first steps towards protocol changeHEADmaster

1 files changed, 16 insertions, 24 deletions

diff --git a/talerblog/blog/blog.py b/talerblog/blog/blog.py
index ae314cc..51a1596 100644
--- a/talerblog/blog/blog.py
+++ b/talerblog/blog/blog.py
@@ -43,7 +43,7 @@ TC = TalerConfig.from_env()
 BACKEND_BASE_URL = TC["frontends"]["backend"].value_string(required=True)
 CURRENCY = TC["taler"]["currency"].value_string(required=True)
 APIKEY = TC["frontends"]["backend_apikey"].value_string(required=True)
-INSTANCE = TC["blog"]["instance"].value_string(required=True)
+INSTANCE = "blog"
 ARTICLE_AMOUNT = CURRENCY + ":0.5"
 BACKEND_URL = urljoin(BACKEND_BASE_URL, f"instances/{INSTANCE}/")
 
@@ -323,7 +323,6 @@ def check_status(order_id, session_id):
 @app.route("/essay/<article_name>")
 @app.route("/essay/<article_name>/data/<data>")
 def article(article_name, data=None):
-
     # We use an explicit session ID so that each payment (or payment replay) is
     # bound to a browser.  This forces re-play and prevents sharing the article
     # by just sharing the URL.
@@ -349,45 +348,38 @@ def article(article_name, data=None):
             refund_deadline=dict(t_ms=1000*int(time.time() + 10 * 30)),
             wire_transfer_deadline=dict(t_ms=1000*int(time.time() + 15 * 30)),
         )
-        order_resp = backend_post("order", dict(order=order))
+        order_resp = backend_post("private/orders", dict(order=order))
         order_id = order_resp["order_id"]
         return flask.redirect(
             flask.url_for(
                 "article", article_name=article_name, order_id=order_id
             )
         )
-
-    ##
+    #
     # Prepare data for the upcoming payment check.
+    #
     pay_params = dict(order_id=order_id, session_id=session_id)
 
-    pay_status = backend_get("check-payment", pay_params)
-
+    pay_status = backend_get("private/orders/{}".format(order_id), params=dict())
     if pay_status.get("paid"):
+        # Checks to do:
+        # 
+        # - check that the paid article is actually the one
+        #   mentioned in the requested URI.
+        #
+        # - check if the article was refunded before, and act
+        #   accordingly.
+        #
+        
+        # FLOW HERE == ARTICLE PAID AND CAN BE SHOWN.
 
-        ##
-        # Somehow, a session with a payed article which _differs_ from
-        # the article requested in the URL existed; trigger the pay protocol!
-        if pay_status["contract_terms"]["extra"]["article_name"] != article_name:
-            err_abort(
-                402,
-                message="You did not pay for this article (nice try!)",
-                json=pay_status
-            )
-
-        ##
-        # Show a "article refunded" page, in that case.
-        if pay_status.get("refunded"):
-            return flask.render_template(
-                "templates/article_refunded.html", article_name=article_name
-            )
-        ##
         # Put the article in the cache.
         paid_articles_cache.set(session_id + "-" + article_name, order_id)
 
         ##
         # Finally return the article.
         return render_article(article_name, data, order_id)
+
     elif pay_status.get("already_paid_order_id") is not None:
         return flask.redirect(
             flask.url_for(