def get_api_key(self):
if Config.is_testing:
# We can't use the datastore.
return "testapikey"
elif Config.is_dev:
return keymaster.get("spreedly:hackerdojotest")
else:
return keymaster.get("spreedly:hackerdojo")
def __init__(self):
try:
self.is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev')
except:
self.is_dev = False
self.is_prod = not self.is_dev
if self.is_dev:
self.SPREEDLY_ACCOUNT = 'hackerdojotest'
self.SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest')
self.PLAN_IDS = {'full': '1957'}
else:
self.SPREEDLY_ACCOUNT = 'hackerdojo'
self.SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo')
self.PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'worktrade': '6608', 'comped': '15451', 'threecomp': '18158', 'yearly':'18552', 'fiveyear': '18853', 'thielcomp': '19616'}
def post(self):
def fail(what, details):
mail.send_mail(sender=EMAIL_FROM,
to="Internal Dev <*****@*****.**>",
subject="[hd-signup] CreateUserTask failure",
body=details)
def retry(countdown=None):
retries = int(self.request.get('retries', 0)) + 1
if retries <= 5:
taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown,
params={'hash': self.request.get('hash'), 'retries': retries})
else:
fail("Too many retries")
membership = Membership.get_by_hash(self.request.get('hash'))
if membership is None or membership.username:
return
if not membership.spreedly_token:
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':')
except (AttributeError, ValueError):
return fail("Account information expired")
try:
resp = urlfetch.fetch('http://domain.hackerdojo.com/users', method='POST', payload=urllib.urlencode({
'username': username,
'password': password,
'first_name': membership.first_name,
'last_name': membership.last_name,
'secret': keymaster.get('*****@*****.**'),
}), deadline=10)
except urlfetch.DownloadError, e:
return retry()
def get(self):
units = {"AC1":"EDD9A758", "AC2":"B65D8121", "AC3":"0BA20EDC", "AC5":"47718E38"}
modes = ["Off","Heat","Cool"]
master = units["AC3"]
key = keymaster.get('thermkey')
url = "https://api.bayweb.com/v2/?id="+master+"&key="+key+"&action=data"
result = urlfetch.fetch(url)
if result.status_code == 200:
thdata = json.loads(result.content)
inside_air_temp = thdata['iat']
mode = thdata['mode']
if inside_air_temp <= 66 and modes[mode] == "Cool":
for thermostat in units:
url = "https://api.bayweb.com/v2/?id="+units[thermostat]+"&key="+key+"&action=set&heat_sp=69&mode="+str(modes.index("Heat"))
result = urlfetch.fetch(url)
notify_hvac_change(inside_air_temp,"Heat")
if inside_air_temp >= 75 and modes[mode] == "Heat":
for thermostat in units:
url = "https://api.bayweb.com/v2/?id="+units[thermostat]+"&key="+key+"&action=set&cool_sp=71&mode="+str(modes.index("Cool"))
result = urlfetch.fetch(url)
notify_hvac_change(inside_air_temp,"Cold")
self.response.out.write("200 OK")
else:
notify_hvac_change(result.status_code,"ERROR connecting to BayWeb API")
self.response.out.write("500 Internal Server Error")
def post(self, hash):
username = self.request.get('username')
password = self.request.get('password')
if password != self.request.get('password_confirm'):
self.redirect(self.request.path + "?message=Passwords don't match")
elif len(password) < 6:
self.redirect(self.request.path + "?message=Password must be 6 characters or longer")
else:
m = Membership.all().filter('hash =', hash).get()
if m and m.spreedly_token:
try:
resp = urlfetch.fetch('http://domain.hackerdojo.com/users', method='POST', payload=urllib.urlencode({
'username': username,
'password': password,
'first_name': m.first_name,
'last_name': m.last_name,
'secret': keymaster.get('*****@*****.**'),
}), deadline=10)
out = resp.content
except urlfetch.DownloadError, e:
out = str(e)
usernames = fetch_usernames(False)
if username in usernames:
m.username = username
m.put()
self.redirect('/success/%s?email' % hash)
else:
mail.send_mail(sender=EMAIL_FROM,
to="Jeff Lindsay <*****@*****.**>",
subject="Error creating account for %s" % username,
body=out if m.spreedly_token else "Attempt to make user without paying: " + self.request.remote_addr)
self.redirect(self.request.path + "?message=There was a problem creating your account. Please contact an admin.")
def get(self, hash):
m = Membership.all().filter('hash =', hash).get()
if m.username:
self.redirect('/success/%s' % hash)
else:
s = spreedly.Spreedly(SPREEDLY_ACCOUNT, token=SPREEDLY_APIKEY)
valid_acct = False
try:
subscriber = s.subscriber_details(sub_id=int(m.key().id()))
valid_acct = subscriber['active'] == 'true'
except spreedly.SpreedlyResponseError:
pass
if valid_acct:
user = users.get_current_user()
if user:
m.username = user.nickname().split('@')[0]
m.put()
self.redirect(users.create_logout_url('/success/%s' % hash))
else:
if not keymaster.get('api-secret'):
keymaster.request('api-secret')
message = self.request.get('message')
p = re.compile(r'[^\w]')
username = '******'.join([p.sub('', m.first_name), p.sub('', m.last_name)]).lower()
if username in fetch_usernames():
username = m.email.split('@')[0]
if self.request.get('u'):
pick_username = True
login_url = users.create_login_url(self.request.path)
self.response.out.write(template.render('templates/account.html', locals()))
else:
self.redirect("/")
def restore(username):
conf = Config()
if conf.is_testing:
# Don't do this if we're testing.
return
resp = urlfetch.fetch("http://%s/restore/%s" % \
(conf.DOMAIN_HOST, username),
method="POST", deadline=10,
payload=urllib.urlencode({"secret": keymaster.get("api")}),
follow_redirects=False)
if resp.status_code != 200:
# The domain app will handle retrying for us, so we don't block the queue.
logging.error("User restoration failed with status %d." % \
(resp.status_code))
# Alert the events app that the user's status has changed.
query = {"username": username, "status": "active"}
response = urlfetch.fetch("http://%s/api/v1/status_change" % \
(conf.EVENTS_HOST), method="POST",
payload=urllib.urlencode(query),
follow_redirects=False)
if response.status_code != 200:
logging.warning("Notifying events app failed.")
def post(self):
def fail(what, details):
mail.send_mail(sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] CreateUserTask failure" % APP_NAME,
body=details)
def retry(countdown=None):
retries = int(self.request.get('retries', 0)) + 1
if retries <= 5:
taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown,
params={'hash': self.request.get('hash'), 'retries': retries})
else:
fail("Too many retries")
membership = Membership.get_by_hash(self.request.get('hash'))
if membership is None or membership.username:
return
if not membership.spreedly_token:
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':')
except (AttributeError, ValueError):
return fail("Account information expired")
try:
resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, method='POST', payload=urllib.urlencode({
'username': username,
'password': password,
'first_name': membership.first_name,
'last_name': membership.last_name,
'secret': keymaster.get(DOMAIN_USER),
}), deadline=10)
except urlfetch.DownloadError, e:
return retry()
def __init__(self, *args, **kwargs):
super(BaseApp, self).__init__(*args, **kwargs)
# If we're unit testing, use the same one every time for consistent results.
if Config().is_testing:
secret = "notasecret"
else:
# Check that we have a secret key for generating tokens.
try:
secret = keymaster.get("token_secret")
except keymaster.KeymasterError:
logging.warning("Found no token secret, generating one.")
