def post(self, tip_id: int = None): tip_title = context.form.get('title') print(tip_id, tip_title) # Updating the tips title # TipStore.get(tip_id).update(tip_title) raise HttpFound('/tips/')
def post(self): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( client_secret_file, scopes=[settings.oauth_google_scope], redirect_uri=settings.redirect_uri_auth) authorization_url, state = flow.authorization_url( access_type='offline', include_granted_scopes='true') raise HttpFound(authorization_url)
def get(self, hash_id): try: db_id, = hashids.decode(hash_id) except ValueError: raise HttpBadRequest() url = DBSession.query(Url).filter_by(id=db_id).one_or_none() if url is None: raise HttpNotFound() raise HttpFound(url.url)
def google(self): raise HttpFound('http://google.com')
def about(self): raise HttpFound('/new/address')
def post(self, inner_resource: str): # TODO: Warning: DDOS! # TODO: Fix these shits! # TODO: Add some salt to prevent man in the middle (Extra field to send on creation and check on verification, # Use description part) if inner_resource == 'pay-irs': status = context.form.get('status', None) trans_id = context.form.get('transId', None) factor_number = context.form.get('factorNumber', None) _ = context.form.get('description', None) card_number = context.form.get('cardNumber', None) trace_number = context.form.get('traceNumber', None) _ = context.form.get('message', None) result = 'successful' if status == 0: result = 'bad-status' elif factor_number is None: result = 'bad-factor-number' elif trace_number is None: result = 'bad-trace-number' else: target_transaction = Cashin.query \ .filter(Cashin.id == factor_number) \ .filter(Cashin.reference_id.is_(None)) \ .filter(Cashin.transaction_id == trans_id).one_or_none() if target_transaction is None: result = 'bad-transaction' elif card_number[:6] != target_transaction.banking_id.pan.replace('-', '')[:6] or \ card_number[-4:] != target_transaction.banking_id.pan[-4:]: result = 'bad-card' else: payment_gateway = target_transaction.payment_gateway shaparak_provider = create_shaparak_provider() try: amount, _, _ = shaparak_provider.verify_transaction( target_transaction.transaction_id) amount = payment_gateway.fiat.input_to_normalized( str(amount), strict=False) # TODO: After verification, add a record with error to be possible to follow the problem later if target_transaction.amount != amount: result = 'bad-amount' else: try: # Set reference_id target_transaction.reference_id = trace_number stexchange_client.balance_update( user_id=target_transaction.member_id, asset=target_transaction.payment_gateway. fiat_symbol, # FIXME business="cashin", # FIXME business_id=target_transaction. id, # FIXME: Think about double payment change=payment_gateway.fiat. format_normalized_string( target_transaction.amount - target_transaction.commission), detail=target_transaction.to_dict(), ) # FIXME: Important !!!! : rollback the updated balance if # DBSession.commit() was not successful DBSession.commit() except StexchangeException as e: if DBSession.is_active: DBSession.rollback() result = 'stexchange-error' + str( e # FIXME: Delete the exception message for deployment ) except: import traceback traceback.print_exc() if DBSession.is_active: DBSession.rollback() result = 'internal-error' except ShaparakError: result = 'not-verified' raise HttpFound( f'{settings.shaparak.pay_ir.result_redirect_url}?result={result}' ) raise HttpMethodNotAllowed()