def fallback(path):
messages = resource_bundle.ResourceBundle()
lang = detect_language()
if path.startswith('X'):
offer = wsgi_blueprint.ioc.new_offer_service().find_by_hash(path)
if offer is not None:
wsgi_blueprint.logger.info('['+get_customer_ip()+'] loading offer page by hash: %s'%path)
wsgi_blueprint.ioc.new_event_service().persist(model.Event(get_customer_ip(), offer.account, path))
offer_title = util.LocaleUtil().get_localized_title(offer, lang)
return render_template('offer.html',
messages=messages.get_all(lang),
language = lang,
title=offer_title,
account_hash = offer.account.hash,
account_name = offer.account.name.replace("'", "'"),
countries = [c.as_json() for c in wsgi_blueprint.ioc.new_country_service().find_all()],
project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'],
stripe_publishable=wsgi_blueprint.ioc.get_config()['stripe.publishable'])
elif path.startswith('S'):
wsgi_blueprint.logger.info('['+get_customer_ip()+'] loading seller page by hash: %s'%path)
account = wsgi_blueprint.ioc.new_account_service().find_by_hash(path)
if account is not None:
return render_template('offer_list.html',
messages=messages.get_all(lang),
language = lang,
title=account.name,
account_hash = account.hash,
account_name = account.name.replace("'", "'"),
project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'])
else:
wsgi_blueprint.logger.info('['+get_customer_ip()+'] could not find seller by name: [%s]'%path)
return Response(status=404)
else:
return Response(status=404)
def login():
messages = resource_bundle.ResourceBundle()
lang = detect_language()
activation_hash = request.args.get('h')
email_hash = request.args.get('e')
if activation_hash is not None and email_hash is not None:
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting user activation with h=%s,e=%s'%(activation_hash, email_hash))
user = wsgi_blueprint.ioc.new_user_service().find_by_activation_hash(activation_hash)
if user is not None:
if hashlib.sha224(user.username.encode('utf-8')).hexdigest()==email_hash:
user.active = True
model.base.db.session.commit()
session['username'] = user.username
return redirect('/admin/')
else:
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Failed activation, email hash not equal was: %s, expected: %s'%(hashlib.sha224(user.username.encode('utf-8')).hexdigest(), email_hash))
# todo handle when hash not equal
else:
# todo handle when user is null
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Failed activation, no user for given hash:%s'%activation_hash)
pass
messages = messages.get_all(lang)
return render_template('main.html',
project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'],
messages=messages,
page='login'
)
def new():
messages = resource_bundle.ResourceBundle()
password_blueprint.logger.info('['+get_customer_ip()+'] Processing new password request')
password = request.json['password']
if password==request.json['confirmPassword']:
reset_hash = request.json['h']
email_hash = request.json['e']
user = password_blueprint.ioc.new_user_service().find_by_reset_hash(reset_hash)
if user is not None:
if hashlib.sha224(user.username.encode('utf-8')).hexdigest()==email_hash:
user.password = generate_password_hash(password)
user.active = True
model.base.db.session.commit()
password_blueprint.logger.info('['+get_customer_ip()+'] Authenticating after password reset')
session['username'] = user.username
return Response(status=200, mimetype='application/json')
else:
password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, email hash invalid')
else:
password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, no such user')
else:
password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, password mismatch confirm password')
lang = detect_language()
error_message = messages.get_text(lang, 'new_password_mismatch')
return Response(json.dumps({"error_message": error_message}), status=400, mimetype='application/json')
def delete_image(target, id):
user = offer.ioc.new_user_service().find_by_username(session['username'])
if target=='additional_image':
offer.logger.debug('['+get_customer_ip()+'] delete additional image id:'+id)
image = offer.ioc.new_image_service().find_by_id(int(id))
if image.offer_item.offer.account_id==user.account_id:
for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'):
os.remove(fl)