secret = security.generate_random_string(entropy=128)
keymaster.Keymaster.encrypt("token_secret", secret)
# Configure webapp2.
my_config = {
"webapp2_extras.auth": {
"user_model": "membership.Membership",
"user_attributes": ["first_name", "last_name", "email"]
},
"webapp2_extras.sessions": {
"secret_key": secret
}
}
self.config = webapp2.Config(my_config)
def __init__(self, *args, **kwargs):
super(BaseApp, self).__init__(*args, **kwargs)
# If we're unit testing, use the same one every time for consistent results.
if Config().is_testing:
secret = "notasecret"
else:
# Check that we have a secret key for generating tokens.
try:
secret = keymaster.get("token_secret")
except keymaster.KeymasterError:
logging.warning("Found no token secret, generating one.")
secret = security.generate_random_string(entropy=128)
keymaster.Keymaster.encrypt("token_secret", secret)
# Configure webapp2.
my_config = {
"webapp2_extras.auth": {
"user_model": "membership.Membership",
"user_attributes": ["first_name", "last_name", "email"]
},
"webapp2_extras.sessions": {
"secret_key": secret
}
}
self.config = webapp2.Config(my_config)
def get(self):
units = {
"AC1": "EDD9A758",
"AC2": "B65D8121",
"AC3": "0BA20EDC",
"AC5": "47718E38"
}
modes = ["Off", "Heat", "Cool"]
master = units["AC3"]
key = keymaster.get('thermkey')
url = "https://api.bayweb.com/v2/?id=" + master + "&key=" + key + "&action=data"
result = urlfetch.fetch(url)
if result.status_code == 200:
thdata = json.loads(result.content)
inside_air_temp = thdata['iat']
mode = thdata['mode']
if inside_air_temp <= 66 and modes[mode] == "Cool":
for thermostat in units:
url = "https://api.bayweb.com/v2/?id=" + units[
thermostat] + "&key=" + key + "&action=set&heat_sp=69&mode=" + str(
modes.index("Heat"))
result = urlfetch.fetch(url)
notify_hvac_change(inside_air_temp, "Heat")
if inside_air_temp >= 75 and modes[mode] == "Heat":
for thermostat in units:
url = "https://api.bayweb.com/v2/?id=" + units[
thermostat] + "&key=" + key + "&action=set&cool_sp=71&mode=" + str(
modes.index("Cool"))
result = urlfetch.fetch(url)
notify_hvac_change(inside_air_temp, "Cold")
self.response.out.write("200 OK")
else:
notify_hvac_change(result.status_code,
"ERROR connecting to BayWeb API")
self.response.out.write("500 Internal Server Error")
def restore(username):
conf = Config()
if conf.is_testing:
# Don't do this if we're testing.
return
resp = urlfetch.fetch("http://%s/restore/%s" % \
(conf.DOMAIN_HOST, username),
method="POST", deadline=10,
payload=urllib.urlencode({"secret": keymaster.get("api")}),
follow_redirects=False)
if resp.status_code != 200:
# The domain app will handle retrying for us, so we don't block the queue.
logging.error("User restoration failed with status %d." % \
(resp.status_code))
# Alert the events app that the user's status has changed.
query = {"username": username, "status": "active"}
response = urlfetch.fetch("http://%s/api/v1/status_change" % \
(conf.EVENTS_HOST), method="POST",
payload=urllib.urlencode(query),
follow_redirects=False)
if response.status_code != 200:
logging.warning("Notifying events app failed.")
def __init__(self,
name,
price_per_month,
description,
human_name=None,
aliases=[],
signin_limit=None,
member_limit=None,
legacy=None,
selectable=True,
full=False,
admin_only=False,
desk=False,
create_events=True):
""" The name of the plan in PinPayments. """
self.name = name
""" The user-facing name of this plan. """
if human_name:
self.human_name = human_name
else:
self.human_name = self.name.capitalize()
""" The ID of the plan in PinPayments. """
if not Config().is_testing:
self.plan_id = str(keymaster.get("plan.%s" % (self.name, )))
else:
