blob: de836c01345797b0972703bd8a75437544365992 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
<!DOCTYPE html>
<!--
This file is part of GNU TALER.
Copyright (C) 2014, 2015, 2016 INRIA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Lesser General Public License as published by the Free Software
Foundation; either version 2.1, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
@author Marcello Stanisci
-->
{% extends "base.html" %}
{% block headermsg %}
<h1 class="nav">PIN/TAN: Confirm transaction</h1>
{% endblock %}
{% block content %}
{% if fail_message %}
<p class="informational informational-fail">
{{ hint }}
</p>
{% endif %}
<p>
{{ settings_value("TALER_CURRENCY") }} Bank needs to verify that you
intend to withdraw <b>{{ amount }}</b> from
<b>{{ exchange }}</b>.
To prove that you are the account owner, please answer the
following "security question" (*):
</p>
<p>
What is {{ question }} ?
</p>
<form method="post" action="{{ url('pin-verify') }}">
<input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}" />
<input type="text" name="pin_0" value="" autocomplete="off" />
<input type="hidden" name="pin_1" value="{{ hashed_answer }}" />
<input type="hidden" name="question_url" value="{{ request.get_full_path() }}" />
<input type="submit" value="Ok" />
</form>
<small style="margin: 40px 0px">(*) A real bank should ask for
a PIN/TAN instead of a simple calculation. For example by sending
a one time password to the customer's mobile or providing her a
random password generator.
<small>
{% endblock content %}
|