[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] branch master updated: shortening pin/tan hand
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-bank] branch master updated: shortening pin/tan handler |
Date: |
Mon, 06 Nov 2017 12:33:54 +0100 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
The following commit(s) were added to refs/heads/master by this push:
new 62674ab shortening pin/tan handler
62674ab is described below
commit 62674ab55897a9a84112278af81be62225f62fa9
Author: Marcello Stanisci <address@hidden>
AuthorDate: Mon Nov 6 12:33:32 2017 +0100
shortening pin/tan handler
---
talerbank/app/schemas.py | 30 ++++++++++++++++++++++++++++++
talerbank/app/views.py | 46 +++++++++++-----------------------------------
2 files changed, 41 insertions(+), 35 deletions(-)
diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index e43947d..15988a5 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -20,6 +20,7 @@ definitions of JSON schemas for validating data
"""
import validictory
+import json
WIREDETAILS_SCHEMA = {
"type": "object",
@@ -64,6 +65,35 @@ INCOMING_REQUEST_SCHEMA = {
}
}
+PIN_TAN_ARGS = {
+ "type": "object",
+ "properties": {
+ "amount_value": {"format": "str_to_int"},
+ "amount_fraction": {"format": "str_to_int"},
+ "amount_currency": {"type": "string"},
+ "exchange": {"type": "string"},
+ "reserve_pub": {"type": "string"},
+ "wire_details": {"format": "wiredetails_string"}
+ }
+}
+
+def validate_pintan_types(validator, fieldname, value, format_option):
+ try:
+ if format_option == "str_to_int":
+ int(value)
+ if format_option == "wiredetails_string":
+ data = json.loads(value)
+ validate_wiredetails(data)
+ except Exception:
+ raise validictory.FieldValidationError(
+ "Missing/malformed '%s'" % fieldname, fieldname, value)
+
+def validate_pin_tan_args(pin_tan_args):
+ format_dict = {
+ "str_to_int": validate_pintan_types,
+ "wiredetails_string": validate_pintan_types}
+ validictory.validate(pin_tan_args, PIN_TAN_ARGS,
format_validators=format_dict)
+
def validate_amount(amount):
validictory.validate(amount, AMOUNT_SCHEMA)
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 439f394..dc5aabc 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -129,41 +129,18 @@ class Pin(forms.Form):
@require_GET
@login_required
def pin_tan_question(request):
- for param in ("amount_value",
- "amount_fraction",
- "amount_currency",
- "exchange",
- "reserve_pub",
- "wire_details"):
- if param not in request.GET:
- return HttpResponseBadRequest("parameter {} missing".format(param))
try:
- value = int(request.GET.get("amount_value", None))
- except ValueError:
- return HttpResponseBadRequest("invalid parameters: \"amount_value\"
not given or NaN")
- try:
- fraction = int(request.GET.get("amount_fraction", None))
- except ValueError:
- return HttpResponseBadRequest("invalid parameters: \"amount_fraction\"
not given or NaN")
- try:
- currency = request.GET.get("amount_currency", None)
- except ValueError:
- return HttpResponseBadRequest("invalid parameters: \"amount_currency\"
not given")
- if currency != settings.TALER_CURRENCY:
- return HttpResponse("Such currency (%s) is not accepted" % currency,
status=422)
- amount = Amount(currency, value, fraction)
- user_account = BankAccount.objects.get(user=request.user)
- wiredetails = json.loads(request.GET["wire_details"])
- if not isinstance(wiredetails, dict) or "test" not in wiredetails:
- return HttpResponseBadRequest(
- "This bank only supports the test wire transfer method. "
- "The exchange does not seem to support it.")
- try:
- schemas.validate_wiredetails(wiredetails)
+ schemas.validate_pin_tan_args(request.GET.dict())
+ # Currency is not checked, as any mismatches will be
+ # detected afterwards
except ValueError as error:
- return HttpResponseBadRequest("invalid parameters (%s)" % error)
- # parameters we store in the session are (more or less) validated
- request.session["exchange_account_number"] =
wiredetails["test"]["account_number"]
+ return HttpResponseBadRequest("invalid '%s'" % error.fieldname)
+ user_account = BankAccount.objects.get(user=request.user)
+ request.session["exchange_account_number"] = \
+ json.loads(request.GET["wire_details"])["test"]["account_number"]
+ amount = Amount(request.GET["amount_currency"],
+ int(request.GET["amount_value"]),
+ int(request.GET["amount_fraction"]))
request.session["amount"] = amount.dump()
request.session["exchange_url"] = request.GET["exchange"]
request.session["reserve_pub"] = request.GET["reserve_pub"]
@@ -177,8 +154,7 @@ def pin_tan_question(request):
form=Pin(auto_id=False),
amount=amount.stringify(settings.TALER_DIGITS),
previous_failed=previous_failed,
- exchange=request.GET["exchange"],
- )
+ exchange=request.GET["exchange"])
return render(request, "pin_tan.html", context)
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-bank] branch master updated: shortening pin/tan handler,
gnunet <=