summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--talermerchantdemos/blog/blog.py43
1 files changed, 32 insertions, 11 deletions
diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py
index 1268d6b..865605b 100644
--- a/talermerchantdemos/blog/blog.py
+++ b/talermerchantdemos/blog/blog.py
@@ -194,12 +194,31 @@ def render_article(article_name, data, order_id):
order_id=order_id,
)
+##
+# Setup a fresh order with the backend.
+#
+# @param article_name which article the order is for
+# @param lang which language to use
+#
+def post_order(article_name,lang):
+ order = dict(
+ amount=ARTICLE_AMOUNT,
+ extra=dict(article_name=article_name,lang=lang),
+ fulfillment_url=flask.request.base_url,
+ summary="Essay: " + article_name.replace("_", " "),
+ # 10 minutes time for a refund
+ refund_deadline=dict(t_ms=1000 * int(time.time() + 10 * 30)),
+ wire_transfer_deadline=dict(t_ms=1000 * int(time.time() + 15 * 30)),
+ )
+ order_resp = backend_post(BACKEND_URL, "private/orders", dict(order=order))
+ return order_resp
+
##
# Trigger a article purchase. The logic follows the main steps:
#
# 1. Always check if the article was paid already, via the
-# "/check-payment" API from the backend.
+# "/private/orders/$ORDER_ID" API from the backend.
# 2. If so, return the article.
# 3. If not, redirect the browser to a page where the
# wallet will initiate the payment protocol.
@@ -232,16 +251,7 @@ def article(article_name, lang=None, data=None):
if not order_id:
if not lang:
err_abort(403, message="Direct access forbidden")
- order = dict(
- amount=ARTICLE_AMOUNT,
- extra=dict(article_name=article_name,lang=lang),
- fulfillment_url=flask.request.base_url,
- summary="Essay: " + article_name.replace("_", " "),
- # 10 minutes time for a refund
- refund_deadline=dict(t_ms=1000 * int(time.time() + 10 * 30)),
- wire_transfer_deadline=dict(t_ms=1000 * int(time.time() + 15 * 30)),
- )
- order_resp = backend_post(BACKEND_URL, "private/orders", dict(order=order))
+ order_resp = post_order(article_name,lang)
order_id = order_resp["order_id"]
# Ask the backend for the status of the payment
@@ -250,6 +260,17 @@ def article(article_name, lang=None, data=None):
)
order_status = pay_status.get("order_status")
+ if order_status == "claimed":
+ if not lang:
+ err_abort(403, message="Direct access forbidden")
+ # Order already claimed, must setup fresh order
+ order_resp = post_order(article_name,lang)
+ order_id = order_resp["order_id"]
+ pay_status = backend_get(
+ BACKEND_URL, f"private/orders/{order_id}", params=dict(session_id=session_id)
+ )
+ order_status = pay_status.get("order_status")
+ # This really must be 'unpaid' now...
if order_status == "paid":
refunded = pay_status["refunded"]