offer.ioc.new_image_service().delete(image)
return Response(status=200)
elif target=='offer_item':
offer.logger.debug('['+get_customer_ip()+'] delete image - target offer_item')
offer_item = offer.ioc.new_offer_service().find_offer_item_by_id(id)
if offer_item.offer.account_id==user.account_id:
offer_item.img=None
for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'):
os.remove(fl)
if offer_item.variations.count()>0:
for variation in offer_item.variations:
if variation.img is None and variation.img is not None:
offer_item.img = variation.img
model.base.db.session.commit()
return Response(status=200)
else:
offer_item_variation = offer.ioc.new_offer_service().find_offer_item_variation_by_id(id)
if offer_item_variation.offer_item.offer.account_id==user.account_id:
offer_item_variation.img=None
for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'):
os.remove(fl)
offer.logger.debug('['+get_customer_ip()+'] deleted images')
model.base.db.session.commit()
return Response(status=200)
return Response(status=400)
def list():
order_blueprint.logger.debug('['+get_customer_ip()+'] list orders username %s, page=%s'%(session['username'], request.args.get('page')))
user = order_blueprint.ioc.new_user_service().find_by_username(session['username'])
orders = order_blueprint.ioc.new_order_service().find_by_page(user.account, int(request.args.get('page')))
order_blueprint.logger.debug('['+get_customer_ip()+'] returning %s orders'%(len(orders)))
count = order_blueprint.ioc.new_order_service().find_paid_orders_count(user.account)
js = { "orders" : [o.as_json() for o in orders], "count" : count}
return Response(json.dumps(js), mimetype='application/json')
def upload_image(offer_item_id, target, id):
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting image upload')
try:
file = request.files['file']
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting image upload file=%s'%file.filename)
if file and allowed_file(file.filename):
wsgi_blueprint.logger.debug('['+get_customer_ip()+'] image extenssion allowed')
filename = secure_filename(file.filename)
mkdirs(wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target)
offer_item = wsgi_blueprint.ioc.new_offer_service().find_offer_item_by_id(offer_item_id)
user = wsgi_blueprint.ioc.new_user_service().find_by_username(session['username'])
if offer_item.offer.account_id!=user.account_id:
raise RuntimeError('Tried to change image for different account')
if target=='additional_image':
additional_image = model.Image(offer_item)
offer_item.images.append(additional_image)
elif target=='offer_item':
offer_item.img = target+'/'+id
elif offer_item.img is not None and offer_item.img.startswith('offer_item_variation'):
offer_item.img = target+'/'+id
if target.startswith('offer_item_variation'):
offer_item_variation = wsgi_blueprint.ioc.new_offer_service().find_offer_item_variation_by_id(id)
offer_item_variation.img = target+'/'+id
model.base.db.session.commit()
if target=='additional_image':
value = additional_image.creation_date
id = str(additional_image.id)+str(value)
try:
file.save(wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'.png')
with Image(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'.png') as img:
with img.clone() as i:
i.resize(int(100), int(100/i.width*i.height))
i.save(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'_thumb.png')
with img.clone() as i:
i.compression_quality=99
i.resize(int(500), int(500/i.width*i.height))
i.save(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'_500.png')
if target=='additional_image':
js = { "images" : [o.as_json() for o in offer_item.images]}
return Response(json.dumps(js), mimetype='application/json')
else:
return Response(status=200)
except IOError:
traceback.print_exc(file=sys.stdout)
print("cannot create thumbnail for '%s'" % filename)
return Response(status=500)
else:
wsgi_blueprint.logger.debug('['+get_customer_ip()+'] extenssion not allowed filename=%s'%file.filename)
return Response(status=400)
except:
traceback.print_exc(file=sys.stdout)
return Response(status=400)
def process_init():
order_id = request.args.get('order_id')
paypal_init.logger.info('['+get_customer_ip()+'] Paypal init [order_id:'+order_id+']')
order = paypal_init.ioc.new_order_service().find_by_id(int(order_id))
