shihaam/mib-payment-verify
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: shihaam:aa1d8e7dcf79b8f05720c9864b802ae0a45eb613
Branches Tags
shihaam:main
...
compare: shihaam:121dc00125141fe5a49f538972aba4e25266e534
Branches Tags
shihaam:main

2 Commits
aa1d8e7dcf ... 121dc00125

Author SHA1 Message Date
Shihaam Abdul Rahman
121dc00125
i will not understand 2024-10-22 00:37:58 +05:00
Shihaam Abdul Rahman
3e8dbb5931
reduce default time delta and allowed to be modified with variable 2024-10-22 00:37:19 +05:00
3 changed files with 3 additions and 317 deletions
Show Stats Expand all files Collapse all files

1
.env.example
View File

@ -8,3 +8,4 @@ QL_0=
IBSID= IBSID=
APP_DEBUG=true APP_DEBUG=true
TIME_DIFF_LIMIT=1

3
api.py
View File

@ -9,6 +9,7 @@ import json
from datetime import datetime, timedelta from datetime import datetime, timedelta
load_dotenv() # This will load environment variables from a .env file if it exists load_dotenv() # This will load environment variables from a .env file if it exists
TIME_DIFF_LIMIT = int(os.getenv('TIME_DIFF_LIMIT', 2)) # Default to 2mins if not set
app = Flask(__name__) app = Flask(__name__)
@ -36,7 +37,7 @@ def verify_transaction(benef_name, abs_amount, request_time, tx_data_list):
if (tx_benef_name == benef_name.strip().lower() and if (tx_benef_name == benef_name.strip().lower() and
compare_amounts(tx_data['absAmount'], abs_amount) and compare_amounts(tx_data['absAmount'], abs_amount) and
time_diff <= timedelta(minutes=30)): time_diff <= timedelta(minutes=TIME_DIFF_LIMIT)):
return True return True
except ValueError as e: except ValueError as e:
app.logger.error(f"Error processing transaction: {str(e)}") app.logger.error(f"Error processing transaction: {str(e)}")

