From d6459ab53ef80f1c799324ea5fa9709f6652db38 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sun, 6 Sep 2020 18:47:50 +0200
Subject: towards supporting language switching

---
 talermerchantdemos/blog/blog.py | 48 ++++++++++++++++++++++++++---------------
 1 file changed, 31 insertions(+), 17 deletions(-)

(limited to 'talermerchantdemos/blog/blog.py')

diff --git a/talermerchantdemos/blog/blog.py b/talermerchantdemos/blog/blog.py
index c54a8d6..37d7c20 100644
--- a/talermerchantdemos/blog/blog.py
+++ b/talermerchantdemos/blog/blog.py
@@ -94,18 +94,29 @@ def internal_error(e):
 
 
 ##
-# Serve the main index page.
+# Serve the main index page, redirecting to /<lang>/
 #
 # @return response object of the index page.
 @app.route("/")
 def index():
+    supported = ['en', 'de' ]
+    default = 'en'
+    target = flask.request.accept_languages.best_match(supported, default)
+    return flask.redirect("/" + target + "/", code=302)
+
+##
+# Serve the main index page for a particular language.
+#
+# @return response object of the index page.
+@app.route("/<lang>/")
+def start(lang):
     return flask.render_template(
-        "templates/index.html", merchant_currency=CURRENCY, articles=ARTICLES.values()
+        "templates/index.html", lang=lang, merchant_currency=CURRENCY, articles=ARTICLES.values()
     )
 
 
-@app.route("/confirm-refund/<order_id>", methods=["GET"])
-def confirm_refund(order_id):
+@app.route("/<lang>/confirm-refund/<order_id>", methods=["GET"])
+def confirm_refund(lang, order_id):
     session_id = flask.session.get("session_id", "")
     pay_status = backend_get(
         BACKEND_URL, f"private/orders/{order_id}", params=dict(session_id=session_id)
@@ -113,7 +124,7 @@ def confirm_refund(order_id):
     order_status = pay_status.get("order_status")
     if order_status != "paid":
         err_abort(
-            400, message="can't refund unpaid article",
+            400, message="Cannot refund unpaid article",
         )
     article_name = pay_status["contract_terms"]["extra"]["article_name"]
     return flask.render_template(
@@ -127,16 +138,15 @@ def confirm_refund(order_id):
 #
 # @param order_id the order ID of the transaction to refund.
 # @return the following errors (named by HTTP response code):
-#         - 400: no article was asked to be refunded!
-#         - 401: the refund was asked on a non-payed article.
-#         - 500: the backend was unable to give response.
-#         Or, in the successful case, a redirection to the
-#         "refund URL" is returned; then the wallet will run
-#         the refund protocol in a transparent way.
+#         - 400: order unknown
+#         - 402: the refund was asked on an unpaid article.
+#         - 302: in the successful case, a redirection to the
+#           "refund URL" is returned; then the wallet will run
+#           the refund protocol in a transparent way.
 @app.route("/refund/<order_id>", methods=["POST"])
-def refund(order_id):
+def refund(lang, order_id):
     if not order_id:
-        return flask.jsonify(dict(error="Aborting refund: article not payed")), 401
+        return flask.jsonify(dict(error="Aborting refund: order unknown")), 400
     session_id = flask.session.get("session_id", "")
     pay_status = backend_get(
         BACKEND_URL, f"private/orders/{order_id}", params=dict(session_id=session_id)
@@ -204,9 +214,10 @@ def render_article(article_name, data, order_id):
 #         In the successful case, either the article is returned, or
 #         the browser gets redirected to a page where the wallet can
 #         send the payment.
-@app.route("/essay/<article_name>")
+@app.route("/<lang>/essay/<article_name>")
+@app.route("/<lang>/essay/<article_name>/data/<data>")
 @app.route("/essay/<article_name>/data/<data>")
-def article(article_name, data=None):
+def article(article_name, lang=None, data=None):
     # We use an explicit session ID so that each payment (or payment replay) is
     # bound to a browser.  This forces re-play and prevents sharing the article
     # by just sharing the URL.
@@ -218,9 +229,11 @@ def article(article_name, data=None):
     ##
     # First-timer; generate order first.
     if not order_id:
+        if not lang:
+            err_abort(403, message="Direct access forbidden")
         order = dict(
             amount=ARTICLE_AMOUNT,
-            extra=dict(article_name=article_name),
+            extra=dict(article_name=article_name,lang=lang),
             fulfillment_url=flask.request.base_url,
             summary="Essay: " + article_name.replace("_", " "),
             # 10 minutes time for a refund
@@ -251,5 +264,6 @@ def article(article_name, data=None):
     # Redirect the browser to a page where the wallet can
     # run the payment protocol.
     response = flask.redirect(pay_status["order_status_url"])
-    response.set_cookie("order_id", order_id, path=f"/essay/{article_name}")
+    response.set_cookie("order_id", order_id, path=urllib.parse.quote(f"/essay/{article_name}"))
+    response.set_cookie("order_id", order_id, path=urllib.parse.quote(f"/{lang}/essay/{article_name}"))
     return response
-- 
cgit v1.2.3