Add note to transaction record

This commit implements automatic BID generation during registration

interbend/auth.py

@@ -1,3 +1,5 @@
+import secrets
+import string
 from functools import wraps
 from flask import request, jsonify, current_app
 import jwt
@@ -8,6 +10,12 @@ def _getconfig():
     jwt_expire = current_app.config['JWT_EXPIRE']  # In days
     return jwt_key, jwt_expire
 
+def r_gen2(length):
+    if length < 1:
+        raise ValueError("Length must be at least 1")
+    first_digit = secrets.choice(string.digits.replace('0', ''))
+    return first_digit + ''.join(secrets.choice(string.digits) for _ in range(length - 1))
+
 def jwt_required(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):

interbend/routes/auth_routes.py

@@ -10,14 +10,40 @@ auth_bp = Blueprint('auth_bp', __name__)
 @auth_bp.route('/register', methods=['POST'])
 def register():
     data = request.get_json()
-    bid = data.get('bid')
+    # bid = data.get('bid')
+    # Bid is now generated by API
     username = data.get('username')
     email = data.get('email')
     password = data.get('password')
 
-    if not username or not email or not password or not bid:
+    if not username or not email or not password:
-        return jsonify({"error": "Username, email, and password are required."}), 400
+        return jsonify({"error": "Username, email, and password are required."}), 404
     password_hash = generate_password_hash(password)
+    try:
+        with db.cursor(dictionary=True) as cur:
+            cur.execute("SELECT * FROM users WHERE email = %s", (email,))
+            if cur.fetchone():
+                return jsonify({"error": "Email already exists."}), 409
+    except mysql.connector.Error as err:
+        db.rollback()
+        current_app.logger.error(f"Database error in register: {err}")
+        return jsonify({"error": "Database Error"}), 500
+    for i in range(6):
+        if i == 5:
+            return jsonify({"error": "Could not generate valid BID"}), 500
+        bid = "M-".join(r_gen2(16))
+        try:
+            with db.cursor(dictionary=True) as cur:
+                cur.execute("SELECT * FROM users WHERE bid = %s", (bid,))
+                if cur.fetchone:
+                    continue
+                else:
+                    break
+        except mysql.connector.Error as err:
+            db.rollback()
+            current_app.logger.error(f"Database error in register: {err}")
+            return jsonify({"error": "Database Error"}), 500
+
     try:
         with db.cursor(dictionary=True) as cur:
             cur.execute("INSERT INTO users (bid, username, email, password_hash) VALUES (%s, %s, %s, %s)",
@@ -27,8 +53,10 @@ def register():
         response = make_response(jsonify({"message": "Login successful."}), 201)
         response.set_cookie('token', token, httponly=True, samesite='Strict', max_age=30 * 24 * 60 * 60)
         return response
-    except mysql.connector.IntegrityError:
+    except mysql.connector.Error as err:
-        return jsonify({"error": "Username or email already exists."}), 409
+        db.rollback()
+        current_app.logger.error(f"Database error in register: {err}")
+        return jsonify({"error": "Database Error"}), 500
 
 
 

interbend/routes/transaction_routes.py

@@ -82,6 +82,7 @@ def transfer():
     fbid = data.get('from')
     tbid = data.get('to')
     amount = data.get('amount')
+    note = data.get('note')
     if not tbid or not amount:
         return jsonify({"error": "To and amount are required"}), 400
     if not fbid:
@@ -105,6 +106,9 @@ def transfer():
         with db.cursor(dictionary=True) as cur:
             cur.execute("UPDATE users SET balance = balance - %s WHERE bid = %s", (amount, fbid))
             cur.execute("UPDATE users SET balance = balance + %s WHERE bid = %s", (amount, tbid))
+            cur.execute("INSERT INTO transactions (source, target, amount, note, type, timestamp, status) VALUES (%s, %s, "
+                        "%s, %s, %s, %s)", fbid, tbid, amount, note, "transfer", datetime.now(timezone.utc),
+                        "completed", )
         db.commit()
         return jsonify({"message": "Transfer successful"}), 200
     except mysql.connector.Error as err: