diff options
| author | Florian Dold <florian.dold@gmail.com> | 2018-01-17 15:37:53 +0100 |
|---|---|---|
| committer | Florian Dold <florian.dold@gmail.com> | 2018-01-17 15:37:53 +0100 |
| commit | 6588044c841ee641fe9ad1e0d1c683629e2a00ed (patch) | |
| tree | 050cc993af41d19a57deb76816109531b4257237 /talerblog/blog/blog.py | |
| parent | fb4390a210ffb3357401cc6226254d615917d984 (diff) | |
| download | blog-6588044c841ee641fe9ad1e0d1c683629e2a00ed.tar.gz blog-6588044c841ee641fe9ad1e0d1c683629e2a00ed.tar.bz2 blog-6588044c841ee641fe9ad1e0d1c683629e2a00ed.zip | |
add paid article cache
Diffstat (limited to 'talerblog/blog/blog.py')
| -rw-r--r-- | talerblog/blog/blog.py | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/talerblog/blog/blog.py b/talerblog/blog/blog.py index 20320f6..c118872 100644 --- a/talerblog/blog/blog.py +++ b/talerblog/blog/blog.py @@ -28,6 +28,7 @@ import uuid import base64 import requests import flask +from werkzeug.contrib.cache import SimpleCache from talerblog.talerconfig import TalerConfig from ..blog.content import ARTICLES, get_article_file, get_image_file @@ -131,6 +132,28 @@ def refund(order_id): flask.abort(500) +def render_article(article_name): + article_info = ARTICLES.get(article_name) + if article_info is None: + flask.abort(500) + if data is not None: + if data in article_info.extra_files: + return flask.send_file(get_image_file(data)) + return "permission denied", 403 + # needed for refunds + order_id = flask.request.args.get("order_id") + return flask.render_template("templates/article_frame.html", + article_file=get_article_file(article_info), + article_name=article_name, + order_id=order_id) + + +# Cache for paid articles (in the form <session_id>-<article_name>), so we +# don't always have to ask the backend / DB, and so we don't have to store +# variable-size cookies on the client. +paid_articles_cache = SimpleCache() + + @app.route("/essay/<article_name>") @app.route("/essay/<article_name>/data/<data>") def article(article_name, data=None): @@ -145,6 +168,9 @@ def article(article_name, data=None): if not session_id: session_id = flask.session["uid"] = uuid.uuid4() + if paid_articles_cache.get(session_id + "-" + article_name): + return render_article(article_name) + if order_id and not session_sig: # If there was an order_id but no session_sig, either the user played # around with the URL or the wallet is old/broken. @@ -180,17 +206,8 @@ def article(article_name, data=None): article_name=article_name) if pay_status.get("paid"): - article_info = ARTICLES.get(article_name) - if article_info is None: - flask.abort(500) - if data is not None: - if data in article_info.extra_files: - return flask.send_file(get_image_file(data)) - return "permission denied", 403 - return flask.render_template("templates/article_frame.html", - article_file=get_article_file(article_info), - article_name=article_name, - order_id=order_id) + paid_articles_cache.set(session_id + "-" + article_name, True) + return render_article(article_name) # no pay_redirect but article not paid, this should never happen! flask.abort(500) |