316
auth.js
View File

@ -1,316 +0,0 @@
let displayError = function (msg) {
$("#error-display").text(msg).show('slow');
};
let hideError = function (msg) {
$("#error-display").hide('slow');
};
window.location.hash = '';
let hideProgress = function () {
$("#login-submit").removeClass('button-loader');
};
let showProgress = function () {
$("#login-submit").addClass('button-loader');
};
let pushDashboardToHistory = function () {
let defaultLandingPage = "https://faisanet.mib.com.mv/dashboard";
window.history.pushState({}, '', defaultLandingPage)
};
let getLandingPage = function (landingPageOption) {
let landingPage = "https://faisanet.mib.com.mv/profiles";
switch (landingPageOption) {
case "0":
{
//individual account login
landingPage = "https://faisanet.mib.com.mv/dashboard";
break;
}
case "1":
{
//profiles
landingPage = "https://faisanet.mib.com.mv/accounts";
break;
}
case "2":
{
//quick
landingPage = "https://faisanet.mib.com.mv/transfer/quick";
break;
}
case "3":
{
//local
landingPage = "https://faisanet.mib.com.mv/transfer/local";
break;
}
default:
{
//profiles
landingPage = "https://faisanet.mib.com.mv/profiles";
}
}
return landingPage;
}
let requestAuthType = function () {
showProgress();
hideError();
actionBlocker.blockActions();
let formData = $('#login-submit-form').serializeArray().reduce(function (obj, item) {
obj[item.name] = item.value;
return obj;
}, {});
delete formData['pgf02'];
$.ajax({
type: 'POST',
url: "https://faisanet.mib.com.mv/aAuth/getAuthType",
data: formData,
success: function (data, textStatus, request) {
actionBlocker.unblockActions();
//hideProgress();
let responseData = (JSON.parse(request.responseText));
let loginTypeParams = responseData['data'][0];
console.log(data, textStatus, request);
console.log(loginTypeParams);
if (loginTypeParams['loginType'] == 0) {
requestSimpleAuth();
} else {
requestXAuth(loginTypeParams);
}
},
error: function (request, textStatus, errorThrown) {
actionBlocker.unblockActions();
hideProgress();
let responseData = (JSON.parse(request.responseText));
displayError(responseData.reasonText);
}
});
};
let get256Hash = function (text) {
const shaObj = new jsSHA("SHA-256", "TEXT", {encoding: "UTF8"});
/* .update() can be chained */
//shaObj.update("This is").update(" a ");
shaObj.update(text);
const hash = shaObj.getHash("HEX");
return hash.toUpperCase();
};
function getSalt(length) {
let result = '';
const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
const charactersLength = characters.length;
let counter = 0;
while (counter < length) {
result += characters.charAt(Math.floor(Math.random() * charactersLength));
counter += 1;
}
return result;
}
let getHashedLoginParams = function (userSalt) {
let formData = $('#login-submit-form').serializeArray().reduce(function (obj, item) {
obj[item.name] = item.value;
return obj;
}, {});
let clientSalt = getSalt(32);
let hashedpw = get256Hash (clientSalt + get256Hash(get256Hash(formData['pgf02']) + userSalt));
delete formData['pgf02'];
formData['pgf03']= hashedpw;
formData['clientSalt'] = clientSalt;
return formData;
};
let requestXAuth = function (loginTypeParams) {
showProgress();
hideError();
actionBlocker.blockActions();
let hashedLoginParams = getHashedLoginParams(loginTypeParams['userSalt']);
$.ajax({
type: 'POST',
url: "https://faisanet.mib.com.mv/aAuth/xAuth",
data: hashedLoginParams,
success: function (data, textStatus, request) {
actionBlocker.unblockActions();
//hideProgress();
let responseData = (JSON.parse(request.responseText));
console.log(data, textStatus, request);
console.log(responseData);
hideProgress();
if (responseData.otpVerified == 0) {
window.location = 'https://faisanet.mib.com.mv/auth2FA';
return;
}
let landingPageOption = responseData.landingPage;
let landingPage = getLandingPage(landingPageOption);
switch (responseData.reasonCode) {
case "101":
{
//individual account login
window.location = landingPage;
break;
}
case "102":
{
//profiles
window.location = "https://faisanet.mib.com.mv/profiles";
break;
}
default:
{
//profiles
window.location = "https://faisanet.mib.com.mv/profiles";
}
}
},
error: function (request, textStatus, errorThrown) {
actionBlocker.unblockActions();
hideProgress();
let responseData = (JSON.parse(request.responseText));
displayError(responseData.reasonText);
}
});
};
let requestSimpleAuth = function () {
showProgress();
hideError();
actionBlocker.blockActions();
let formData = $('#login-submit-form').serializeArray().reduce(function (obj, item) {
obj[item.name] = item.value;
return obj;
}, {});
$.ajax({
type: 'POST',
url: "https://faisanet.mib.com.mv/aAuth",
data: formData,
success: function (data, textStatus, request) {
actionBlocker.unblockActions();
//hideProgress();
let responseData = (JSON.parse(request.responseText));
console.log(data, textStatus, request);
console.log(responseData);
hideProgress();
if (responseData.otpVerified == 0) {
window.location = 'https://faisanet.mib.com.mv/auth2FA';
return;
}
let landingPageOption = responseData.landingPage;
let landingPage = getLandingPage(landingPageOption);
switch (responseData.reasonCode) {
case "101":
{
//individual account login
window.location = landingPage;
break;
}
case "102":
{
//profiles
window.location = "https://faisanet.mib.com.mv/profiles";
break;
}
default:
{
//profiles
window.location = "https://faisanet.mib.com.mv/profiles";
}
}
},
error: function (request, textStatus, errorThrown) {
actionBlocker.unblockActions();
hideProgress();
let responseData = (JSON.parse(request.responseText));
displayError(responseData.reasonText);
}
});
};
$("#login-submit").click(function (e) {
$('#error-info').hide('slow');
e.preventDefault();
requestAuthType();
//hashPassword();
//requestSimpleAuth();
});