpReset.html', { 'error_message': "Incorrect username and email format", }, status=401) user_otp = get_any_user_profile(username, email) if (user_otp and reCaptcha): if DEBUG: print("The username, email, and captcha have been verified\n") otpPassword = request.POST['otpPassword'] if DEBUG: print("OTP code is '%s'\n" % (otpPassword)) newPass = request.POST['newPassword'] conPass = request.POST['confirmPassword'] if DEBUG: print("New password is '%s'\n" % (newPass)) if DEBUG: print("Confirm password is '%s'\n" % (conPass)) if newPass == conPass: if not validate_password(newPass) or not validate_password( conPass): return render( request, 'reset/otpReset.html', { 'error_message': "New password does not meet requirements", }, status=401) # # if user's otpRequested is False or otpTimestamp > 15 minutes # This OTP is expired, inform the user to re-submit their password reset request if ((user_otp.otp_timestamp + OTP_EXPIRATION_DATE) >= int( time.time())): if (user_otp.otp_pass == otpPassword): if DEBUG: print("Successfully reset the user password") user_otp.user.set_password(newPass) user_otp.user.save() user_otp.otp_timestamp = time.time( ) - OTP_EXPIRATION_DATE user_otp.save() return render( request, 'reset/otpReset.html', { 'error_message': "Succesfully reset account password!", }) else: return render( request, 'reset/otpReset.html', { 'error_message': "Incorrect OTP password", }, status=401) else: return render( request, 'reset/reset.html', { 'error_message': "OTP password is expired, re-submit password reset request", }, status=401) else: return render( request, 'reset/otpReset.html', { 'error_message': "New password does not match confirm password", }, status=401) else: return render( request, 'reset/otpReset.html', { 'error_message': "Incorrect username and email combination or missing reCaptcha", }, status=401) return render(request, 'reset/otpReset.html', { 'error_message': "Error occurred with submission", }, status=401) except: return render(request, 'reset/otpReset.html', status=401)
def deviceVerify(request): if DEBUG: print("The deviceVerify function has been called\n") try: profile = get_any_user_profile(request.POST['username'], request.POST['email']) reCaptcha = request.POST['g-recaptcha-response'] if (profile and reCaptcha): if DEBUG: print("The username, email, and captcha have been verified\n") otpPassword = request.POST['otpPassword'] if DEBUG: print("OTP code is '%s'\n" % (otpPassword)) if ((profile.otp_timestamp + OTP_EXPIRATION_DATE) >= int( time.time())): if (profile.otp_pass == otpPassword): if DEBUG: print("Confirmed the user OTP key") trusted_keys = get_user_trusted_keys(profile) new_key = trustedDeviceKeyGenerator() if (trusted_keys is None): trusted_keys = [new_key] elif (len(trusted_keys) == 10): trusted_keys.pop() trusted_keys.insert(0, new_key) else: trusted_keys.insert(0, new_key) print("trusted keys is:") print(trusted_keys) if DEBUG: print("Update list of keys") serial_keys = '' for key in trusted_keys: serial_keys += key + ';' if DEBUG: print("Serialized keys '%s'" % (serial_keys)) profile.trusted_device_keys = serial_keys profile.otp_timestamp = time.time() - OTP_EXPIRATION_DATE profile.save() if DEBUG: print("Update user profile keys and OTP") oneYear = datetime.datetime.now() oneYear.replace(year=oneYear.year + 1) if DEBUG: print("Get cookie expiration") response = render( request, 'login/deviceVerify.html', { 'error_message': "Succesfully added device to trusted devices!", }) if DEBUG: print("Generate response") response.set_cookie('trusted_device', new_key) if DEBUG: print("Finish verifying device, return response") return response else: return render(request, 'login/deviceVerify.html', { 'error_message': "Incorrect OTP password", }) else: return render( request, 'login/deviceVerify.html', { 'error_message': "OTP expired! Please re-try login to re-start device verification", }) else: return render( request, 'login/deviceVerify.html', { 'error_message': "Incorrect username and email combination or missing reCaptcha", }) except: if DEBUG: print("Threw an exception, did not complete try-block") render(request, 'login/deviceVerify.html')
def loggedin(request): user = request.user if (hasattr(user, 'regularemployee') or hasattr(user, 'systemmanager') or hasattr(user, 'administrator')) and ( hasattr(user, 'individualcustomer') or hasattr(user, 'merchantorganization')): user.delete() return HttpResponseRedirect(reverse('login:signin')) else: # if there is a cookie for the device # get the user profile # check to see if the cookie stored on the device is in the list of trusted device keys # if the device is trusted # proceed to log in # else # send the user an OTP for verifying the device # redirect the user to an OTP device verification page # else # send the user an OTP for verifying the device # redirect the user to an OTP device verification page if hasattr(user, 'regularemployee') or hasattr( user, 'systemmanager') or hasattr(user, 'administrator'): return HttpResponseRedirect(reverse('internal:index')) elif hasattr(user, 'individualcustomer') or hasattr( user, 'merchantorganization'): return HttpResponseRedirect(reverse('external:index')) else: return HttpResponseRedirect(reverse('login:signout')) user_email = get_user_email(user) profile = get_any_user_profile(user.username, user_email) print("Current cookies:") trusted_key = request.COOKIES.get('trusted_device', '') if (trusted_key != ''): if DEBUG: print("The 'trusted_device' cookie is present\n") trusted_keys = get_user_trusted_keys(profile) if (trusted_keys is None): trusted_keys = [] if DEBUG: print("The 'trusted_device' cookie value is '%s'\n" % (trusted_key)) if (not (trusted_key in trusted_keys)): if DEBUG: print("The 'trusted_device' cookie is not in the list\n") logout(request) return send_device_verify_otp(request, profile) if hasattr(user, 'regularemployee') or hasattr( user, 'systemmanager') or hasattr(user, 'administrator'): return HttpResponseRedirect(reverse('internal:index')) elif hasattr(user, 'individualcustomer') or hasattr( user, 'merchantorganization'): return HttpResponseRedirect(reverse('external:index')) else: return HttpResponseRedirect(reverse('login:signout')) else: if DEBUG: print("The 'trusted_device' cookie is not present\n") logout(request) return send_device_verify_otp(request, profile)
def createUser(request): if DEBUG: print("The createUser function has been called\n") try: username = request.POST['username'] email = request.POST['email'] if not validate_email(email=email) or not validate_username( username=username): return render(request, 'create/create.html', { 'error_message': "Username is unavailable.", }) existing_user = get_any_user_profile(username, email) init_user = User.objects.filter(username=username) reCaptcha = request.POST['g-recaptcha-response'] if (reCaptcha): if (existing_user): # if the user already fully exists (e.g. has a full profile) # return error that username is unavailable if DEBUG: print("The full user profile already exists\n") return render( request, 'create/create.html', { 'error_message': "Username not correct. Try another.", }) elif (init_user): # else if the username exists may have a pre-liminary account created (e.g. only a User type) init_email = User.objects.filter(username=username, email=email) if (init_email): # if email matches User email # resend their password/OTP and tell them to check email # re-direct them to final account creation init_email = User.objects.get(username=username, email=email) if DEBUG: print("The init user email exists in the system\n") check = send_mail( 'Group 16 SBS New Account', NEW_ACCOUNT_MESSAGE % (init_email.username, init_email.first_name), '*****@*****.**', [init_email.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) while (check == 0): check = send_mail( 'Group 16 SBS New Account', NEW_ACCOUNT_MESSAGE % (init_email.username, init_email.first_name), '*****@*****.**', [init_email.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) if DEBUG: print("New Account OTP code has been sent\n") return render( request, 'create/confirmAccount.html', { 'error_message': "New Account email sent, please check email", }) else: # else # return error that new account username/email mismatch return render(request, 'create/create.html', { 'error_message': "Username and email account mismatch.", }) else: # else # the user is a new user # create a new user object, assign the username, email, and OTP as first_name temporarily # send email with new account information # redirect the user if DEBUG: print("Create temporary user account object\n") new_user = User.objects.create_user( username=username, email=email, first_name=otpGenerator(size=OTP_LENGTH)) new_user.save() if DEBUG: print("Initial account created and saved\n") check = send_mail( 'Group 16 SBS New Account', NEW_ACCOUNT_MESSAGE % (new_user.username, new_user.first_name), '*****@*****.**', [new_user.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) while (check == 0): check = send_mail( 'Group 16 SBS New Account', NEW_ACCOUNT_MESSAGE % (new_user.username, new_user.first_name), '*****@*****.**', [new_user.email], fail_silently=False, ) if DEBUG: print("New Account info and OTP code has been sent\n") return render( request, 'create/confirmAccount.html', { 'error_message': "New Account email sent, please check email", "STATES": STATES }) except: if DEBUG: print("Threw an exception, did not complete try-block") return render(request, 'create/create.html')
def confirmAccount(request): if DEBUG: print("The confirmUser function has been called\n") # if existing_user # return error that the user account already exists # else if the init user exists # if the init user email and OTP match # delete the init user account to make a fresh user # take the user input info details and create a corresponding account type # display message that the new account has been created # else # return error that the email or OTP do match the account # else # redirect the user to the account creation page and display message to create a new account try: user_type = request.POST['user_type'] username = request.POST['username'] email = request.POST['email'] newPassword = request.POST['newPassword'] confirmPassword = request.POST['confirmPassword'] firstname = request.POST['firstname'] lastname = request.POST['lastname'] address = request.POST['address'] city = request.POST['city'] state = request.POST['state'] zipcode = request.POST['zipcode'] personalcode = request.POST['personalcode'] certificate = request.POST.get('certificate') existing_user = get_any_user_profile(username, email) init_user = User.objects.filter(username=username) reCaptcha = request.POST['g-recaptcha-response'] if DEBUG: print("Checking the reCaptcha\n") if (reCaptcha): if DEBUG: print("reCaptcha has been entered\n") if (existing_user): # if the user already fully exists (e.g. has a full profile) # return error that username is unavailable if DEBUG: print("The full user profile already exists\n") return render( request, 'create/create.html', { 'error_message': "User already exists, please login or reset password.", }) elif (init_user): # else if the username exists may have a pre-liminary account created (e.g. only a User type) if DEBUG: print("Filter for the init user\n") if not validate_account_info(user_type=user_type, username=username, email=email, first_name=firstname, last_name=lastname, address=address, city=city, state=state, zipcode=zipcode, personal_code=personalcode): return render( request, 'create/confirmAccount.html', { 'error_message': "User information not correct.", "STATES": STATES }) init_email = User.objects.filter( username=username, email=email, first_name=request.POST['otpPassword']) if (init_email): if DEBUG: print("Located the init user\n") if (newPassword == confirmPassword): if DEBUG: print( "The new password and confirm new password match\n" ) if not validate_password( newPassword) or not validate_password( confirmPassword): return render( request, 'create/confirmAccount.html', { 'error_message': "Passsword incorrectly formatted.", "STATES": STATES }) newUser = User.objects.get(username=username, email=email) if DEBUG: print("Save new user\n") new_routing = get_new_routing_number() if DEBUG: print("New routing number is %d\n" % (new_routing)) checkingaccount = CheckingAccount.objects.create( interest_rate=0.03, routing_number=new_routing, current_balance=0.00, active_balance=0.00) checkingaccount.save() if DEBUG: print("Create and save checkings\n") savingsaccount = SavingsAccount.objects.create( interest_rate=0.03, routing_number=new_routing, current_balance=0.00, active_balance=0.00) savingsaccount.save() if DEBUG: print("Create and save savings\n") creditcard = CreditCard.objects.create( interest_rate=0.03, creditcard_number=get_new_credit_card_number(), charge_limit=1000.00, remaining_credit=1000.00, late_fee=15.00, days_late=0) creditcard.save() if DEBUG: print("Create and save credit card\n") new_account = None if not validate_certificate(certificate): certificate = None else: ceriticate = str(certificate) if (user_type == INDIVIDUAL_CUSTOMER): if DEBUG: print("Individual account type\n") if DEBUG: print("saving individual account type\n", str(firstname), lastname, email, address, city, state, zipcode, personalcode, checkingaccount.id, savingsaccount.id, creditcard.id, newUser.id, certificate) individualcustomer = IndividualCustomer.objects.create( first_name=str(firstname), last_name=str(lastname), email=str(email), street_address=str(address), city=str(city), state=str(state), zipcode=str(zipcode), session_key="None", ssn=str(personalcode), checking_account_id=int(checkingaccount.id), savings_account_id=int(savingsaccount.id), credit_card_id=int(creditcard.id), user_id=int(newUser.id), certificate=certificate) individualcustomer.save() if DEBUG: print("Create and save ind. account type\n") new_account = individualcustomer else: #(request.POST['user_type'] == MERCHANT_ORGANIZATION): if DEBUG: print("Merchant account type\n") merchantcustomer = MerchantOrganization.objects.create( first_name=firstname, last_name=lastname, email=email, street_address=address, city=city, state=state, zipcode=zipcode, session_key="None", business_code=personalcode, checking_account_id=checkingaccount.id, savings_account_id=savingsaccount.id, credit_card_id=creditcard.id, user_id=newUser.id, certificate=certificate) merchantcustomer.save() if DEBUG: print("Create and save merch. account type\n") new_account = merchantcustomer newUser.set_password(newPassword) newUser.email = "" newUser.first_name = "" newUser.save() if DEBUG: print( "The user account has been created and added to the system\n" ) check = send_mail( 'Group 16 SBS New Account Created', CREATED_ACCOUNT_MESSAGE % (new_account.user.username, new_routing), '*****@*****.**', [new_account.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) while (check == 0): check = send_mail( 'Group 16 SBS New Account', CREATED_ACCOUNT_MESSAGE % (new_account.user.username, new_routing), '*****@*****.**', [new_account.email], fail_silently=False, ) if DEBUG: print("Check is %d\n" % (check)) if DEBUG: print("New account created email sent\n") return render( request, 'create/confirmAccount.html', { 'error_message': "New account created! Email notification sent.", "STATES": STATES }) else: return render( request, 'create/confirmAccount.html', { 'error_message': "New password and confirm password mismatch.", "STATES": STATES }) else: # else # return error that new account username/email mismatch return render( request, 'create/confirmAccount.html', { 'error_message': "Username and email account mismatch.", "STATES": STATES }) else: if DEBUG: print( "No user account present, need to apply for new account first\n" ) return render( request, 'create/create.html', { 'error_message': "Application not found, please re-apply for an account.", "STATES": STATES }) except: if DEBUG: print("Threw an exception, did not complete try-block", sys.exc_info()[0]) return render(request, 'create/confirmAccount.html', {"STATES": STATES})