diff options
author | Florian Dold <florian.dold@gmail.com> | 2018-01-16 03:41:40 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2018-01-16 03:41:40 +0100 |
commit | d581e32da86121e94b158ae8e662777658219e19 (patch) | |
tree | 2bede0898acedd1b7cfd4cc623747524427ff254 /talerblog | |
parent | 249e5c9e8655a95fcce20b94ad505ccc641a5208 (diff) | |
download | blog-d581e32da86121e94b158ae8e662777658219e19.tar.gz blog-d581e32da86121e94b158ae8e662777658219e19.tar.bz2 blog-d581e32da86121e94b158ae8e662777658219e19.zip |
fix errors
Diffstat (limited to 'talerblog')
-rw-r--r-- | talerblog/blog/blog.py | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/talerblog/blog/blog.py b/talerblog/blog/blog.py index 97498d7..973014d 100644 --- a/talerblog/blog/blog.py +++ b/talerblog/blog/blog.py @@ -57,22 +57,22 @@ def utility_processor(): return dict(url=url, env=env) -def err_abort(**params): +def err_abort(status_code, **params): t = flask.render_template("templates/error.html", **params) - flask.abort(flask.make_response(t)) + flask.abort(flask.make_response(t, status_code)) def backend_get(endpoint, params): try: resp = requests.get(urljoin(BACKEND_URL, endpoint), params=params) except requests.ConnectionError: - err_abort(message="Could not establish connection to backend") + err_abort(500, message="Could not establish connection to backend") try: response_json = resp.json() except ValueError: - err_abort(message="Could not parse response from backend") + err_abort(500, message="Could not parse response from backend") if resp.status_code != 200: - err_abort(message="Backend returned error status", + err_abort(500, message="Backend returned error status", json=response_json, status_code=resp.status_code) return response_json @@ -81,14 +81,14 @@ def backend_post(endpoint, json): try: resp = requests.post(urljoin(BACKEND_URL, endpoint), json=json) except requests.ConnectionError: - err_abort(message="Could not establish connection to backend") + err_abort(500, message="Could not establish connection to backend") try: response_json = resp.json() except ValueError: - err_abort(message="Could not parse response from backend", + err_abort(500, message="Could not parse response from backend", status_code=resp.status_code) if resp.status_code != 200: - err_abort(message="Backend returned error status", + err_abort(500, message="Backend returned error status", json=response_json, status_code=resp.status_code) return response_json @@ -141,12 +141,18 @@ def article(article_name, data=None): # bound to a browser. This forces re-play and prevents sharing the article # by just sharing the URL. session_id = flask.session.get("uid") + order_id = flask.request.args.get("order_id") + if not session_id: session_id = flask.session["uid"] = uuid.uuid4() - # Check if this request already has an order id. - # If not, create a new order. - order_id = flask.request.args.get("order_id") + if order_id and not session_sig: + # If there was an order_id but no session_sig, either the user played + # around with the URL or the wallet is old/broken. + m = + err_abort(400, message=("Bad request (session_sig missing). " + "Your wallet might be broken or outdated")) + if not order_id: order = dict( summary="Essay: " + article_name.replace("_", " "), @@ -159,11 +165,6 @@ def article(article_name, data=None): session_sig = flask.request.args.get("session_id") - if order_id and not session_sig: - # If there was an order_id but no session_sig, either the user played - # around with the URL or the wallet is old/broken. - return "Bad request", 400 - pay_params = dict( instance=INSTANCE, order_id=order_id, |