# Just use the name as the ID for testing.
self.plan_id = self.name
logging.debug("Using plan_id for %s: %s" % (self.name, self.plan_id))
""" A description of the plan. """
self.description = description
""" Any other names that this plan could be referred to by. """
self.aliases = aliases
""" None if this is not a legacy plan, otherwise the non-legacy version of
the plan. """
self.legacy = legacy
if self.legacy:
self.legacy_pairs.add((self, self.legacy))
""" Whether only an admin can put people on this plan. """
self.admin_only = True if self.legacy else admin_only
""" Whether this plan is available for general selection. """
self.selectable = False if (self.legacy
or self.admin_only) else selectable
""" Whether this plan is currently full. """
self.full = full
""" Whether a user on this plan can create new events. """
self.create_events = create_events
""" The monthly price of this plan. """
self.price_per_month = price_per_month
""" Whether this plan comes with a private desk. """
self.desk = desk
""" Maximum number of times these people can sign in per month. """
self.signin_limit = signin_limit
""" Maximum number of people that can be on this plan at once. """
self.member_limit = member_limit
Plan.all_plans.append(self)
def post(self):
def fail(exception):
logging.error("CreateUserTask failed: %s" % exception)
mail.send_mail(
sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] CreateUserTask failure" % APP_NAME,
body=str(exception),
)
def retry(countdown=None):
retries = int(self.request.get("retries", 0)) + 1
if retries <= 5:
taskqueue.add(
url="/tasks/create_user",
method="POST",
countdown=countdown,
params={"hash": self.request.get("hash"), "retries": retries},
)
else:
fail(Exception("Too many retries for %s" % self.request.get("hash")))
membership = Membership.get_by_hash(self.request.get("hash"))
if membership is None or membership.username:
return
if not membership.spreedly_token:
logging.warn("CreateUserTask: No spreedly token yet, retrying")
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash + SPREEDLY_APIKEY).hexdigest()).split(":")
except (AttributeError, ValueError):
return fail(Exception("Account information expired for %s" % membership.email))
try:
logging.info("CreateUserTask: About to create user " + username)
resp = urlfetch.fetch(
"http://%s/users" % DOMAIN_HOST,
method="POST",
payload=urllib.urlencode(
{
"username": username,
"password": password,
"first_name": membership.first_name,
"last_name": membership.last_name,
"secret": keymaster.get(DOMAIN_USER),
}
),
deadline=10,
)
membership.username = username
membership.put()
logging.warn("CreateUserTask: I think that worked: " + resp.content)
except urlfetch.DownloadError, e:
logging.warn("CreateUserTask: API response error or timeout, retrying")
return retry()
def get(self):
self.response.headers['Content-type'] = "text/csv; charset=utf-8"
self.response.headers['Content-disposition'] = "attachment;filename=HackerDojoMembers.csv"
if keymaster.get('csvkey') == self.request.get('csvkey'):
users = Membership.all().filter('status =', 'active').filter('username !=', '').fetch(10000)
for u in users:
twitter = ''
if u.twitter:
twitter = u.twitter
self.response.out.write(u.first_name+","+u.last_name+","+u.username+"@hackerdojo.com,"+twitter+"\r\n")
def get(self):
self.response.headers["Content-type"] = "text/csv; charset=utf-8"
self.response.headers["Content-disposition"] = "attachment;filename=HackerDojoMembers.csv"
if keymaster.get("csvkey") == self.request.get("csvkey"):
users = Membership.all().filter("status =", "active").filter("username !=", "").fetch(10000)
for u in users:
twitter = ""
if u.twitter:
twitter = u.twitter
self.response.out.write(
u.first_name + "," + u.last_name + "," + u.username + "@hackerdojo.com," + twitter + "\r\n"
)
def get(self):
if self.request.get("maglock:key") != keymaster.get("maglock:key"):
self.response.out.write("Access denied")
else:
rfid_tag = self.request.get("rfid_tag")
if rfid_tag:
m = Membership.all().filter("rfid_tag ==", rfid_tag).get()
if m:
username = m.username
if "active" in m.status:
success = True
else:
success = False
subject = "Reactivate your RFID key now - renew your Hacker Dojo Subscription!"
body = """
Hi %s,
It looks like you just tried using your RFID key to open the doors to Hacker Dojo.
