diff options
author | Florian Dold <florian.dold@gmail.com> | 2018-01-10 00:32:48 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2018-01-10 00:32:48 +0100 |
commit | 41c1a7b7ecb0ebc775e52ce9c61b05920fd4edf9 (patch) | |
tree | e0b09e6174420c3b985d7ac8addfb19d87e0bdf4 /talerblog | |
parent | d6b66a972c8379fb659857dfff9138093c5bca8c (diff) | |
download | blog-41c1a7b7ecb0ebc775e52ce9c61b05920fd4edf9.tar.gz blog-41c1a7b7ecb0ebc775e52ce9c61b05920fd4edf9.tar.bz2 blog-41c1a7b7ecb0ebc775e52ce9c61b05920fd4edf9.zip |
further simplify blog
Diffstat (limited to 'talerblog')
-rw-r--r-- | talerblog/blog/blog.py | 65 |
1 files changed, 26 insertions, 39 deletions
diff --git a/talerblog/blog/blog.py b/talerblog/blog/blog.py index 4b4e08e..98af38d 100644 --- a/talerblog/blog/blog.py +++ b/talerblog/blog/blog.py @@ -94,42 +94,6 @@ def refund(): flask.abort(500) -@app.route("/generate-contract", methods=["GET"]) -def generate_contract(): - article_name = expect_parameter("article_name") - pretty_name = article_name.replace("_", " ") - order = dict( - summary=pretty_name, - nonce=flask.request.args.get("nonce"), - amount=ARTICLE_AMOUNT, - max_fee=dict(value=1, fraction=0, currency=CURRENCY), - products=[ - dict( - description="Essay: " + pretty_name, - quantity=1, - product_id=0, - price=ARTICLE_AMOUNT, - ), - ], - fulfillment_url=make_url("/essay/" + quote(article_name)), - pay_url=make_url("/pay"), - merchant=dict( - instance=INSTANCE, - address="nowhere", - name="Kudos Inc.", - jurisdiction="none", - ), - extra=dict(article_name=article_name), - ) - resp = requests.post(urljoin(BACKEND_URL, "proposal"), - json=dict(order=order)) - if resp.status_code != 200: - return backend_error(resp) - proposal_resp = resp.json() - return flask.jsonify(**proposal_resp) - - - @app.route("/essay/<name>") @app.route("/essay/<name>/data/<data>") def article(name, data=None): @@ -141,12 +105,35 @@ def article(name, data=None): if not session_id: session_id = flask.session["uid"] = uuid.uuid4() + # Check if this request already has an order id. + # If not, create a new order. + order_id = flask.request.args.get("order_id") + if not order_id: + pretty_name = article_name.replace("_", " ") + order = dict( + summary=pretty_name, + fulfillment_url=make_url("/essay/" + quote(article_name)), + amount=ARTICLE_AMOUNT, + ) + resp = requests.post(urljoin(BACKEND_URL, "proposal"), + json=dict(order=order)) + if resp.status_code != 200: + return backend_error(resp) + proposal_resp = resp.json() + order_id = proposal_resp["order_id"] + + session_sig = flask.request.args.get("session_id") + + if order_id and not session_sig: + # If there was an order_id but no session_sig, either the user played + # around with the URL or the wallet is old/broken. + return "Bad request", 400 + pay_params = dict( - contract_url=make_url("/generate-contract", ("article_name", name)), instance=INSTANCE, - order_id=flask.request.args.get("order_id"), + order_id=order_id, session_id=session_id, - session_sig=flask.request.args.get("session_sig"), + session_sig=session_sig, ) resp = requests.get(urljoin(BACKEND_URL, "check-payment"), params=pay_params) |