From 376aedb143a62bcd09b0b6eaf512bc2fa9ba9ed8 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 18 Aug 2020 21:05:06 +0530 Subject: simplified paywall logic according to current merchant API --- talermerchantdemos/blog/blog.py | 56 ++++++++++++----------------------------- 1 file changed, 16 insertions(+), 40 deletions(-) (limited to 'talermerchantdemos/blog/blog.py') diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py index a6e6be0..6c4c3ec 100644 --- a/talermerchantdemos/blog/blog.py +++ b/talermerchantdemos/blog/blog.py @@ -27,7 +27,6 @@ import flask import lxml.etree import time from urllib.parse import urljoin, urlencode, urlparse -from cachelib import UWSGICache, SimpleCache from taler.util.talerconfig import TalerConfig from ..blog.content import ARTICLES, get_article_file, get_image_file from talermerchantdemos.httpcommon import backend_get, backend_post @@ -95,16 +94,6 @@ def index(): ) -## -# @brief Cache for paid articles (in the form -), -# so we don't always have to ask the backend / DB, and so we don't -# have to store variable-size cookies on the client. -try: - paid_articles_cache = UWSGICache(0, "paid_articles") -except ImportError: - paid_articles_cache = SimpleCache() - - @app.route("/confirm-refund/", methods=["GET"]) def confirm_refund(order_id): # Here we don't care about the session ID @@ -148,7 +137,6 @@ def refund(order_id): order_id=order_id, reason="Demo reimbursement", refund=ARTICLE_AMOUNT ) resp = backend_post(BACKEND_URL, "refund", refund_spec) - paid_articles_cache.delete(session_id + "-" + article_name) return flask.redirect(pay_status["order_status_url"]) @@ -212,22 +200,17 @@ def article(article_name, data=None): # bound to a browser. This forces re-play and prevents sharing the article # by just sharing the URL. session_id = flask.session.get("session_id") - order_id = flask.request.args.get("order_id") + order_id = flask.request.cookies.get("order_id") if not session_id: session_id = flask.session["session_id"] = str(uuid.uuid4()) - - cached_order_id = paid_articles_cache.get(session_id + "-" + article_name) - if cached_order_id: - return render_article(article_name, data, cached_order_id) - ## # First-timer; generate order first. if not order_id: order = dict( amount=ARTICLE_AMOUNT, extra=dict(article_name=article_name), - fulfillment_url=flask.request.base_url + "?order_id=${ORDER_ID}", + fulfillment_url=flask.request.base_url, summary="Essay: " + article_name.replace("_", " "), # 10 minutes time for a refund refund_deadline=dict(t_ms=1000 * int(time.time() + 10 * 30)), @@ -235,6 +218,7 @@ def article(article_name, data=None): ) order_resp = backend_post(BACKEND_URL, "private/orders", dict(order=order)) order_id = order_resp["order_id"] + flask.request.set_cookie("order_id", path=f"/essay/{article_name}") # Ask the backend for the status of the payment pay_status = backend_get( @@ -244,24 +228,16 @@ def article(article_name, data=None): order_status = pay_status.get("order_status") if order_status == "paid": - # Checks to do: - # - # - check that the paid article is actually the one - # mentioned in the requested URI. - # - # - check if the article was refunded before, and act - # accordingly. - - # FLOW HERE == ARTICLE PAID AND CAN BE SHOWN. - - # Put the article in the cache. - paid_articles_cache.set(session_id + "-" + article_name, order_id) - - ## - # Finally return the article. - return render_article(article_name, data, order_id) - - ## - # Redirect the browser to a page where the wallet can - # run the payment protocol. - return flask.redirect(pay_status["order_status_url"]) + refunded = pay_status["refunded"] + if refunded: + return flask.render_template( + "templates/article_refunded.html", + article_name=article_name, + order_id=order_id, + ) + else: + return render_article(article_name, data, order_id) + else: + # Redirect the browser to a page where the wallet can + # run the payment protocol. + return flask.redirect(pay_status["order_status_url"]) -- cgit v1.2.3