1 files changed, 14 insertions, 16 deletions

diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 4463f79..ca1afb2 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -391,17 +391,9 @@ class UserReg(forms.Form):
     password = forms.CharField(widget=forms.PasswordInput())
 
 
-def internal_register(request):
+def internal_register(username, password):
     if not settings.ALLOW_REGISTRATIONS:
         raise Exception("registration not allowed!")
-    input_data = UserReg(request.POST)
-
-    if not input_data.is_valid():
-        msg = "Wrong field(s): %s." % ", ".join(input_data.errors.keys())
-        raise InvalidInputData(msg)
-
-    username = input_data.cleaned_data["username"]
-    password = input_data.cleaned_data["password"]
 
     if User.objects.filter(username=username).exists():
         raise UsernameUnavailable(f"Username {username} is unavailable")
@@ -434,10 +426,12 @@ def register_headless(request):
     """
     if not settings.ALLOW_REGISTRATIONS:
         return JsonResponse(dict(error="registrations are not allowed"), status=403)
+    username = expect_json_body_str(request, "username")
+    password = expect_json_body_str(request, "password")
     try:
-        user = internal_register(request)
+        internal_register(username, password)
     except UsernameUnavailable:
-        return HttpResponse(status=409)  # Conflict
+        return JsonResponse(dict(hint="username unavailable"), status=409)  # Conflict
     except InvalidInputData:
         return HttpResponse(status=406)  # Not Acceptable
 
@@ -460,11 +454,15 @@ def register(request):
     # Process POST.
 
     try:
-        user = internal_register(request)
-
+        input_data = UserReg(request.POST)
+        if not input_data.is_valid():
+            msg = "Wrong field(s): %s." % ", ".join(input_data.errors.keys())
+            raise InvalidInputData(msg)
+        username = input_data.cleaned_data["username"]
+        password = input_data.cleaned_data["password"]        
+        user = internal_register(username, password)
     except UsernameUnavailable as e:
         return render(request, "register.html", {"not_available": True})
-
     except InvalidInputData as e:
         return render(
             request,
@@ -721,7 +719,7 @@ def serve_history(request, user_account):
 
 def expect_json_body_str(request, param_name):
     body = json.loads(request.body)  # FIXME: cache!
-    val = body[param_name]
+    val = body.get(param_name)
     if not isinstance(val, str):
         # FIXME: throw right exception to be handled by middleware
         raise Exception(f"expected string for {param_name}")
@@ -730,7 +728,7 @@ def expect_json_body_str(request, param_name):
 
 def expect_json_body_amount(request, param_name):
     body = json.loads(request.body)  # FIXME: cache!
-    val = body[param_name]
+    val = body.get(param_name)
     if not isinstance(val, str):
         # FIXME: throw right exception to be handled by middleware
         raise Exception(f"expected string for {param_name}")