Exemplo n.º 1
0
def transfer(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    card = user.card
    image = get_account(name).avatar
    if request.method == "POST":
        amount = request.POST.get("amount")
        passwd = request.POST.get("passwd")
        b_phone = request.POST.get("b_phone")
        phone = request.POST.get("phone")
        salt = request.session[name]['salt']
        signature = request.POST.get("signature")
        ciphers = [amount, passwd, b_phone, phone]
        plaintext = rsa_decrypt(ciphers)
        success = ""
        try:
            beneficiary = Account.objects.get(user=plaintext[2])
        except:
            return JsonResponse({"message": "no such user"})
        if verify_sign(ciphers, signature, name):
            if md5(user.pay_passwd + salt) == plaintext[1]:
                money = float(plaintext[0])
                if money < 0:
                    return JsonResponse({"message": "wrong amount"})
                if account.balance < money:
                    return JsonResponse(
                        {"message": "Insufficient account balance"})
                if not creat_bill(name,
                                  get_userby_phone(beneficiary.user).card,
                                  money, "transfer"):
                    return JsonResponse({"message": "create bill wrong"})
                account.balance -= money
                account.cost += money
                account.save()
                beneficiary.balance += money
                beneficiary.save()
                logger.info(
                    'user:%s operation:%s amount:%s $ to beneficiary:%s' %
                    (name, 'transfer', str(money), beneficiary.name))
                message = "You have already transfer " + plaintext[
                    0] + " yuan, Coming back to the homepage"
                success = True
            else:
                message = "wrong password"
        else:
            message = "Signature verification failed"
        return JsonResponse({"message": message, "success": success})
    return render(request, "usersModule/Transfer.html", {
        "name": name,
        "card": card,
        "image": image
    })
Exemplo n.º 2
0
def manage(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    outcome = account.cost
    balance = account.balance
    image = account.avatar
    outs_d = list(
        Bills.objects.values("amount").filter(payer_card=user.card))[-7:]
    incomes_d = list(
        Bills.objects.values("amount").filter(beneficiary=user.card))[-7:]
    outs = []
    incomes = []
    for i in range(len(outs_d)):
        outs.append(outs_d[i]["amount"])
    for i in range(len(incomes_d)):
        incomes.append(incomes_d[i]["amount"])
    outs += (7 - len(outs)) * [0]
    incomes += (7 - len(incomes)) * [0]
    month = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul"]
    outs_dic = dict(zip(month, outs))
    incomes_dic = dict(zip(month, incomes))
    return render(
        request, "usersModule/manage.html", {
            "name": name,
            "outcome": outcome,
            "income": balance,
            "image": image,
            "outs": outs_dic,
            "incomes": incomes_dic
        })
Exemplo n.º 3
0
def bills(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    image = account.avatar
    outs = list(Bills.objects.filter(payer_card=user.card))
    outs.reverse()
    incomes = list(Bills.objects.filter(beneficiary=user.card))
    incomes.reverse()
    return render(
        request, "usersModule/Bills.html", {
            "name": name,
            "image": image,
            "outs": outs[0:Config.max_num],
            "incomes": incomes[0:Config.max_num]
        })
Exemplo n.º 4
0
def withdraw(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    card = user.card
    image = account.avatar
    if request.method == "POST":
        amount = request.POST.get("amount")
        passwd = request.POST.get("passwd")
        signature = request.POST.get("signature")
        salt = request.session[name]['salt']
        plaintext = rsa_decrypt([amount, passwd])
        success = ""
        money = float(plaintext[0])
        if money < 0:
            return JsonResponse({"message": "wrong amount"})
        if verify_sign([amount, passwd], signature, name):
            if md5(user.pay_passwd + salt) == plaintext[1]:
                if account.balance < money:
                    message = " Insufficient account balance"
                    return JsonResponse({"message": message})
                if not creat_bill(name, "", money, "withdraw"):
                    return JsonResponse({"message": "create bill wrong"})
                account.balance -= money
                account.cost += money
                account.save()
                logger.info('user:%s operation:%s amount:%s $' %
                            (name, 'withdraw', str(money)))
                message = "You have already withdraw " + plaintext[
                    0] + " yuan, Coming back to the homepage"
                success = True
            else:
                message = "wrong password"
        else:
            message = "Signature verification failed"
        return JsonResponse({"message": message, "success": success})
