klmp200/Sith
1
0
Fork 0
mirror of https://github.com/ae-utbm/sith.git synced 2024-11-22 14:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve ET auto answer view

Browse Source
This commit is contained in:
Skia 2016-07-26 15:10:48 +02:00
parent d837b624e2
commit 60e606b370
2 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
eboutic/views.py
View File

@ -134,12 +134,14 @@ class EbouticPayWithSith(TemplateView):
if 'basket_id' not in request.session.keys() or not request.user.is_authenticated(): if 'basket_id' not in request.session.keys() or not request.user.is_authenticated():
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs)) return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
b = Basket.objects.filter(id=request.session['basket_id']).first() b = Basket.objects.filter(id=request.session['basket_id']).first()
c = Customer.objects.filter(user__id=request.user.id).first() if b is None:
if b is None or c is None: return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
c = Customer.objects.filter(user__id=b.user.id).first()
if c is None:
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs)) return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
kwargs['not_enough'] = True kwargs['not_enough'] = True
if c.amount < b.get_total(): if c.amount < b.get_total():
raise DataError(_("You have not enough money to buy the basket")) raise DataError(_("You do not have enough money to buy the basket"))
else: else:
i = Invoice() i = Invoice()
i.user = b.user i.user = b.user
@ -158,28 +160,33 @@ class EbouticPayWithSith(TemplateView):
class EtransactionAutoAnswer(View): class EtransactionAutoAnswer(View):
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
# test URL:
# http://127.0.0.1:8000/eboutic/et_autoanswer?Amount=guy&BasketID=4000&Auto=42&Error=00000&Sig=OeKzrHyh9XgjWY8zN2N/Itsg70y3/RRxOTYlW8zx8fDeMwv10LVo6BHB0NTY0WEv/gNY1uNjYEW8IGLz4HzvPcR4w7vsM7dTkSWDvGhVpA57LydRqyQVu6CjY1SL71s4htZRN6XZrexCJag8IBNUOj8rvEu4EdFKqUOQlxU4W3c=
if (not 'Amount' in request.GET.keys() or if (not 'Amount' in request.GET.keys() or
not 'BasketID' in request.GET.keys() or not 'BasketID' in request.GET.keys() or
not 'Auto' in request.GET.keys() or not 'Auto' in request.GET.keys() or
not 'Error' in request.GET.keys() or not 'Error' in request.GET.keys() or
not 'Sig' in request.GET.keys()): not 'Sig' in request.GET.keys()):
return HttpResponse(status=400) return HttpResponse("Bad arguments", status=400)
key = crypto.load_publickey(crypto.FILETYPE_PEM, settings.SITH_EBOUTIC_PUB_KEY) key = crypto.load_publickey(crypto.FILETYPE_PEM, settings.SITH_EBOUTIC_PUB_KEY)
cert = crypto.X509() cert = crypto.X509()
cert.set_pubkey(key) cert.set_pubkey(key)
sig = base64.b64decode(request.GET['Sig']) sig = base64.b64decode(request.GET['Sig'])
print(sig)
print('&'.join(request.META['QUERY_STRING'].split('&')[:-1]))
try: try:
crypto.verify(cert, sig, '&'.join(request.META['QUERY_STRING'].split('&')[:-1]), "sha1") crypto.verify(cert, sig, '&'.join(request.META['QUERY_STRING'].split('&')[:-1]), "sha1")
except: except:
print("Bad signature") return HttpResponse("Bad signature", status=400)
return HttpResponse(status=400)
if request.GET['Error'] == "00000": if request.GET['Error'] == "00000":
print("OK") with transaction.atomic():
b = Basket.objects.filter(id=request.GET['BasketID']).first()
if b is None:
return HttpResponse("Basket does not exists", status=400)
i = Invoice()
i.user = b.user
i.payment_method = "CREDIT_CARD"
i.save()
for it in b.items.all():
InvoiceItem(invoice=i, product_name=it.product_name,
product_unit_price=it.product_unit_price, quantity=it.quantity).save()
i.validate()
return HttpResponse("Payment validated")
else: else:
print("FAIL") return HttpResponse("Payment failed with error: "+request.GET['Error'])
return HttpResponse()