summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--talermerchantdemos/blog/blog.py56
-rw-r--r--talermerchantdemos/blog/templates/article_refunded.html10
2 files changed, 23 insertions, 43 deletions
diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py
index a6e6be0..6c4c3ec 100644
--- a/talermerchantdemos/blog/blog.py
+++ b/talermerchantdemos/blog/blog.py
@@ -27,7 +27,6 @@ import flask
import lxml.etree
import time
from urllib.parse import urljoin, urlencode, urlparse
-from cachelib import UWSGICache, SimpleCache
from taler.util.talerconfig import TalerConfig
from ..blog.content import ARTICLES, get_article_file, get_image_file
from talermerchantdemos.httpcommon import backend_get, backend_post
@@ -95,16 +94,6 @@ def index():
)
-##
-# @brief Cache for paid articles (in the form <session_id>-<article_name>),
-# so we don't always have to ask the backend / DB, and so we don't
-# have to store variable-size cookies on the client.
-try:
- paid_articles_cache = UWSGICache(0, "paid_articles")
-except ImportError:
- paid_articles_cache = SimpleCache()
-
-
@app.route("/confirm-refund/<order_id>", methods=["GET"])
def confirm_refund(order_id):
# Here we don't care about the session ID
@@ -148,7 +137,6 @@ def refund(order_id):
order_id=order_id, reason="Demo reimbursement", refund=ARTICLE_AMOUNT
)
resp = backend_post(BACKEND_URL, "refund", refund_spec)
- paid_articles_cache.delete(session_id + "-" + article_name)
return flask.redirect(pay_status["order_status_url"])
@@ -212,22 +200,17 @@ def article(article_name, data=None):
# bound to a browser. This forces re-play and prevents sharing the article
# by just sharing the URL.
session_id = flask.session.get("session_id")
- order_id = flask.request.args.get("order_id")
+ order_id = flask.request.cookies.get("order_id")
if not session_id:
session_id = flask.session["session_id"] = str(uuid.uuid4())
-
- cached_order_id = paid_articles_cache.get(session_id + "-" + article_name)
- if cached_order_id:
- return render_article(article_name, data, cached_order_id)
-
##
# First-timer; generate order first.
if not order_id:
order = dict(
amount=ARTICLE_AMOUNT,
extra=dict(article_name=article_name),
- fulfillment_url=flask.request.base_url + "?order_id=${ORDER_ID}",
+ fulfillment_url=flask.request.base_url,
summary="Essay: " + article_name.replace("_", " "),
# 10 minutes time for a refund
refund_deadline=dict(t_ms=1000 * int(time.time() + 10 * 30)),
@@ -235,6 +218,7 @@ def article(article_name, data=None):
)
order_resp = backend_post(BACKEND_URL, "private/orders", dict(order=order))
order_id = order_resp["order_id"]
+ flask.request.set_cookie("order_id", path=f"/essay/{article_name}")
# Ask the backend for the status of the payment
pay_status = backend_get(
@@ -244,24 +228,16 @@ def article(article_name, data=None):
order_status = pay_status.get("order_status")
if order_status == "paid":
- # Checks to do:
- #
- # - check that the paid article is actually the one
- # mentioned in the requested URI.
- #
- # - check if the article was refunded before, and act
- # accordingly.
-
- # FLOW HERE == ARTICLE PAID AND CAN BE SHOWN.
-
- # Put the article in the cache.
- paid_articles_cache.set(session_id + "-" + article_name, order_id)
-
- ##
- # Finally return the article.
- return render_article(article_name, data, order_id)
-
- ##
- # Redirect the browser to a page where the wallet can
- # run the payment protocol.
- return flask.redirect(pay_status["order_status_url"])
+ refunded = pay_status["refunded"]
+ if refunded:
+ return flask.render_template(
+ "templates/article_refunded.html",
+ article_name=article_name,
+ order_id=order_id,
+ )
+ else:
+ return render_article(article_name, data, order_id)
+ else:
+ # Redirect the browser to a page where the wallet can
+ # run the payment protocol.
+ return flask.redirect(pay_status["order_status_url"])
diff --git a/talermerchantdemos/blog/templates/article_refunded.html b/talermerchantdemos/blog/templates/article_refunded.html
index d6e49d7..95c4a6b 100644
--- a/talermerchantdemos/blog/templates/article_refunded.html
+++ b/talermerchantdemos/blog/templates/article_refunded.html
@@ -1,6 +1,10 @@
{% extends "templates/base.html" %}
{% block main %}
- <h1>Article refunded</h1>
- Unfortunately you can't view the article {{ article_name }}, since the
- payment for it was refunded.
+
+<h2>Refunded</h2>
+
+<p>Your payment (order ID <tt>{{ order_id }}<tt>) for the article "{{ article_name }}" has been refunded.</p>
+
+<p>You won't be able to view it until you pay for it again.</p>
+
{% endblock main %}