payment_reference = security.Security().encrypt(str(order.id)+"#"+order.order_number)
i = 0
shipping = 0.0
basket_items = []
for item in order.items:
item_title = util.LocaleUtil().get_localized_title(item, order.lang)
if item.variations is not None and item.variations.count()>0:
itotal = 0.0
for iv in item.variations:
itotal = itotal+((iv.quantity*(iv.net+iv.tax)))
item_variation_title = util.LocaleUtil().get_localized_title(iv, order.lang)
if iv.quantity==1:
shipping = shipping + iv.shipping
else:
shipping = shipping + iv.shipping
for c in range(iv.quantity-1):
if iv.shipping_additional is not None:
shipping = shipping + iv.shipping_additional
else:
shipping = shipping + iv.shipping
if order.offer.currency!=order.currency:
basket_items.append({'index':(i+1), 'title':item_title+'('+item_variation_title+')', 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, itotal), 2)})
else:
basket_items.append({'index':(i+1), 'title':item_title+'('+item_variation_title+')', 'value': round(itotal, 2)})
i = i+1
else:
if order.offer.currency!=order.currency:
basket_items.append({'index':(i+1), 'title':item_title, 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, (item.quantity*(item.net+item.tax))), 2)})
else:
basket_items.append({'index':(i+1), 'title':item_title, 'value':round((item.quantity*(item.net+item.tax)), 2)})
if item.quantity==1:
shipping = shipping + item.shipping
else:
shipping = shipping + item.shipping
for c in range(item.quantity-1):
if item.shipping_additional is not None:
shipping = shipping + item.shipping_additional
else:
shipping = shipping + item.shipping
i = i+1
if order.offer.currency!=order.currency:
basket_items.append({'index':(i+1), 'title':resource_bundle.ResourceBundle().get_text(order.lang, "shipping"), 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, shipping), 2)})
else:
basket_items.append({'index':(i+1), 'title':resource_bundle.ResourceBundle().get_text(order.lang, "shipping"), 'value':round(shipping, 2)})
seller = paypal_init.ioc.get_config()['paypal.seller']
paypal_url = paypal_init.ioc.get_config()['paypal.url']
ipn_host = paypal_init.ioc.get_config()['address.www']
paypal_init.logger.info('['+get_customer_ip()+'] Paypal generating html [order_id:'+order_id+']')
return paypal_init.ioc.new_paypal_service().generate_init_html(order, payment_reference, basket_items, ipn_host, seller, paypal_url)
def register():
account_name = request.json['name']
account = register_rest.ioc.new_account_service().find_by_name(account_name)
lang = detect_language()
messages = resource_bundle.ResourceBundle()
if account is None:
username = request.json['username']
register_rest.logger.info('['+get_customer_ip()+'] Processing registration request')
user = register_rest.ioc.new_user_service().find_by_username(username)
if user is None:
a = model.Account()
a.name = account_name
a.lang = detect_language()
u = model.User(username, generate_password_hash(request.json['password']))
u.activation_hash = str(uuid.uuid4())
a.users.append(u)
register_rest.ioc.new_account_service().save(a)
success_message = messages.get_text(lang, 'register_success')
registration_email = register_rest.ioc.get_config()['registration_email']
customer_email = model.Email()
customer_email.type = "REGISTRATION"
customer_email.from_address = registration_email
customer_email.ref_id = u.id
customer_email.to_address = u.username
customer_email.language = lang
messages = resource_bundle.ResourceBundle()
customer_email.subject = messages.get_text(lang, 'registration_email_subject')
register_rest.ioc.new_email_service().save(customer_email)
admin_email = model.Email()
admin_email.type = 'REGISTRATION_ADMIN'
admin_email.from_address = registration_email
admin_email.to_address = registration_email
admin_email.subject = "New customer: "+u.username
register_rest.ioc.new_email_service().save(admin_email)
if register_rest.ioc.get_config()['SKIP_ACCOUNT_ACTIVATION']:
u.active = True
session['username'] = u.username
model.base.db.session.commit()
register_rest.logger.info('['+get_customer_ip()+'] Registration successful')
return Response(json.dumps({"success_message": success_message, 'skip_activation':register_rest.ioc.get_config()['SKIP_ACCOUNT_ACTIVATION']}), status=200, mimetype='application/json')
else:
register_rest.logger.info('['+get_customer_ip()+'] Registration failed, user already exist')
