+
-
-
Welcome to TCGKof. By accessing our website, you agree to these terms and conditions.
+
+
Welcome to TCGKof. These Terms of Service ("Terms") enable you to understand your rights and responsibilities when using our marketplace. By accessing or using TCGKof, you agree to be bound by these Terms.
-
1. General Terms
-
TCGKof is a platform for buying and selling trading cards. Users must be at least 18 years old or have parental consent to use this service.
+
+ 1. Acceptance of Terms
+ By registering for, accessing, or using the TCGKof marketplace, website, or services (collectively, the "Service"), you agree to these Terms. If you do not agree, you may not use the Service.
+
-
2. User Accounts
-
You are responsible for maintaining the confidentiality of your account and password. You agree to accept responsibility for all activities that occur under your account.
+
+ 2. Definitions
+
+ - "Buyer" means a user who purchases items on the Service.
+ - "Seller" means a user who lists and sells items on the Service.
+ - "Service" refers to the TCGKof marketplace platform and related tools.
+ - "User" means any individual or entity accessing the Service.
+
+
-
3. Buying and Selling
-
Sellers must accurately describe items. Buyers must pay for items they commit to purchase. TCGKof facilitates transactions but is not a party to the contract between buyer and seller.
+
+ 3. Eligibility
+ You must be at least 18 years old to use the Service. Individuals between 13 and 18 may use the Service only with the supervision and consent of a parent or legal guardian. The Service is not available to any users previously suspended or removed from the system.
+
-
4. Prohibited Content
-
Users may not post content that is illegal, obscene, threatening, defamatory, or otherwise objectionable.
+
+ 4. User Accounts
+ To access certain features, you must register for an account. You agree to provide accurate, current, and complete information during registration. You are responsible for safeguarding your password and for all activities that occur under your account.
+
-
5. Limitation of Liability
-
TCGKof shall not be liable for any indirect, incidental, special, consequential, or punitive damages happening out of or in connection with your use of the site.
+
+ 5. Selling on TCGKof
+ Listings: Sellers are responsible for the accuracy of their listings. All items must be in the condition described. Misleading listings may result in account suspension.
+ Fees: When you make a sale, TCGKof charges a transaction fee of 5% of the total sale price plus a fixed fee of $0.70 per transaction. These fees are automatically deducted from the payout.
+ Shipping: Sellers must ship items within the timeframe specified in their store policies (typically 48 hours). Tracking is recommended for all orders and required for orders over $50.
+
-
6. Changes to Terms
-
We reserve the right to modify these terms at any time. Your continued use of the site constitutes acceptance of the modified terms.
+
+ 6. Buying on TCGKof
+ Payments: Buyers engage in a transaction with the Seller, not TCGKof. TCGKof processes payments as an agent for the Seller.
+ Refunds & Safeguard: If an item is not received or differs significantly from the description, TCGKof's Buyer Safeguard program may permit a refund. Buyers must report issues within 48 hours of delivery.
+
-
Last Updated: January 2026
+
+ 7. Fees and Taxes
+ Users are responsible for paying all fees associated with using the Service. Sellers are responsible for determining, determining, and remitting any applicable taxes on their sales. TCGKof may collect and remit sales tax where required by law.
+
+
+
+ 8. Content and Conduct
+ You agree not to:
+
+ - Post content that is illegal, abusive, defamatory, or obscene.
+ - Interfere with the proper working of the Service.
+ - Bypass or circumvent any measures we may use to prevent or restrict access to the Service.
+ - Harvest or scrape any data from the Service without express written permission.
+
+
+
+
+ 9. Intellectual Property
+ The Service and its original content, features, and functionality are owned by TCGKof and are protected by international copyright, trademark, patent, trade secret, and other intellectual property or proprietary rights laws.
+
+
+
+ 10. Termination
+ We may terminate or suspend your account and bar access to the Service immediately, without prior notice or liability, under our sole discretion, for any reason whatsoever and without limitation, including but not limited to a breach of the Terms.
+
+
+
+ 11. Limitation of Liability
+ In no event shall TCGKof, nor its directors, employees, partners, agents, suppliers, or affiliates, be liable for any indirect, incidental, special, consequential or punitive damages, including without limitation, loss of profits, data, use, goodwill, or other intangible losses, resulting from your access to or use of or inability to access or use the Service.
+
+
+
+ 12. Governing Law
+ These Terms shall be governed and construed in accordance with the laws of the United States, without regard to its conflict of law provisions.
+
+
+
{% endblock %}
diff --git a/tests/test_marketplace.py b/tests/test_marketplace.py
new file mode 100644
index 0000000..afec223
--- /dev/null
+++ b/tests/test_marketplace.py
@@ -0,0 +1,108 @@
+from django.test import TestCase
+from django.contrib.auth import get_user_model
+from store.models import Seller, CardListing, PackListing, Order, OrderItem, Card, Game, Set, Cart, CartItem
+
+User = get_user_model()
+
+class MarketplaceTests(TestCase):
+ def setUp(self):
+ # Create Users
+ self.seller_user = User.objects.create_user(username='seller', password='password')
+ self.buyer_user = User.objects.create_user(username='buyer', password='password')
+
+ # Create Seller
+ self.seller = Seller.objects.create(
+ user=self.seller_user,
+ store_name='Test Store',
+ slug='test-store',
+ contact_email='seller@test.com'
+ )
+
+ # Create Game/Set/Card
+ self.game = Game.objects.create(name='Test Game', slug='test-game')
+ self.set = Set.objects.create(game=self.game, name='Test Set')
+ self.card = Card.objects.create(set=self.set, name='Test Card')
+
+ # Create Listing
+ self.listing = CardListing.objects.create(
+ card=self.card,
+ seller=self.seller,
+ price=10.00,
+ quantity=5
+ )
+
+ def test_seller_creation(self):
+ self.assertEqual(self.seller.store_name, 'Test Store')
+ self.assertEqual(self.seller.user.username, 'seller')
+
+ def test_order_creation_and_revenue(self):
+ # Create Cart and Add Item
+ cart = Cart.objects.create(user=self.buyer_user)
+ CartItem.objects.create(cart=cart, listing=self.listing, quantity=2)
+
+ # Simulate Checkout Logic (Manual or call view? Logic is in view. We can simulate logic here to test models/signals, but view logic needs integration test.)
+ # For simplicity, let's replicate the core logic or create order manually as checkout would.
+
+ # Logic from checkout view:
+ order = Order.objects.create(
+ user=self.buyer_user,
+ status='paid',
+ total_price=20.00
+ )
+ item = OrderItem.objects.create(
+ order=order,
+ listing=self.listing,
+ price_at_purchase=self.listing.price,
+ quantity=2
+ )
+
+ # Decrement stock
+ self.listing.quantity -= 2
+ self.listing.save()
+
+ # Verify Listing Stock
+ self.listing.refresh_from_db()
+ self.assertEqual(self.listing.quantity, 3)
+
+ # Verify Revenue Logic (as in Dashboard)
+ # card_items = OrderItem.objects.filter(listing__seller=seller, order__status__in=['paid', 'shipped'])
+ card_items = OrderItem.objects.filter(listing__seller=self.seller, order__status='paid')
+ revenue = sum(i.price_at_purchase * i.quantity for i in card_items)
+
+ self.assertEqual(revenue, 20.00)
+
+ def test_multi_seller_order_split(self):
+ # Create another seller
+ seller2_user = User.objects.create_user(username='seller2', password='password')
+ seller2 = Seller.objects.create(user=seller2_user, store_name='Store 2', slug='store-2')
+ card2 = Card.objects.create(set=self.set, name='Card 2')
+ listing2 = CardListing.objects.create(card=card2, seller=seller2, price=5.00, quantity=10)
+
+ # Setup Cart with items from both sellers
+ cart = Cart.objects.create(user=self.buyer_user)
+ CartItem.objects.create(cart=cart, listing=self.listing, quantity=1) # Seller 1 ($10)
+ CartItem.objects.create(cart=cart, listing=listing2, quantity=1) # Seller 2 ($5)
+
+ # Verify Split Logic (Simulating checkout view logic)
+ items_by_seller = {}
+ for item in cart.items.all():
+ seller = item.listing.seller
+ if seller not in items_by_seller: items_by_seller[seller] = []
+ items_by_seller[seller].append(item)
+
+ self.assertEqual(len(items_by_seller), 2)
+ self.assertIn(self.seller, items_by_seller)
+ self.assertIn(seller2, items_by_seller)
+
+ # Create Orders
+ orders_created = []
+ for seller, items in items_by_seller.items():
+ sub_total = sum(i.listing.price * i.quantity for i in items)
+ order = Order.objects.create(user=self.buyer_user, status='paid', total_price=sub_total)
+ for i in items:
+ OrderItem.objects.create(order=order, listing=i.listing, price_at_purchase=i.listing.price, quantity=i.quantity)
+ orders_created.append(order)
+
+ self.assertEqual(len(orders_created), 2)
+ self.assertEqual(orders_created[0].total_price + orders_created[1].total_price, 15.00)
+
diff --git a/users/forms.py b/users/forms.py
index fd44d67..3cfd964 100644
--- a/users/forms.py
+++ b/users/forms.py
@@ -35,13 +35,31 @@ class AddressForm(forms.ModelForm):
}
class PaymentMethodForm(forms.ModelForm):
+ card_number = forms.CharField(max_length=19, widget=forms.TextInput(attrs={'class': 'form-input', 'placeholder': 'Card Number'}))
+ cvv = forms.CharField(max_length=4, widget=forms.TextInput(attrs={'class': 'form-input', 'placeholder': 'CVV'}))
+ billing_address = forms.ModelChoiceField(queryset=Address.objects.none(), required=False, empty_label="Select Billing Address")
+
class Meta:
model = PaymentMethod
- fields = ('brand', 'last4', 'exp_month', 'exp_year', 'is_default')
+ fields = ('brand', 'exp_month', 'exp_year', 'billing_address', 'is_default')
widgets = {
'brand': forms.TextInput(attrs={'class': 'form-input', 'placeholder': 'Card Brand (e.g. Visa)'}),
- 'last4': forms.TextInput(attrs={'class': 'form-input', 'placeholder': 'Last 4 Digits', 'maxlength': '4'}),
'exp_month': forms.NumberInput(attrs={'class': 'form-input', 'placeholder': 'Exp Month', 'min': '1', 'max': '12'}),
'exp_year': forms.NumberInput(attrs={'class': 'form-input', 'placeholder': 'Exp Year', 'min': '2024'}),
+ 'billing_address': forms.Select(attrs={'class': 'form-select'}),
'is_default': forms.CheckboxInput(attrs={'class': 'form-checkbox'}),
}
+
+ def __init__(self, *args, **kwargs):
+ user = kwargs.pop('user', None)
+ super().__init__(*args, **kwargs)
+ if user:
+ self.fields['billing_address'].queryset = Address.objects.filter(user=user)
+
+ def save(self, commit=True):
+ pm = super().save(commit=False)
+ pm.card_number = self.cleaned_data['card_number']
+ pm.cvv = self.cleaned_data['cvv']
+ if commit:
+ pm.save()
+ return pm
diff --git a/users/migrations/0002_paymentmethod_billing_address_and_more.py b/users/migrations/0002_paymentmethod_billing_address_and_more.py
new file mode 100644
index 0000000..a24931b
--- /dev/null
+++ b/users/migrations/0002_paymentmethod_billing_address_and_more.py
@@ -0,0 +1,29 @@
+# Generated by Django 6.0.1 on 2026-01-25 14:03
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('users', '0001_initial'),
+ ]
+
+ operations = [
+ migrations.AddField(
+ model_name='paymentmethod',
+ name='billing_address',
+ field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='payment_methods', to='users.address'),
+ ),
+ migrations.AddField(
+ model_name='paymentmethod',
+ name='card_number_encrypted',
+ field=models.BinaryField(blank=True, null=True),
+ ),
+ migrations.AddField(
+ model_name='paymentmethod',
+ name='cvv_encrypted',