    return render(request, "usersModule/Withdraw.html", {
        "name": name,
        "card": card,
        "image": image
    })
Exemplo n.º 5
0
def edit(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    image = account.avatar
    if request.method == "POST":
        name = request.POST.get("name", None)
        ppasswd = request.POST.get("ppasswd", None)
        card = request.POST.get("card", None)
        phone = request.POST.get("phone", None)
        passwd = request.POST.get("passwd", None)
        opasswd = request.POST.get("opasswd", None)
        success = False
        if opasswd:
            opasswd = rsa_decrypt([opasswd])[0]
            if user.passwd == md5(opasswd):
                if name:
                    user.name = rsa_decrypt([name])[0]
                if ppasswd:
                    user.pay_passwd = md5(rsa_decrypt([ppasswd])[0])
                if card:
                    user.card = rsa_decrypt([card])[0]
                if phone:
                    phone = rsa_decrypt([phone])[0]
                    user.phone = phone
                    account.user = phone
                if passwd:
                    user.passwd = md5(rsa_decrypt([passwd])[0])
                user.save()
                account.save()
                message = "success"
                success = True
            else:
                message = "wrong password"
        else:
            message = "old password could not be empty"
        return JsonResponse({"message": message, "success": success})
    return render(request, "usersModule/Edit.html", {
        "name": name,
        "image": image
    })
Exemplo n.º 6
0
def info(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    if request.method == "POST":
        file = request.FILES['avatar']
        if file:
            account.avatar = file
            account.save()
    card = user.card
    phone = user.phone
    time = account.regtime
    image = account.avatar
    return render(request, "usersModule/Info.html", {
        "name": name,
        "card": card,
        "phone": phone,
        "time": time,
        "image": image
    })
Exemplo n.º 7
0
def pay_transfer(request, pay_id):
    if request.method != "POST":
        return HttpResponse("method should be POST")
    success = False
    info_dict = get_paybill(pay_id)
    aes_key = base64.b64decode(info_dict.key.encode())
    user_cert = json.loads(request.POST.get('cert'))
    hash_oi = request.POST.get('hashOI')
    sign = request.POST.get('sign')
    [hash_oi, sign] = aes_decrypt([hash_oi, sign], aes_key)
    hash_pi = info_dict.hash_pi
    if not part_and_verify(user_cert):
        message = "cert verify failed"
    elif not verify_sign([hash_pi, hash_oi], sign, user_cert['DN']):
        message = "signature verify failed"
    else:
        amount = info_dict.amount
        card = info_dict.card
        beneficiary = get_account_by_card(card)
        money = float(amount)
        user_name = info_dict.payer_name
        user = get_user(user_name)
        account = get_account(user_name)
        if account.balance < money:
            message = "Insufficient account balance"
        elif not creat_bill(user.name, card, money, "transfer"):
            message = "create bill wrong"
        else:
            if not creat_bill(user.name, card, money, "transfer"):
                return JsonResponse({"message": "create bill wrong"})
            account.balance -= money
            account.cost += money
            account.save()
            beneficiary.balance += money
            beneficiary.save()
            message = "You have already pay " + amount + " yuan"
            success = True
    return HttpResponse("success" if success else message)
Exemplo n.º 8
0
def recharge(request, name):
    if not if_login(request, name):
        return redirect(reverse('signin'))
    user = get_user(name)
    account = get_account(name)
    card = user.card
    image = account.avatar
    if request.method == "POST":
        amount = request.POST.get("amount")
        passwd = request.POST.get("passwd")
        signature = request.POST.get("signature")
        salt = request.session[name]['salt']
        plaintext = rsa_decrypt([amount, passwd])
        success = ""
        money = float(plaintext[0])
        if money < 0:
            return JsonResponse({"message": "wrong amount"})
        if verify_sign([amount, passwd], signature, name):
            if md5(user.pay_passwd + salt) == plaintext[1]:
                if not creat_bill(name, "", money, "recharge"):
                    return JsonResponse({"message": "create bill wrong"})
                account.balance += money
                account.save()
                logger.info('user: '******' operation: ' +
                            'recharge amount: ' + str(money) + '$')
                message = "Your account has been recharged " + plaintext[
                    0] + " yuan, Coming back to the homepage"
                success = True
            else:
                message = "wrong password"
        else:
            message = "Signature verification failed"
        return JsonResponse({"message": message, "success": success})
    return render(request, "usersModule/Recharge.html", {
        "name": name,
        "card": card,
        "image": image
    })