mirror of
https://github.com/ae-utbm/sith.git
synced 2024-11-18 04:03:22 +00:00
186 lines
8.3 KiB
Python
186 lines
8.3 KiB
Python
from collections import OrderedDict
|
|
from datetime import datetime
|
|
import hmac
|
|
import base64
|
|
from OpenSSL import crypto
|
|
|
|
from django.shortcuts import render
|
|
from django.core.urlresolvers import reverse_lazy
|
|
from django.views.generic import TemplateView, View
|
|
from django.http import HttpResponse, HttpResponseRedirect
|
|
from django.shortcuts import render
|
|
from django.db import transaction, DataError
|
|
from django.utils.translation import ugettext as _
|
|
from django.conf import settings
|
|
|
|
from counter.models import Product, Customer, Counter
|
|
from eboutic.models import Basket, Invoice, BasketItem, InvoiceItem
|
|
|
|
# Create your views here.
|
|
class EbouticMain(TemplateView):
|
|
template_name = 'eboutic/eboutic_main.jinja'
|
|
|
|
def sum_basket(request):
|
|
total = 0
|
|
for pid,infos in request.session['basket'].items():
|
|
total += infos['price'] * infos['qty']
|
|
return total / 100
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
if 'basket' not in request.session.keys(): # Init the basket session entry
|
|
request.session['basket'] = {}
|
|
request.session['basket_total'] = 0
|
|
return super(EbouticMain, self).get(request, *args, **kwargs)
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
if 'basket' not in request.session.keys(): # Init the basket session entry
|
|
request.session['basket'] = {}
|
|
request.session['basket_total'] = 0
|
|
if 'add_product' in request.POST['action']:
|
|
self.add_product(request)
|
|
elif 'del_product' in request.POST['action']:
|
|
self.del_product(request)
|
|
elif 'pay' in request.POST['action']:
|
|
self.ask_payment(request)
|
|
return self.render_to_response(self.get_context_data(**kwargs))
|
|
|
|
def get_price(self, pid):
|
|
return Product.objects.filter(pk=pid).first().selling_price
|
|
|
|
def add_product(self, request, q = 1, p=None):
|
|
""" Add a product to the basket """
|
|
pid = p or request.POST['product_id']
|
|
pid = str(pid)
|
|
price = self.get_price(pid)
|
|
total = EbouticMain.sum_basket(request)
|
|
if pid in request.session['basket']:
|
|
request.session['basket'][pid]['qty'] += q
|
|
else:
|
|
request.session['basket'][pid] = {'qty': q, 'price': int(price*100)}
|
|
request.session.modified = True
|
|
return True
|
|
|
|
def del_product(self, request):
|
|
""" Delete a product from the basket """
|
|
pid = str(request.POST['product_id'])
|
|
if pid in request.session['basket']:
|
|
request.session['basket'][pid]['qty'] -= 1
|
|
if request.session['basket'][pid]['qty'] <= 0:
|
|
del request.session['basket'][pid]
|
|
else:
|
|
request.session['basket'][pid] = 0
|
|
request.session.modified = True
|
|
|
|
def get_context_data(self, **kwargs):
|
|
kwargs = super(EbouticMain, self).get_context_data(**kwargs)
|
|
kwargs['basket_total'] = EbouticMain.sum_basket(self.request)
|
|
kwargs['eboutic'] = Counter.objects.filter(type="EBOUTIC").first()
|
|
return kwargs
|
|
|
|
class EbouticCommand(TemplateView):
|
|
template_name = 'eboutic/eboutic_makecommand.jinja'
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
if 'basket' not in request.session.keys():
|
|
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
|
|
if self.make_basket(request):
|
|
kwargs['basket'] = self.basket
|
|
return self.render_to_response(self.get_context_data(**kwargs))
|
|
|
|
def make_basket(self, request):
|
|
b = None
|
|
if 'basket_id' in request.session.keys():
|
|
b = Basket.objects.filter(id=request.session['basket_id']).first()
|
|
if b is None:
|
|
b = Basket()
|
|
b.user = request.user
|
|
b.save()
|
|
request.session['basket_id'] = b.id
|
|
request.session.modified = True
|
|
b.items.all().delete()
|
|