error_message = messages.get_text(lang, 'register_user_already_exist')
return Response(json.dumps({"error_message": error_message}), status=409, mimetype='application/json')
else:
register_rest.logger.info('['+get_customer_ip()+'] Registration failed, account already exist')
error_message = messages.get_text(lang, 'register_account_already_exist')
return Response(json.dumps({"error_message": error_message}), status=409, mimetype='application/json')
def new_message():
contact_blueprint.logger.info('['+get_customer_ip()+'] Send contact message')
oi = contact_blueprint.ioc.new_contact_service().save_conctact(model.Contact(get_customer_ip(), request.json['email'], request.json['message']))
messages = resource_bundle.ResourceBundle()
lang = detect_language()
admin_email = model.Email()
admin_email.type = 'ADMIN_CONTACT_EMAIL'
admin_email.ref_id = oi.id
admin_email.from_address = contact_blueprint.ioc.get_config()['contact_email']
admin_email.to_address = contact_blueprint.ioc.get_config()['contact_email']
admin_email.subject = "Cusomer message"
contact_blueprint.ioc.new_email_service().save(admin_email)
return jsonify({'id':oi.id, 'success_message':messages.get_text(lang, 'contact_message_success')})
def refund():
order_blueprint.logger.debug('['+get_customer_ip()+'] process order refund request by username %s, order_id=%s'%(session['username'], request.args.get('id')))
user = order_blueprint.ioc.new_user_service().find_by_username(session['username'])
order = order_blueprint.ioc.new_order_service().find_by_id(int(request.args.get('id')))
if order.account_id==user.account_id:
order.ioc.new_order_service().refund_order(order)
return Response(status=200, mimetype='application/json')
else:
return Response(status=400, mimetype='application/json')
def find_order_total(order):
total = stripe_rest.ioc.new_order_service().find_order_total(order)
if order.offer.currency!=order.currency:
stripe_rest.logger.info('['+get_customer_ip()+'] doing currency exchange=[%s>%s]'+(order.offer.currency, order.currency))
# TODO do currency conversion
# return stripe_rest.ioc.new_currency_service().convert(order.currency, total);
pass
else:
return total
def register():
messages = resource_bundle.ResourceBundle()
lang = detect_language()
wsgi_blueprint.logger.info('['+get_customer_ip()+'] Detected customer language %s'%(lang))
return render_template('main.html',
project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'],
messages=messages.get_all(lang),
page='register'
)
def request_withdrawal():
withdraw.logger.debug('['+get_customer_ip()+'] processing withdrawal request for user %s'%(session['username']))
user = withdraw.ioc.new_user_service().find_by_username(session['username'])
amount = request.json['amount']
iban = request.json['iban']
bic = request.json['bic']
if user.account.balance>=float(amount):
user.account.balance = user.account.balance - float(amount)
withdrawal = model.Withdrawal(float(amount), iban, bic)
withdrawal.account = user.account
user.account.withdrawals.append(withdrawal)
model.base.db.session.commit()
js = { "balance" : user.account.balance, "withdrawals" : [o.as_json() for o in user.account.withdrawals] }
return Response(json.dumps(js), mimetype='application/json', status=200)
else:
withdraw.logger.debug('['+get_customer_ip()+'] not enough funds to make withdrawal for user %s'%(session['username']))
messages = resource_bundle.ResourceBundle()
js = { "msg" : messages.get_text(user.account.lang, 'not_enough_funds')}
return Response(json.dumps(js), mimetype='application/json', status=400)
def login():
username = request.json['username']
messages = resource_bundle.ResourceBundle()
lang = detect_language()
login_blueprint.logger.info('['+get_customer_ip()+'] Processing authentication request')
user = login_blueprint.ioc.new_user_service().find_by_username(username)
if user is not None and user.active:
if check_password_hash(user.password, request.json['password']):
login_blueprint.logger.info('['+get_customer_ip()+'] Authentication successful')
session['username'] = username
return Response(status=200, mimetype='application/json')
else:
error_message = messages.get_text(lang, 'login_wrong_username_or_password')
login_blueprint.logger.info('['+get_customer_ip()+'] Authentication failed password mismatch')
else:
if user is None:
