def participate_factor(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'snd_acc_id' in request.form and 'factor_id' in request.form: factor = Factor.query.filter(Factor.id == request.form['factor_id']) if factor is not None: factor.snd_acc_id = request.form['snd_acc_id'] factor.tried = True factor.pay_time = datetime.datetime.utcnow() db_session.commit() # random_generator = Random.new().read # key = RSA.generate(1024, random_generator) transaction_token = TransactionToken() transaction_token.user_id = user.id transaction_token.token = sha256(user.id + str(datetime.datetime.utcnow()) + TOKEN_KEY).hexdigest() db_session.add(transaction_token) db_session.commit() return json.dumps({ 'status': 'OK', 'factor': factor, 'transaction_token': transaction_token.token, 'public_key': '' }) return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def complete_factor(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'factor_id' in request.form: factor = Factor.query.filter(Factor.id == request.form['factor_id']) if factor is not None: sender_account = Factor.snd_acc receiver_account = Factor.rcv_acc balance = sender_account.value - sender_account.blocked_balance if balance >= factor.value: sender_account.value -= factor.value receiver_account.value += factor.value factor.successfull = True transaction = Transaction() transaction.snd_acc_id = factor.snd_acc_id transaction.rcv_acc_id = factor.rcv_acc_id transaction.value = factor.value transaction.factor_id = factor.id db_session.add(transaction) db_session.commit() return json.dumps({'status': 'OK', 'transaction': transaction}) return json.dumps({ 'status': 'ERROR', 'code': 'NOT_ENOUGH_BALANCE' }) return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_transaction(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'rcv_acc_id' in request.form and 'snd_acc_id' and 'value' in request.form: sender_account = Account.query.filter( Account.id == request.form['snd_acc_id']) receiver_account = Account.query.filter( Account.id == request.form['rcv_acc_id']) balance = sender_account.value - sender_account.blocked_balance if balance >= request.form['value']: sender_account.value -= request.form['value'] receiver_account.value += request.form['value'] transaction = Transaction() transaction.snd_acc_id = request.form['snd_acc_id'] transaction.rcv_acc_id = request.form['rcv_acc_id'] transaction.value = request.form['value'] db_session.add(transaction) db_session.commit() return json.dumps({'status': 'OK', 'transaction': transaction}) return json.dumps({'status': 'ERROR', 'code': 'NOT_ENOUGH_BALANCE'}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_account(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) account = Account() account.user_id = user.id db_session.add(account) db_session.commit() return json.dumps({'status': 'OK', 'account': account})
def request_sms(): if 'phone' in request.form: temp = TempUser() temp.phone = request.form['phone'] temp.code = '452629' temp.hash_string = sha256(request.form['phone'] + str(datetime.datetime.utcnow()) + TOKEN_KEY).hexdigest() db_session.add(temp) db_session.commit() return json.dumps({'status': 'OK', 'hash_string': temp.hash_string}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def remove_card(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'card_id' in request.form: card = Card.query.filter(Card.id == request.form['card_id']) if card is not None: db_session.remove(card) db_session.commit() return json.dumps({'status': 'OK'}) return json.dumps({'status': 'ERROR', 'code': 'NOT_FOUND'}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_factor(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'rcv_acc_id' in request.form and 'value' in request.form and 'details' in request.form: factor = Factor() factor.rcv_acc_id = request.form['rcv_acc_id'] factor.value = request.form['value'] factor.details = request.form['details'] db_session.add(factor) db_session.commit() return json.dumps({'status': 'OK', 'factor': factor}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def add_card(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) if 'card_num' in request.form and 'cvv2' in request.form and 'name' in request.form \ and 'exp_date' in request.form : card = Card() card.card_num = request.form['card_num'] card.cvv2 = request.form['cvv2'] card.exp_date = request.form['exp_date'] card.name = request.form['name'] card.user_id = user.id db_session.add(card) db_session.commit() return json.dumps({'status': 'OK', 'card': card}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def participate_transaction(): user = check_token() if user is None: return json.dumps({'status': 'ERROR', 'code': 'BAD_TOKEN'}) transaction_token = TransactionToken() transaction_token.user_id = user.id transaction_token.token = sha256(user.id + str(datetime.datetime.utcnow()) + TOKEN_KEY).hexdigest() db_session.add(transaction_token) db_session.commit() return json.dumps({ 'status': 'OK', 'transaction_token': transaction_token.token, 'public_key': '' })
def verify_sms(): if 'verification_code' in request.form and 'hash_string' in request.form: temp = TempUser.query.filter( TempUser.hash_string == request.form['hash_string']).first() if temp is None: return json.dumps({'status': 'ERROR', 'code': 'WRONG_HASH'}) if request.form['verification_code'] == temp.code: temp.verified = True db_session.commit() user = User.query.filter(User.phone == temp.phone).first() if user is not None: return json.dumps({ 'status': 'OK', 'hash_string': temp.hash_string }) else: return json.dumps({ 'status': 'SIGNUP', 'hash_string': temp.hash_string }) return json.dumps({'status': 'ERROR', 'code': 'WRONG_CODE'}) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})
def login(): if 'sha256password' in request.form and 'hash_string' in request.form: tmp_user = TempUser.query.filter( TempUser.hash_string == request.form['hash_string']).first() if tmp_user is None: return json.dumps({'status': 'ERROR', 'code': 'NO_SUCH_LOGIN'}) if not tmp_user.verified: return json.dumps({ 'status': 'ERROR', 'code': 'PHONE_NOT_VERIFIED' }) user = User.query.filter(User.phone == tmp_user.phone).first() if user is None: return json.dumps({'status': 'ERROR', 'code': 'SIGNUP_FIRST'}) if user.password == sha256(request.form['sha256password'] + PASSWORD_KEY).hexdigest(): token = Token() token.token = sha256(user.username + str(user.id) + str(datetime.datetime.utcnow()) + TOKEN_KEY).hexdigest() token.user_id = user.id user.last_seen = datetime.datetime.utcnow() tmp_user.used = True db_session.add(token) db_session.commit() return json.dumps({ 'status': 'OK', 'user_id': user.id, 'token': token.token }) return json.dumps({ 'status': 'ERROR', 'error': 'WRONG_USER' if user is None else 'WRONG_PASS' }) return json.dumps({'status': 'ERROR', 'error': 'BAD_INPUT'})
def signup(): if 'hash_string' in request.form and 'first_name' in request.form and 'last_name' in request.form \ and 'sha256password' in request.form: temp = TempUser.query.filter( TempUser.hash_string == request.form['hash_string']).first() if temp is None: return json.dumps({'status': 'ERROR', 'code': 'NO_SUCH_LOGIN'}) if not temp.verified: return json.dumps({ 'status': 'ERROR', 'code': 'PHONE_NOT_VERIFIED' }) user = User.query.filter(User.phone == temp.phone).first() if user is not None: return json.dumps({'status': 'ERROR', 'code': 'ALREADY_SIGNED_UP'}) temp.used = True user = User() user.first_name = request.form['first_name'] user.last_name = request.form['last_name'] user.password = request.form['sha256password'] user.phone = temp.phone db_session.add(user) db_session.commit() token = Token() token.user_id = user.id token.token = sha256(user.phone + str(user.id) + str(datetime.datetime.utcnow()) + TOKEN_KEY).hexdigest() db_session.add(token) db_session.commit() account = Account() account.user_id = user.id db_session.add(account) db_session.commit() return json.dumps({ 'status': 'OK', 'user_id': token.user_id, 'token': token.token }) return json.dumps({'status': 'ERROR', 'code': 'BAD_REQUEST'})