diff options
author | Florian Dold <florian.dold@gmail.com> | 2020-08-10 17:19:39 +0530 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2020-08-10 17:19:39 +0530 |
commit | 4a7b7898214c748e75cf63787dd8c805b4f102e0 (patch) | |
tree | 5666d391ae338030c7d1ba2198617ce8590afc2c /talermerchantdemos/blog | |
parent | d429ea577fc5af028b0d5f3ed309fc96155e8240 (diff) | |
download | taler-merchant-demos-4a7b7898214c748e75cf63787dd8c805b4f102e0.tar.gz taler-merchant-demos-4a7b7898214c748e75cf63787dd8c805b4f102e0.tar.bz2 taler-merchant-demos-4a7b7898214c748e75cf63787dd8c805b4f102e0.zip |
use session cookies for order ID
Diffstat (limited to 'talermerchantdemos/blog')
-rw-r--r-- | talermerchantdemos/blog/blog.py | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py index 1e25555..defc158 100644 --- a/talermerchantdemos/blog/blog.py +++ b/talermerchantdemos/blog/blog.py @@ -212,7 +212,7 @@ def article(article_name, data=None): # bound to a browser. This forces re-play and prevents sharing the article # by just sharing the URL. session_id = flask.session.get("session_id") - order_id = flask.request.args.get("order_id") + order_id = flask.session.args.get("order_id") if not session_id: session_id = flask.session["session_id"] = str(uuid.uuid4()) @@ -235,9 +235,7 @@ def article(article_name, data=None): ) order_resp = backend_post(BACKEND_URL, "private/orders", dict(order=order)) order_id = order_resp["order_id"] - return flask.redirect( - flask.url_for("article", article_name=article_name, order_id=order_id) - ) + flask.session["order_id"] = order_id # Prepare data for the upcoming payment check. pay_status = backend_get( @@ -264,15 +262,6 @@ def article(article_name, data=None): # Finally return the article. return render_article(article_name, data, order_id) - if pay_status.get("already_paid_order_id") is not None: - return flask.redirect( - flask.url_for( - "article", - article_name=article_name, - order_id=pay_status.get("already_paid_order_id"), - ) - ) - ## # Redirect the browser to a page where the wallet can # run the payment protocol. |