error_message = messages.get_text(lang, 'login_wrong_username_or_password')
else:
error_message = messages.get_text(lang, 'login_user_inactive')
login_blueprint.logger.info('['+get_customer_ip()+'] Authentication failed no user for username:'******'application/json')
def reset():
password_blueprint.logger.info('['+get_customer_ip()+'] Processing reset password request')
user = password_blueprint.ioc.new_user_service().find_by_username(request.json['username'])
messages = resource_bundle.ResourceBundle()
if user is not None:
user.reset_hash = str(uuid.uuid4())
model.base.db.session.commit()
reset_password_subject = resource_bundle.ResourceBundle().get_text(user.account.lang, 'reset_password')
reset_password_email = model.Email()
reset_password_email.language = user.account.lang
reset_password_email.ref_id = user.id
reset_password_email.type = 'RESET_PASSWORD'
reset_password_email.from_address = password_blueprint.ioc.get_config()['no_reply']
reset_password_email.to_address = user.username
reset_password_email.subject = reset_password_subject
password_blueprint.ioc.new_email_service().save(reset_password_email)
success_message = messages.get_text(user.account.lang, 'reset_password_link_info')
return Response(json.dumps({"success_message": success_message}), status=200, mimetype='application/json')
else:
password_blueprint.logger.info('['+get_customer_ip()+'] Failed to request reset password, no such user')
lang = detect_language()
error_message = messages.get_text(lang, 'reset_password_no_email')
return Response(json.dumps({"error_message": error_message}), status=204, mimetype='application/json')
def process():
stripe_rest.logger.info('['+get_customer_ip()+'] Process payment with stripe for order:'+str(request.json['order_id']))
order = stripe_rest.ioc.new_order_service().find_by_id(int(request.json['order_id']))
if order is not None:
stripe_rest.logger.info('['+get_customer_ip()+'] Order='+str(order.id))
amount = find_order_total(order)
currency = order.currency.lower()
try:
stripe_rest.logger.info('['+get_customer_ip()+'] stripe charge order=%s, amount=%s'%(request.json['order_id'], amount))
resp = stripe_rest.ioc.new_stripe_service().charge(
amount=int(math.ceil(amount*100)),
currency=currency,
card=request.json['stripe_token'],
description=order.order_number
)
stripe_rest.logger.info('['+get_customer_ip()+'] Success - stripe response '+str(resp)+' order number: '+order.order_number)
stripe_message = model.StripeMessage(resp.id, str(resp), int(request.json['order_id']))
stripe_rest.ioc.new_stripe_service().save(stripe_message)
stripe_rest.ioc.new_payment_processor_service().process_paid_order(order)
return Response(status=200)
except:
traceback.print_exc(file=sys.stdout)
raise BadRequest('['+get_customer_ip()+'] Failed to collect payment')
def process_success():
paypal_success.logger.info('['+get_customer_ip()+'] Paypal success')
# TODO implement payment-successful.html
return redirect('/payment-successful.html')
def save():
user = offer.ioc.new_user_service().find_by_username(session['username'])
offer.logger.debug('['+get_customer_ip()+'] save offer %s'%json.dumps(request.json))
x = json.loads(json.dumps(request.json), object_hook=lambda d: namedtuple('X', d.keys())(*d.values()))
o = offer.ioc.new_offer_service().save_offer(user.account, x)
return Response(json.dumps(o.as_json()), mimetype='application/json')
def get_by_hash(hash):
offer.logger.debug('['+get_customer_ip()+'] retrieve offer by hash %s'%hash)
js = offer.ioc.new_offer_service().find_by_hash(hash).as_json()
return Response(json.dumps(js), mimetype='application/json')
def get_by_account(hash):
offer.logger.debug('['+get_customer_ip()+'] retrieve offers by hash %s'%hash)
account = offer.ioc.new_account_service().find_by_hash(hash)
offers = offer.ioc.new_offer_service().find_by_account_id(account.id)
js = {"offers" : [o.as_json() for o in offers]}
return Response(json.dumps(js), mimetype='application/json')
def apply_payment():
payment.logger.info('['+get_customer_ip()+'] Apply payment for order: %s'%json.dumps(request.json))
# TODO handle QuantityNotAvailable
x = json.loads(json.dumps(request.json), object_hook=lambda d: namedtuple('X', d.keys())(*d.values()))
order = payment.ioc.new_order_service().save(x)
return jsonify({'id':order.id, 'order_number': order.order_number})
