grassrootseconomics/sarafu-vise
8
0
Fork 0
Code Issues 18 Pull Requests 3 Actions 1 Packages Projects Releases Wiki Activity

refactor the Authorize function to prevent double PIN requests

Browse Source
This commit is contained in:
Alfred Kamanda 2025-05-30 04:57:32 +03:00
parent b30e15caa5
commit 4f02924cbd
Signed by: Alfred-mk
GPG Key ID: 7EA3D01708908703
1 changed files with 25 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
handlers/application/menuhandler.go
View File

@ -1371,7 +1371,13 @@ func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte)
flag_incorrect_pin, _ := h.flagManager.GetFlag("flag_incorrect_pin") flag_incorrect_pin, _ := h.flagManager.GetFlag("flag_incorrect_pin")
flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized") flag_account_authorized, _ := h.flagManager.GetFlag("flag_account_authorized")
flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update") flag_allow_update, _ := h.flagManager.GetFlag("flag_allow_update")
flag_invalid_pin, _ := h.flagManager.GetFlag("flag_invalid_pin")
pinInput := string(input)
if !pin.IsValidPIN(pinInput) {
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
return res, nil
}
store := h.userdataStore store := h.userdataStore
AccountPin, err := store.ReadEntry(ctx, sessionId, storedb.DATA_ACCOUNT_PIN) AccountPin, err := store.ReadEntry(ctx, sessionId, storedb.DATA_ACCOUNT_PIN)
@ -1379,40 +1385,28 @@ func (h *MenuHandlers) Authorize(ctx context.Context, sym string, input []byte)
logg.ErrorCtxf(ctx, "failed to read AccountPin entry with", "key", storedb.DATA_ACCOUNT_PIN, "error", err) logg.ErrorCtxf(ctx, "failed to read AccountPin entry with", "key", storedb.DATA_ACCOUNT_PIN, "error", err)
return res, err return res, err
} }
str := string(input)
_, err = strconv.Atoi(str) // verify that the user provided the correct PIN
if len(input) == 4 && err == nil { if pin.VerifyPIN(string(AccountPin), pinInput) {
if pin.VerifyPIN(string(AccountPin), string(input)) { // set the required flags for a valid PIN
if h.st.MatchFlag(flag_account_authorized, false) { res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
res.FlagReset = append(res.FlagReset, flag_incorrect_pin) res.FlagReset = append(res.FlagReset, flag_incorrect_pin)
res.FlagSet = append(res.FlagSet, flag_allow_update, flag_account_authorized)
err := h.resetIncorrectPINAttempts(ctx, sessionId) err := h.resetIncorrectPINAttempts(ctx, sessionId)
if err != nil { if err != nil {
return res, err return res, err
}
} else {
res.FlagSet = append(res.FlagSet, flag_allow_update)
res.FlagReset = append(res.FlagReset, flag_account_authorized)
err := h.resetIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
}
} else {
err = h.incrementIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
}
res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
res.FlagReset = append(res.FlagReset, flag_account_authorized)
return res, nil
} }
} else { } else {
if string(input) != "0" { // set the required flags for an incorrect PIN
res.FlagSet = append(res.FlagSet, flag_invalid_pin) res.FlagSet = append(res.FlagSet, flag_incorrect_pin)
res.FlagReset = append(res.FlagReset, flag_account_authorized, flag_allow_update)
err = h.incrementIncorrectPINAttempts(ctx, sessionId)
if err != nil {
return res, err
} }
return res, nil
} }
return res, nil return res, nil
} }