def payments_ipn(req):
raw_data = req.body.decode("utf-8")
raw_data += "&cmd=_notify-validate"
ipnreq = urllib.request.Request(PP_WEBSCR)
ipnreq.add_header("Content-type", "application/x-www-form-urlencoded")
result = urllib.request.urlopen(ipnreq, raw_data.encode("utf-8"))
response = result.read().decode("utf-8")
if response != "VERIFIED":
logger.error("IPN request %s not validated - response %s" %
(req.body, response))
return HttpResponse(status=403)
if req.POST["receiver_id"] != PP_RECEIVER_ID or req.POST[
"mc_currency"] != PAYMENT_CURRENCY:
logger.error("IPN request %s has incorrect details" % req.POST)
return HttpResponse(status=400)
if req.POST["payment_status"] == "Refunded":
Payments.ReversePayment(req.POST["parent_txn_id"])
logger.info("IPN refund %s OK" % str(req.POST))
return HttpResponse()
if req.POST["payment_status"] != "Completed":
logger.error("IPN request %s not complete" % req.POST)
return HttpResponse()
logger.info("IPN request %s OK" % str(req.POST))
payment = Payments.LogPayment(req.POST["txn_id"],
amount=req.POST["mc_gross"],
initialAssociatedAccount=req.POST["custom"],
email=req.POST["payer_email"])
user = User.Get(req.POST["custom"])
User.AssociatePayment(user, payment)
if "_id" not in payment: # Is the payment newly entered? Really should have used an ORM about 3 years ago.
payments_send_confirmation(req, req.POST["payer_email"])
return HttpResponse()
def payments_ipn(req):
raw_data = req.body.decode("utf-8")
raw_data += "&cmd=_notify-validate"
ipnreq = urllib.request.Request(PP_WEBSCR)
ipnreq.add_header("Content-type", "application/x-www-form-urlencoded")
result = urllib.request.urlopen(ipnreq, raw_data.encode("utf-8"))
response = result.read().decode("utf-8")
if response != "VERIFIED":
logger.error("IPN request %s not validated - response %s" %
(req.body, response))
return HttpResponse(status=403)
if req.POST["receiver_id"] != PP_RECEIVER_ID or req.POST[
"mc_currency"] != PAYMENT_CURRENCY:
logger.error("IPN request %s has incorrect details" % req.POST)
return HttpResponse(status=400)
if req.POST["payment_status"] != "Completed":
logger.error("IPN request %s not complete" % req.POST)
return HttpResponse()
logger.info("IPN request %s OK" % str(req.POST))
payment = Payments.LogPayment(req.POST["txn_id"],
amount=req.POST["mc_gross"],
initialAssociatedAccount=req.POST["custom"],
email=req.POST["payer_email"])
user = User.Get(req.POST["custom"])
User.AssociatePayment(user, payment)
try:
ab_experiment_complete("autosync", user["_id"],
float(req.POST["mc_gross"]))
except:
logger.error("AB experiment did not complete - no experiment running?")
return HttpResponse()
def payments_claim_return(request, code):
user, payment = Payments.ConsumeClaimCode(code)
if not payment:
return render(request, "payments/claim_return_fail.html")
User.AssociatePayment(user, payment)
User.Login(user, request) # In case they somehow managed to log out - they've proved their identity.
return redirect("/#/payments/claimed")