From ce9845cbc23073836a54c49953496db64edb94a1 Mon Sep 17 00:00:00 2001 From: Reckless_Satoshi Date: Tue, 18 Jan 2022 09:42:45 -0800 Subject: [PATCH] Users stay logged in when re-entering home if there is an active order or is an old account --- README.md | 3 +++ api/views.py | 23 +++++++++++++++-------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 8fc2e3b4..58af713d 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,9 @@ RoboSats is a simple and private way to exchange bitcoin for national currencies ## Contribute to the Robotic Satoshis Open Source Project See [CONTRIBUTING.md](CONTRIBUTING.md) +## Original idea +A simple, custody-minimized, lightning exchange using hold invoices is heavily inspired by [P2PLNBOT](https://github.com/grunch/p2plnbot) by @grunch + ## License The Robotic Satoshis Open Source Project is released under the terms of the AGPL3.0 license. See [LICENSE](LICENSE) for more details. diff --git a/api/views.py b/api/views.py index 10f0381f..3683fe7c 100644 --- a/api/views.py +++ b/api/views.py @@ -315,14 +315,21 @@ class UserView(APIView): Response with Avatar and Nickname. ''' - # if request.user.id: - # context = {} - # context['nickname'] = request.user.username - # participant = not Logics.validate_already_maker_or_taker(request.user) - # context['bad_request'] = f'You are already logged in as {request.user}' - # if participant: - # context['bad_request'] = f'You are already logged in as as {request.user} and have an active order' - # return Response(context,status.HTTP_200_OK) + # If an existing user opens the main page by mistake, we do not want it to create a new nickname/profile for him + if request.user.is_authenticated: + context = {'nickname': request.user.username} + not_participant, _ = Logics.validate_already_maker_or_taker(request.user) + + # Does not allow this 'mistake' if an active order + if not not_participant: + context['bad_request'] = f'You are already logged in as {request.user} and have an active order' + return Response(context, status.HTTP_400_BAD_REQUEST) + + # Does not allow this 'mistake' if the last login was sometime ago (5 minutes) + if request.user.last_login < timezone.now() - timedelta(minutes=5): + context['bad_request'] = f'You are already logged in as {request.user}' + return Response(context, status.HTTP_400_BAD_REQUEST) + token = request.GET.get(self.lookup_url_kwarg)