diff --git a/interbend/auth.py b/interbend/auth.py index dcf65ae..2bc1b98 100644 --- a/interbend/auth.py +++ b/interbend/auth.py @@ -1,5 +1,3 @@ -import secrets -import string from functools import wraps from flask import request, jsonify, current_app import jwt @@ -10,12 +8,6 @@ def _getconfig(): jwt_expire = current_app.config['JWT_EXPIRE'] # In days return jwt_key, jwt_expire -def r_gen2(length): - if length < 1: - raise ValueError("Length must be at least 1") - first_digit = secrets.choice(string.digits.replace('0', '')) - return first_digit + ''.join(secrets.choice(string.digits) for _ in range(length - 1)) - def jwt_required(f): @wraps(f) def decorated_function(*args, **kwargs): diff --git a/interbend/routes/auth_routes.py b/interbend/routes/auth_routes.py index f350714..c92f642 100644 --- a/interbend/routes/auth_routes.py +++ b/interbend/routes/auth_routes.py @@ -10,40 +10,14 @@ auth_bp = Blueprint('auth_bp', __name__) @auth_bp.route('/register', methods=['POST']) def register(): data = request.get_json() - # bid = data.get('bid') - # Bid is now generated by API + bid = data.get('bid') username = data.get('username') email = data.get('email') password = data.get('password') - if not username or not email or not password: - return jsonify({"error": "Username, email, and password are required."}), 404 + if not username or not email or not password or not bid: + return jsonify({"error": "Username, email, and password are required."}), 400 password_hash = generate_password_hash(password) - try: - with db.cursor(dictionary=True) as cur: - cur.execute("SELECT * FROM users WHERE email = %s", (email,)) - if cur.fetchone(): - return jsonify({"error": "Email already exists."}), 409 - except mysql.connector.Error as err: - db.rollback() - current_app.logger.error(f"Database error in register: {err}") - return jsonify({"error": "Database Error"}), 500 - for i in range(6): - if i == 5: - return jsonify({"error": "Could not generate valid BID"}), 500 - bid = "M-".join(r_gen2(16)) - try: - with db.cursor(dictionary=True) as cur: - cur.execute("SELECT * FROM users WHERE bid = %s", (bid,)) - if cur.fetchone: - continue - else: - break - except mysql.connector.Error as err: - db.rollback() - current_app.logger.error(f"Database error in register: {err}") - return jsonify({"error": "Database Error"}), 500 - try: with db.cursor(dictionary=True) as cur: cur.execute("INSERT INTO users (bid, username, email, password_hash) VALUES (%s, %s, %s, %s)", @@ -53,10 +27,8 @@ def register(): response = make_response(jsonify({"message": "Login successful."}), 201) response.set_cookie('token', token, httponly=True, samesite='Strict', max_age=30 * 24 * 60 * 60) return response - except mysql.connector.Error as err: - db.rollback() - current_app.logger.error(f"Database error in register: {err}") - return jsonify({"error": "Database Error"}), 500 + except mysql.connector.IntegrityError: + return jsonify({"error": "Username or email already exists."}), 409 diff --git a/interbend/routes/transaction_routes.py b/interbend/routes/transaction_routes.py index e206a06..8649f91 100644 --- a/interbend/routes/transaction_routes.py +++ b/interbend/routes/transaction_routes.py @@ -82,7 +82,6 @@ def transfer(): fbid = data.get('from') tbid = data.get('to') amount = data.get('amount') - note = data.get('note') if not tbid or not amount: return jsonify({"error": "To and amount are required"}), 400 if not fbid: @@ -106,9 +105,6 @@ def transfer(): with db.cursor(dictionary=True) as cur: cur.execute("UPDATE users SET balance = balance - %s WHERE bid = %s", (amount, fbid)) cur.execute("UPDATE users SET balance = balance + %s WHERE bid = %s", (amount, tbid)) - cur.execute("INSERT INTO transactions (source, target, amount, note, type, timestamp, status) VALUES (%s, %s, " - "%s, %s, %s, %s)", fbid, tbid, amount, note, "transfer", datetime.now(timezone.utc), - "completed", ) db.commit() return jsonify({"message": "Transfer successful"}), 200 except mysql.connector.Error as err: