Don't use cookies for processing eboutic baskets

2025-07-11 12:29:24 +00:00 · 2025-04-15 00:07:07 +02:00
parent 4fa83d0667
commit 262ed7eb4c
9 changed files with 323 additions and 459 deletions
--- a/eboutic/templates/eboutic/eboutic_main.jinja
+++ b/eboutic/templates/eboutic/eboutic_main.jinja
@ -24,48 +24,72 @@
  <div id="eboutic" x-data="basket">
    <div id="basket">
      <h3>Panier</h3>
-      {% if errors %}
-        <div class="alert alert-red">
-          <div class="alert-main">
-            {% for error in errors %}
-              <p style="margin: 0">{{ error }}</p>
-            {% endfor %}
-          </div>
+      <form method="post" action="">
+        {% csrf_token %}
+        <div x-ref="basketManagementForm">
+          {{ form.management_form }}
        </div>
-      {% endif %}
-      <ul class="item-list">
-                {# Starting money #}
-        <li>
-          <span class="item-name">
-            <strong>{% trans %}Current account amount: {% endtrans %}</strong>
-          </span>
-          <span class="item-price">
-            <strong>{{ "%0.2f"|format(customer_amount) }} €</strong>
-          </span>
-        </li>
-        <template x-for="item in items" :key="item.id">
-          <li class="item-row" x-show="item.quantity > 0">
-            <div class="item-quantity">
-              <i class="fa fa-minus fa-xs" @click="remove(item.id)"></i>
-              <span x-text="item.quantity"></span>
-              <i class="fa fa-plus" @click="add(item)"></i>
+
+        {% if form.non_form_errors() %}
+          <div class="alert alert-red">
+            <div class="alert-main">
+              {% for error in form.non_form_errors() %}
+                <p style="margin: 0">{{ error }}</p>
+              {% endfor %}
            </div>
-            <span class="item-name" x-text="item.name"></span>
-            <span class="item-price" x-text="(item.unit_price * item.quantity).toFixed(2) + ' €'"></span>
+          </div>
+        {% endif %}
+        <ul class="item-list">
+                  {# Starting money #}
+          <li>
+            <span class="item-name">
+              <strong>{% trans %}Current account amount: {% endtrans %}</strong>
+            </span>
+            <span class="item-price">
+              <strong>{{ "%0.2f"|format(customer_amount) }} €</strong>
+            </span>
          </li>
-        </template>
-                {# Total price #}
-        <li style="margin-top: 20px">
-          <span class="item-name"><strong>{% trans %}Basket amount: {% endtrans %}</strong></span>
-          <span x-text="getTotal().toFixed(2) + ' €'" class="item-price"></span>
-        </li>
-      </ul>
-      <div class="catalog-buttons">
-        <button @click="clearBasket()" class="btn btn-grey">
-          <i class="fa fa-trash"></i>
-          {% trans %}Clear{% endtrans %}
-        </button>
-        <form method="get" action="{{ url('eboutic:command') }}">
+
+          <template x-for="(item, index) in Object.values(basket)">
+            <li class="item-row" x-show="item.quantity > 0">
+              <div class="item-quantity">
+                <i class="fa fa-minus fa-xs" @click="remove(item.id)"></i>
+                <span x-text="item.quantity"></span>
+                <i class="fa fa-plus" @click="add(item)"></i>
+              </div>
+              <span class="item-name" x-text="item.name"></span>
+              <span class="item-price" x-text="(item.unit_price * item.quantity).toFixed(2) + ' €'"></span>
+
+              <input
+                type="hidden"
+                :value="item.quantity"
+                :id="`id_form-${index}-quantity`"
+                :name="`form-${index}-quantity`"
+                required
+                readonly
+              >
+              <input
+                type="hidden"
+                :value="item.id"
+                :id="`id_form-${index}-id`"
+                :name="`form-${index}-id`"
+                required
+                readonly
+              >
+
+            </li>
+          </template>
+                  {# Total price #}
+          <li style="margin-top: 20px">
+            <span class="item-name"><strong>{% trans %}Basket amount: {% endtrans %}</strong></span>
+            <span x-text="getTotal().toFixed(2) + ' €'" class="item-price"></span>
+          </li>
+        </ul>
+        <div class="catalog-buttons">
+          <button @click.prevent="clearBasket()" class="btn btn-grey">
+            <i class="fa fa-trash"></i>
+            {% trans %}Clear{% endtrans %}
+          </button>
          <button class="btn btn-blue">
            <i class="fa fa-check"></i>
            <input type="submit" value="{% trans %}Validate{% endtrans %}"/>
@ -158,7 +182,7 @@
                  <button
                    id="{{ p.id }}"
                    class="card product-button clickable shadow"
-                    :class="{selected: items.some((i) => i.id === {{ p.id }})}"
+                    :class="{selected: basket.some((i) => i.id === {{ p.id }})}"
                    @click='addFromCatalog({{ p.id }}, {{ p.name|tojson }}, {{ p.selling_price }})'
                  >
                    {% if p.icon %}
--- a/eboutic/templates/eboutic/eboutic_makecommand.jinja
+++ b/eboutic/templates/eboutic/eboutic_makecommand.jinja
@ -82,9 +82,8 @@
    {% elif basket.total > user.account_balance %}
      <p>{% trans %}AE account payment disabled because you do not have enough money remaining.{% endtrans %}</p>
    {% else %}
-      <form method="post" action="{{ url('eboutic:pay_with_sith') }}" name="sith-pay-form">
+      <form method="post" action="{{ url('eboutic:pay_with_sith', basket_id=basket.id) }}" name="sith-pay-form">
        {% csrf_token %}
-        <input type="hidden" name="action" value="pay_with_sith_account">
        <input class="btn btn-blue" type="submit" value="{% trans %}Pay with Sith account{% endtrans %}"/>
      </form>
    {% endif %}