diff options
| author | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-05-22 12:56:34 +0200 |
|---|---|---|
| committer | Marcello Stanisci <marcello.stanisci@inria.fr> | 2016-05-22 12:56:34 +0200 |
| commit | 7185a65c550dfd16bcef57828cd4e37d8152c270 (patch) | |
| tree | 6cee3235136ade6486251d4917a84a59bc8201ed | |
| parent | c0e309bed6c299d1919dcccda1a92d928a898d91 (diff) | |
| download | bank-7185a65c550dfd16bcef57828cd4e37d8152c270.tar.gz bank-7185a65c550dfd16bcef57828cd4e37d8152c270.tar.bz2 bank-7185a65c550dfd16bcef57828cd4e37d8152c270.zip | |
addressing #4511
| -rw-r--r-- | talerbank/app/captcha.py | 4 | ||||
| -rw-r--r-- | talerbank/app/funds.py | 3 | ||||
| -rw-r--r-- | talerbank/settings.py | 1 |
3 files changed, 6 insertions, 2 deletions
diff --git a/talerbank/app/captcha.py b/talerbank/app/captcha.py index 88c5940..f23efb4 100644 --- a/talerbank/app/captcha.py +++ b/talerbank/app/captcha.py @@ -87,11 +87,13 @@ def pin_tan_verify(request): for param in ["amount", "exchange", "reserve_pub"]: if param not in request.session: return HttpResponse("Not a withdraw session", status=400) + settings.TALER_WIREDETAILS_COUNTER += 1 reserve = Reserve(request.session['amount'], request.session['exchange'], request.session['account_number'], request.session['reserve_pub'], - request.session['wire_details']) + request.session['wire_details'], + wiredetails_counter=settings.TALER_WIREDETAILS_COUNTER) success_url = urlunparse([request.scheme, request.META['HTTP_HOST'], "/success.html", '', '', '']) diff --git a/talerbank/app/funds.py b/talerbank/app/funds.py index 26c116a..e68e9f5 100644 --- a/talerbank/app/funds.py +++ b/talerbank/app/funds.py @@ -41,13 +41,14 @@ def check_exchange_account_no(account_no): class Reserve: - def __init__(self, amount, exchange, exchange_account, reserve_pub, wire_details): + def __init__(self, amount, exchange, exchange_account, reserve_pub, wire_details, wiredetails_counter=0): schemas.validate_amount(amount) self.amount = amount self.exchange = exchange self.exchange_account = exchange_account self.reserve_pub = reserve_pub self.wire_details = wire_details + self.wire_details['uid'] = wiredetails_counter # The CSRF exempt is due to the fact Django looks for an anti-CSRF token # In any POST it gets. Since the following function is meant to serve mints, diff --git a/talerbank/settings.py b/talerbank/settings.py index 0a20ac4..6b9eeb9 100644 --- a/talerbank/settings.py +++ b/talerbank/settings.py @@ -142,6 +142,7 @@ STATIC_ROOT = '/tmp/talerbankstatic/' +TALER_WIREDETAILS_COUNTER = 0 TALER_CURRENCY = tc.value_string("taler", "currency", required=True) TALER_PREDEFINED_ACCOUNTS = ['Tor', 'GNUnet', 'Taler', 'FSF'] |