def resetUser(request):
if DEBUG: print("The resetUser function has been called\n")
try:
user_otp = get_any_user_profile(request.POST['username'],
request.POST['email'])
reCaptcha = request.POST['g-recaptcha-response']
if (user_otp and reCaptcha):
if DEBUG:
print("The username, email, and captcha have been verified\n")
if ((user_otp.otp_timestamp + OTP_EXPIRATION_DATE) >= int(
time.time())):
#
# if user's otpRequested and otpTimestamp < 15 minutes
# do not send another OTP until the 15 minutes expires
if DEBUG:
print(
"The current OTP is still valid, re-send current OTP until it is expired\n"
)
check = send_mail(
'Group 16 SBS Password OTP',
OTP_MESSAGE % (user_otp.otp_pass),
'*****@*****.**',
[user_otp.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
while (check == 0):
check = send_mail(
'Group 16 SBS Password OTP',
OTP_MESSAGE % (user_otp.otp_pass),
'*****@*****.**',
[user_otp.email],
fail_silently=False,
)
return render(request, 'reset/otpReset.html', {
'error_message':
"OTP recently sent, please check email",
})
else:
# else e.g. user's otpRequested and otpTimestamp > 15 minutes or otpRequested is False
# set user's OTP requested value to true
# set the time stamp of the request
# set the value of the user's generated OTP
#
if DEBUG: print("Generate an OTP code\n")
user_otp.otp_pass = otpGenerator(size=OTP_LENGTH)
user_otp.otp_timestamp = int(time.time())
user_otp.save()
if DEBUG: print("OTP pass and timestamp set and saved\n")
check = send_mail(
'Group 16 SBS Password OTP',
OTP_MESSAGE % (user_otp.otp_pass),
'*****@*****.**',
[user_otp.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
while (check == 0):
check = send_mail(
'Group 16 SBS Password OTP',
OTP_MESSAGE % (user_otp.otp_pass),
'*****@*****.**',
[user_otp.email],
fail_silently=False,
)
if DEBUG: print("Password reset OTP code has been sent\n")
return render(request, 'reset/otpReset.html', {
'error_message': "OTP sent, please check email",
})
else:
return render(
request, 'reset/reset.html', {
'error_message':
"Incorrect username and email combination or missing reCaptcha",
})
except:
if DEBUG: print("Threw an exception, did not complete try-block")
return render(request, 'reset/reset.html')
def otpUserReset(request):
if DEBUG: print("The otpUserReset function has been called\n")
try:
username = request.POST['username']
email = request.POST['email']
reCaptcha = request.POST['g-recaptcha-response']
if not validate_email(email=email) or not validate_username(
username=username):
return render(
request,
'reset/otpReset.html', {
'error_message': "Incorrect username and email format",
},
status=401)
user_otp = get_any_user_profile(username, email)
if (user_otp and reCaptcha):
if DEBUG:
print("The username, email, and captcha have been verified\n")
otpPassword = request.POST['otpPassword']
if DEBUG: print("OTP code is '%s'\n" % (otpPassword))
newPass = request.POST['newPassword']
conPass = request.POST['confirmPassword']
if DEBUG: print("New password is '%s'\n" % (newPass))
if DEBUG: print("Confirm password is '%s'\n" % (conPass))
if newPass == conPass:
if not validate_password(newPass) or not validate_password(
conPass):
return render(
request,
'reset/otpReset.html', {
'error_message':
"New password does not meet requirements",
},
status=401)
#
# if user's otpRequested is False or otpTimestamp > 15 minutes
# This OTP is expired, inform the user to re-submit their password reset request
if ((user_otp.otp_timestamp + OTP_EXPIRATION_DATE) >= int(
time.time())):
if (user_otp.otp_pass == otpPassword):
if DEBUG: print("Successfully reset the user password")
user_otp.user.set_password(newPass)
user_otp.user.save()
user_otp.otp_timestamp = time.time(
) - OTP_EXPIRATION_DATE
user_otp.save()
return render(
request, 'reset/otpReset.html', {
'error_message':
"Succesfully reset account password!",
})
else:
return render(
request,
'reset/otpReset.html', {
'error_message': "Incorrect OTP password",
},
status=401)
else:
return render(
request,
'reset/reset.html', {
'error_message':
"OTP password is expired, re-submit password reset request",
},
status=401)
else:
return render(
request,
'reset/otpReset.html', {
'error_message':
"New password does not match confirm password",
},
status=401)
else:
return render(
request,
'reset/otpReset.html', {
'error_message':
"Incorrect username and email combination or missing reCaptcha",
},
status=401)
return render(request,
'reset/otpReset.html', {
'error_message': "Error occurred with submission",
},
status=401)
except:
return render(request, 'reset/otpReset.html', status=401)
def deviceVerify(request):
if DEBUG: print("The deviceVerify function has been called\n")
try:
profile = get_any_user_profile(request.POST['username'],
request.POST['email'])
reCaptcha = request.POST['g-recaptcha-response']
if (profile and reCaptcha):
if DEBUG:
print("The username, email, and captcha have been verified\n")
otpPassword = request.POST['otpPassword']
if DEBUG: print("OTP code is '%s'\n" % (otpPassword))
if ((profile.otp_timestamp + OTP_EXPIRATION_DATE) >= int(
time.time())):
if (profile.otp_pass == otpPassword):
if DEBUG: print("Confirmed the user OTP key")
trusted_keys = get_user_trusted_keys(profile)
new_key = trustedDeviceKeyGenerator()
if (trusted_keys is None):
trusted_keys = [new_key]
elif (len(trusted_keys) == 10):
trusted_keys.pop()
trusted_keys.insert(0, new_key)
else:
trusted_keys.insert(0, new_key)
print("trusted keys is:")
print(trusted_keys)
if DEBUG: print("Update list of keys")
serial_keys = ''
for key in trusted_keys:
serial_keys += key + ';'
if DEBUG: print("Serialized keys '%s'" % (serial_keys))
profile.trusted_device_keys = serial_keys
profile.otp_timestamp = time.time() - OTP_EXPIRATION_DATE
profile.save()
if DEBUG: print("Update user profile keys and OTP")
oneYear = datetime.datetime.now()
oneYear.replace(year=oneYear.year + 1)
if DEBUG: print("Get cookie expiration")
response = render(
request, 'login/deviceVerify.html', {
'error_message':
"Succesfully added device to trusted devices!",
})
if DEBUG: print("Generate response")
response.set_cookie('trusted_device', new_key)
if DEBUG: print("Finish verifying device, return response")
return response
else:
return render(request, 'login/deviceVerify.html', {
'error_message': "Incorrect OTP password",
})
else:
return render(
request, 'login/deviceVerify.html', {
'error_message':
"OTP expired! Please re-try login to re-start device verification",
})
else:
return render(
request, 'login/deviceVerify.html', {
'error_message':
"Incorrect username and email combination or missing reCaptcha",
})
except:
if DEBUG: print("Threw an exception, did not complete try-block")
render(request, 'login/deviceVerify.html')
def loggedin(request):
user = request.user
if (hasattr(user, 'regularemployee') or hasattr(user, 'systemmanager')
or hasattr(user, 'administrator')) and (
hasattr(user, 'individualcustomer')
or hasattr(user, 'merchantorganization')):
user.delete()
return HttpResponseRedirect(reverse('login:signin'))
else:
# if there is a cookie for the device
# get the user profile
# check to see if the cookie stored on the device is in the list of trusted device keys
# if the device is trusted
# proceed to log in
# else
# send the user an OTP for verifying the device
# redirect the user to an OTP device verification page
# else
# send the user an OTP for verifying the device
# redirect the user to an OTP device verification page
if hasattr(user, 'regularemployee') or hasattr(
user, 'systemmanager') or hasattr(user, 'administrator'):
return HttpResponseRedirect(reverse('internal:index'))
elif hasattr(user, 'individualcustomer') or hasattr(
user, 'merchantorganization'):
return HttpResponseRedirect(reverse('external:index'))
else:
return HttpResponseRedirect(reverse('login:signout'))
user_email = get_user_email(user)
profile = get_any_user_profile(user.username, user_email)
print("Current cookies:")
trusted_key = request.COOKIES.get('trusted_device', '')
if (trusted_key != ''):
if DEBUG: print("The 'trusted_device' cookie is present\n")
trusted_keys = get_user_trusted_keys(profile)
if (trusted_keys is None):
trusted_keys = []
if DEBUG:
print("The 'trusted_device' cookie value is '%s'\n" %
(trusted_key))
if (not (trusted_key in trusted_keys)):
if DEBUG:
print("The 'trusted_device' cookie is not in the list\n")
logout(request)
return send_device_verify_otp(request, profile)
if hasattr(user, 'regularemployee') or hasattr(
user, 'systemmanager') or hasattr(user, 'administrator'):
return HttpResponseRedirect(reverse('internal:index'))
elif hasattr(user, 'individualcustomer') or hasattr(
user, 'merchantorganization'):
return HttpResponseRedirect(reverse('external:index'))
else:
return HttpResponseRedirect(reverse('login:signout'))
else:
if DEBUG: print("The 'trusted_device' cookie is not present\n")
logout(request)
return send_device_verify_otp(request, profile)
def createUser(request):
if DEBUG: print("The createUser function has been called\n")
try:
username = request.POST['username']
email = request.POST['email']
if not validate_email(email=email) or not validate_username(
username=username):
return render(request, 'create/create.html', {
'error_message': "Username is unavailable.",
})
existing_user = get_any_user_profile(username, email)
init_user = User.objects.filter(username=username)
reCaptcha = request.POST['g-recaptcha-response']
if (reCaptcha):
if (existing_user):
# if the user already fully exists (e.g. has a full profile)
# return error that username is unavailable
if DEBUG: print("The full user profile already exists\n")
return render(
request, 'create/create.html', {
'error_message': "Username not correct. Try another.",
})
elif (init_user):
# else if the username exists may have a pre-liminary account created (e.g. only a User type)
init_email = User.objects.filter(username=username,
email=email)
if (init_email):
# if email matches User email
# resend their password/OTP and tell them to check email
# re-direct them to final account creation
init_email = User.objects.get(username=username,
email=email)
if DEBUG:
print("The init user email exists in the system\n")
check = send_mail(
'Group 16 SBS New Account',
NEW_ACCOUNT_MESSAGE %
(init_email.username, init_email.first_name),
'*****@*****.**',
[init_email.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
while (check == 0):
check = send_mail(
'Group 16 SBS New Account',
NEW_ACCOUNT_MESSAGE %
(init_email.username, init_email.first_name),
'*****@*****.**',
[init_email.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
if DEBUG: print("New Account OTP code has been sent\n")
return render(
request, 'create/confirmAccount.html', {
'error_message':
"New Account email sent, please check email",
})
else:
# else
# return error that new account username/email mismatch
return render(request, 'create/create.html', {
'error_message':
"Username and email account mismatch.",
})
else:
# else
# the user is a new user
# create a new user object, assign the username, email, and OTP as first_name temporarily
# send email with new account information
# redirect the user
if DEBUG: print("Create temporary user account object\n")
new_user = User.objects.create_user(
username=username,
email=email,
first_name=otpGenerator(size=OTP_LENGTH))
new_user.save()
if DEBUG: print("Initial account created and saved\n")
check = send_mail(
'Group 16 SBS New Account',
NEW_ACCOUNT_MESSAGE %
(new_user.username, new_user.first_name),
'*****@*****.**',
[new_user.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
while (check == 0):
check = send_mail(
'Group 16 SBS New Account',
NEW_ACCOUNT_MESSAGE %
(new_user.username, new_user.first_name),
'*****@*****.**',
[new_user.email],
fail_silently=False,
)
if DEBUG:
print("New Account info and OTP code has been sent\n")
return render(
request, 'create/confirmAccount.html', {
'error_message':
"New Account email sent, please check email",
"STATES": STATES
})
except:
if DEBUG: print("Threw an exception, did not complete try-block")
return render(request, 'create/create.html')
def confirmAccount(request):
if DEBUG: print("The confirmUser function has been called\n")
# if existing_user
# return error that the user account already exists
# else if the init user exists
# if the init user email and OTP match
# delete the init user account to make a fresh user
# take the user input info details and create a corresponding account type
# display message that the new account has been created
# else
# return error that the email or OTP do match the account
# else
# redirect the user to the account creation page and display message to create a new account
try:
user_type = request.POST['user_type']
username = request.POST['username']
email = request.POST['email']
newPassword = request.POST['newPassword']
confirmPassword = request.POST['confirmPassword']
firstname = request.POST['firstname']
lastname = request.POST['lastname']
address = request.POST['address']
city = request.POST['city']
state = request.POST['state']
zipcode = request.POST['zipcode']
personalcode = request.POST['personalcode']
certificate = request.POST.get('certificate')
existing_user = get_any_user_profile(username, email)
init_user = User.objects.filter(username=username)
reCaptcha = request.POST['g-recaptcha-response']
if DEBUG: print("Checking the reCaptcha\n")
if (reCaptcha):
if DEBUG: print("reCaptcha has been entered\n")
if (existing_user):
# if the user already fully exists (e.g. has a full profile)
# return error that username is unavailable
if DEBUG: print("The full user profile already exists\n")
return render(
request, 'create/create.html', {
'error_message':
"User already exists, please login or reset password.",
})
elif (init_user):
# else if the username exists may have a pre-liminary account created (e.g. only a User type)
if DEBUG: print("Filter for the init user\n")
if not validate_account_info(user_type=user_type,
username=username,
email=email,
first_name=firstname,
last_name=lastname,
address=address,
city=city,
state=state,
zipcode=zipcode,
personal_code=personalcode):
return render(
request, 'create/confirmAccount.html', {
'error_message': "User information not correct.",
"STATES": STATES
})
init_email = User.objects.filter(
username=username,
email=email,
first_name=request.POST['otpPassword'])
if (init_email):
if DEBUG: print("Located the init user\n")
if (newPassword == confirmPassword):
if DEBUG:
print(
"The new password and confirm new password match\n"
)
if not validate_password(
newPassword) or not validate_password(
confirmPassword):
return render(
request, 'create/confirmAccount.html', {
'error_message':
"Passsword incorrectly formatted.",
"STATES": STATES
})
newUser = User.objects.get(username=username,
email=email)
if DEBUG: print("Save new user\n")
new_routing = get_new_routing_number()
if DEBUG:
print("New routing number is %d\n" % (new_routing))
checkingaccount = CheckingAccount.objects.create(
interest_rate=0.03,
routing_number=new_routing,
current_balance=0.00,
active_balance=0.00)
checkingaccount.save()
if DEBUG: print("Create and save checkings\n")
savingsaccount = SavingsAccount.objects.create(
interest_rate=0.03,
routing_number=new_routing,
current_balance=0.00,
active_balance=0.00)
savingsaccount.save()
if DEBUG: print("Create and save savings\n")
creditcard = CreditCard.objects.create(
interest_rate=0.03,
creditcard_number=get_new_credit_card_number(),
charge_limit=1000.00,
remaining_credit=1000.00,
late_fee=15.00,
days_late=0)
creditcard.save()
if DEBUG: print("Create and save credit card\n")
new_account = None
if not validate_certificate(certificate):
certificate = None
else:
ceriticate = str(certificate)
if (user_type == INDIVIDUAL_CUSTOMER):
if DEBUG: print("Individual account type\n")
if DEBUG:
print("saving individual account type\n",
str(firstname), lastname, email, address,
city, state, zipcode, personalcode,
checkingaccount.id, savingsaccount.id,
creditcard.id, newUser.id, certificate)
individualcustomer = IndividualCustomer.objects.create(
first_name=str(firstname),
last_name=str(lastname),
email=str(email),
street_address=str(address),
city=str(city),
state=str(state),
zipcode=str(zipcode),
session_key="None",
ssn=str(personalcode),
checking_account_id=int(checkingaccount.id),
savings_account_id=int(savingsaccount.id),
credit_card_id=int(creditcard.id),
user_id=int(newUser.id),
certificate=certificate)
individualcustomer.save()
if DEBUG:
print("Create and save ind. account type\n")
new_account = individualcustomer
else:
#(request.POST['user_type'] == MERCHANT_ORGANIZATION):
if DEBUG: print("Merchant account type\n")
merchantcustomer = MerchantOrganization.objects.create(
first_name=firstname,
last_name=lastname,
email=email,
street_address=address,
city=city,
state=state,
zipcode=zipcode,
session_key="None",
business_code=personalcode,
checking_account_id=checkingaccount.id,
savings_account_id=savingsaccount.id,
credit_card_id=creditcard.id,
user_id=newUser.id,
certificate=certificate)
merchantcustomer.save()
if DEBUG:
print("Create and save merch. account type\n")
new_account = merchantcustomer
newUser.set_password(newPassword)
newUser.email = ""
newUser.first_name = ""
newUser.save()
if DEBUG:
print(
"The user account has been created and added to the system\n"
)
check = send_mail(
'Group 16 SBS New Account Created',
CREATED_ACCOUNT_MESSAGE %
(new_account.user.username, new_routing),
'*****@*****.**',
[new_account.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
while (check == 0):
check = send_mail(
'Group 16 SBS New Account',
CREATED_ACCOUNT_MESSAGE %
(new_account.user.username, new_routing),
'*****@*****.**',
[new_account.email],
fail_silently=False,
)
if DEBUG: print("Check is %d\n" % (check))
if DEBUG: print("New account created email sent\n")
return render(
request, 'create/confirmAccount.html', {
'error_message':
"New account created! Email notification sent.",
"STATES": STATES
})
else:
return render(
request, 'create/confirmAccount.html', {
'error_message':
"New password and confirm password mismatch.",
"STATES": STATES
})
else:
# else
# return error that new account username/email mismatch
return render(
request, 'create/confirmAccount.html', {
'error_message':
"Username and email account mismatch.",
"STATES": STATES
})
else:
if DEBUG:
print(
"No user account present, need to apply for new account first\n"
)
return render(
request, 'create/create.html', {
'error_message':
"Application not found, please re-apply for an account.",
"STATES": STATES
})
except:
if DEBUG:
print("Threw an exception, did not complete try-block",
sys.exc_info()[0])
return render(request, 'create/confirmAccount.html',
{"STATES": STATES})