for pid,infos in request.session['basket'].items():
|
|
BasketItem(basket=b, product_name=Product.objects.filter(id=int(pid)).first().name,
|
|
quantity=infos['qty'], product_unit_price=infos['price']/100).save()
|
|
self.basket = b
|
|
return True
|
|
|
|
def get_context_data(self, **kwargs):
|
|
kwargs = super(EbouticCommand, self).get_context_data(**kwargs)
|
|
kwargs['et_request'] = OrderedDict()
|
|
kwargs['et_request']['PBX_SITE'] = settings.SITH_EBOUTIC_PBX_SITE
|
|
kwargs['et_request']['PBX_RANG'] = settings.SITH_EBOUTIC_PBX_RANG
|
|
kwargs['et_request']['PBX_IDENTIFIANT'] = settings.SITH_EBOUTIC_PBX_IDENTIFIANT
|
|
kwargs['et_request']['PBX_TOTAL'] = int(self.basket.get_total()*100)
|
|
kwargs['et_request']['PBX_DEVISE'] = 978 # This is Euro. ET support only this value anyway
|
|
kwargs['et_request']['PBX_CMD'] = "CMD_"+str(self.basket.id)
|
|
kwargs['et_request']['PBX_PORTEUR'] = self.basket.user.email
|
|
kwargs['et_request']['PBX_RETOUR'] = "Amount:M;BasketID:R;Auto:A;Error:E;Sig:K"
|
|
kwargs['et_request']['PBX_HASH'] = "SHA512"
|
|
kwargs['et_request']['PBX_TIME'] = str(datetime.now().replace(microsecond=0).isoformat('T'))
|
|
kwargs['et_request']['PBX_HMAC'] = hmac.new(settings.SITH_EBOUTIC_HMAC_KEY,
|
|
bytes("&".join(["%s=%s"%(k,v) for k,v in kwargs['et_request'].items()]), 'utf-8'),
|
|
"sha512").hexdigest().upper()
|
|
return kwargs
|
|
|
|
class EbouticPayWithSith(TemplateView):
|
|
template_name = 'eboutic/eboutic_payment_result.jinja'
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
try:
|
|
with transaction.atomic():
|
|
if 'basket_id' not in request.session.keys() or not request.user.is_authenticated():
|
|
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
|
|
b = Basket.objects.filter(id=request.session['basket_id']).first()
|
|
c = Customer.objects.filter(user__id=request.user.id).first()
|
|
if b is None or c is None:
|
|
return HttpResponseRedirect(reverse_lazy('eboutic:main', args=self.args, kwargs=kwargs))
|
|
kwargs['not_enough'] = True
|
|
if c.amount < b.get_total():
|
|
raise DataError(_("You have not enough money to buy the basket"))
|
|
else:
|
|
i = Invoice()
|
|
i.user = b.user
|
|
i.payment_method = "SITH_ACCOUNT"
|
|
i.save()
|
|
for it in b.items.all():
|
|
InvoiceItem(invoice=i, product_name=it.product_name,
|
|
product_unit_price=it.product_unit_price, quantity=it.quantity).save()
|
|
i.validate()
|
|
kwargs['not_enough'] = False
|
|
request.session.pop('basket_id', None)
|
|
request.session.pop('basket', None)
|
|
except DataError as e:
|
|
kwargs['not_enough'] = True
|
|
return self.render_to_response(self.get_context_data(**kwargs))
|
|
|
|
class EtransactionAutoAnswer(View):
|
|
def get(self, request, *args, **kwargs):
|
|
# test URL:
|
|
# http://127.0.0.1:8000/eboutic/et_autoanswer?Amount=guy&BasketID=4000&Auto=42&Error=00000&Sig=OeKzrHyh9XgjWY8zN2N/Itsg70y3/RRxOTYlW8zx8fDeMwv10LVo6BHB0NTY0WEv/gNY1uNjYEW8IGLz4HzvPcR4w7vsM7dTkSWDvGhVpA57LydRqyQVu6CjY1SL71s4htZRN6XZrexCJag8IBNUOj8rvEu4EdFKqUOQlxU4W3c=
|
|
if (not 'Amount' in request.GET.keys() or
|
|
not 'BasketID' in request.GET.keys() or
|
|
not 'Auto' in request.GET.keys() or
|
|
not 'Error' in request.GET.keys() or
|
|
not 'Sig' in request.GET.keys()):
|
|
return HttpResponse(status=400)
|
|
key = crypto.load_publickey(crypto.FILETYPE_PEM, settings.SITH_EBOUTIC_PUB_KEY)
|
|
cert = crypto.X509()
|
|
cert.set_pubkey(key)
|
|
|
|
sig = base64.b64decode(request.GET['Sig'])
|
|
print(sig)
|
|
print('&'.join(request.META['QUERY_STRING'].split('&')[:-1]))
|
|
try:
|
|
crypto.verify(cert, sig, '&'.join(request.META['QUERY_STRING'].split('&')[:-1]), "sha1")
|
|
except:
|
|
print("Bad signature")
|
|
return HttpResponse(status=400)
|
|
if request.GET['Error'] == "00000":
|
|
print("OK")
|
|
else:
|
|
print("FAIL")
|
|
return HttpResponse()
|