+ field=models.BinaryField(blank=True, null=True),
+ ),
+ ]
diff --git a/users/models.py b/users/models.py
index 0dee813..816a233 100644
--- a/users/models.py
+++ b/users/models.py
@@ -55,13 +55,44 @@ class Address(models.Model):
class PaymentMethod(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE, related_name='payment_methods')
- # For now, we'll store mock data. In a real app complexity is higher (PCI compliance etc)
+ billing_address = models.ForeignKey(Address, on_delete=models.SET_NULL, null=True, blank=True, related_name='payment_methods')
+
brand = models.CharField(max_length=50) # Visa, Mastercard
last4 = models.CharField(max_length=4)
exp_month = models.PositiveIntegerField()
exp_year = models.PositiveIntegerField()
is_default = models.BooleanField(default=False)
+ # Encrypted fields
+ card_number_encrypted = models.BinaryField(blank=True, null=True)
+ cvv_encrypted = models.BinaryField(blank=True, null=True)
+
+ @property
+ def card_number(self):
+ try:
+ from store.utils import Encryptor
+ return Encryptor.decrypt(self.card_number_encrypted)
+ except ImportError:
+ # Fallback if store isn't ready or circular import
+ return None
+
+ @card_number.setter
+ def card_number(self, value):
+ from store.utils import Encryptor
+ self.card_number_encrypted = Encryptor.encrypt(value)
+ if value and len(str(value)) >= 4:
+ self.last4 = str(value)[-4:]
+
+ @property
+ def cvv(self):
+ from store.utils import Encryptor
+ return Encryptor.decrypt(self.cvv_encrypted)
+
+ @cvv.setter
+ def cvv(self, value):
+ from store.utils import Encryptor
+ self.cvv_encrypted = Encryptor.encrypt(value)
+
def __str__(self):
return f"{self.brand} ending in {self.last4}"
diff --git a/users/tests.py b/users/tests/test_general.py
similarity index 100%
rename from users/tests.py
rename to users/tests/test_general.py
diff --git a/users/tests/test_payment.py b/users/tests/test_payment.py
new file mode 100644
index 0000000..2ea6069
--- /dev/null
+++ b/users/tests/test_payment.py
@@ -0,0 +1,28 @@
+from django.test import TestCase
+from users.models import PaymentMethod, User
+from store.utils import Encryptor
+
+class PaymentEncryptionTest(TestCase):
+ def test_encryption_decryption(self):
+ user = User.objects.create_user(username='testuser', password='password')
+ pm = PaymentMethod(user=user, brand='Visa', exp_month=12, exp_year=2030)
+
+ # Test setter
+ pm.card_number = '1234567890123456'
+ pm.cvv = '123'
+
+ # Verify it's encrypted
+ self.assertIsNotNone(pm.card_number_encrypted)
+ self.assertNotEqual(pm.card_number_encrypted, b'1234567890123456')
+
+ # Verify getter
+ self.assertEqual(pm.card_number, '1234567890123456')
+ self.assertEqual(pm.cvv, '123')
+
+ # Save and retrieval
+ pm.save()
+
+ pm_fetched = PaymentMethod.objects.get(id=pm.id)
+ self.assertEqual(pm_fetched.card_number, '1234567890123456')
+ self.assertEqual(pm_fetched.cvv, '123')
+ self.assertEqual(pm_fetched.last4, '3456')
diff --git a/users/views.py b/users/views.py
index 70028a3..3418dc0 100644
--- a/users/views.py
+++ b/users/views.py
@@ -105,7 +105,7 @@ def delete_address_view(request, pk):
@login_required
def add_payment_method_view(request):
if request.method == 'POST':
- form = PaymentMethodForm(request.POST)
+ form = PaymentMethodForm(request.POST, user=request.user)
if form.is_valid():
pm = form.save(commit=False)
pm.user = request.user
@@ -115,7 +115,7 @@ def add_payment_method_view(request):
messages.success(request, 'Payment method added successfully.')
return redirect('users:profile')
else:
- form = PaymentMethodForm()
+ form = PaymentMethodForm(user=request.user)
return render(request, 'users/payment_form.html', {'form': form})
@login_required