One teeny tiny issue, it looks like your membership has lapsed! This can happen by mistake sometimes, so no worries at all. The good news is you can reactivate your membership with only a few clicks:
%s
With warmest regards,
The Lobby Door
""" % (
m.first_name,
m.subscribe_url(),
)
deferred.defer(
mail.send_mail,
sender="Maglock <*****@*****.**>",
to=m.email,
subject=subject,
body=body,
_queue="emailthrottle",
)
else:
username = "******" + rfid_tag + ")"
success = False
rs = RFIDSwipe(username=username, rfid_tag=rfid_tag, success=success)
rs.put()
if "mark.hutsell" in username or "some.other.evilguy" in username:
deferred.defer(
mail.send_mail,
sender="Maglock <*****@*****.**>",
to="Emergency Paging System <*****@*****.**>",
subject="RFID Entry: " + username,
body="Lobby entry",
_queue="emailthrottle",
)
urlfetch.fetch("http://www.dustball.com/call/call.php?str=RFID+Entry+" + username)
self.response.out.write("OK")
def post(self):
def fail(exception):
logging.error("CreateUserTask failed: %s" % exception)
mail.send_mail(sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] CreateUserTask failure" % APP_NAME,
body=str(exception))
def retry(countdown=3):
retries = int(self.request.get('retries', 0)) + 1
if retries <= 5:
taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown,
params={'hash': self.request.get('hash'), 'retries': retries})
else:
fail(Exception("Too many retries for %s" % self.request.get('hash')))
c = Config()
user_hash = self.request.get('hash')
membership = Membership.get_by_hash(user_hash)
if membership is None or membership.username:
return
if not membership.spreedly_token:
logging.warn("CreateUserTask: No spreedly token yet, retrying")
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash+c.SPREEDLY_APIKEY).hexdigest()).split(':')
except (AttributeError, ValueError):
return fail(Exception("Account information expired for %s" % membership.email))
try:
url = 'http://%s/users' % DOMAIN_HOST
payload = urllib.urlencode({
'username': username,
'password': password,
'first_name': membership.first_name,
'last_name': membership.last_name,
'secret': keymaster.get('api'),
})
logging.info("CreateUserTask: About to create user: "******"CreateUserTask: URL: "+url)
logging.info("CreateUserTask: Payload: "+payload)
resp = urlfetch.fetch(url, method='POST', payload=payload, deadline=120)
membership.username = username
membership.put()
logging.warn("CreateUserTask: I think that worked: HTTP "+str(resp.status_code))
# Send the welcome email.
SuccessHandler.send_email(membership)
except urlfetch.DownloadError, e:
logging.warn("CreateUserTask: API response error or timeout, retrying")
return retry()
def post(self, hash):
username = self.request.get('username')
password = self.request.get('password')
if password != self.request.get('password_confirm'):
self.redirect(self.request.path + "?message=Passwords don't match")
elif len(password) < 6:
self.redirect(self.request.path + "?message=Password must be 6 characters or longer")
else:
if not keymaster.get('api-secret'):
self.redirect(self.request.path + "?message=There was a caching error, please try again.")
else:
m = Membership.all().filter('hash =', hash).get()
try:
resp = urlfetch.fetch('http://hackerdojo-domain.appspot.com/users', method='POST', payload=urllib.urlencode({
'username': username,
'password': password,
'first_name': m.first_name,
'last_name': m.last_name,
'secret': keymaster.get('api-secret'),
}), deadline=10)
if 'try again' in resp.content:
self.redirect(self.request.path + "?message=There was a caching error, please try again.")
return
except urlfetch.DownloadError:
pass
usernames = fetch_usernames(False)
if username in usernames:
m.username = username
m.put()
self.redirect('/success/%s?email' % hash)
else:
mail.send_mail(sender=EMAIL_FROM,
to="Jeff Lindsay <*****@*****.**>",
subject="Error creating account",
body=resp.content)
self.redirect(self.request.path + "?message=There was a problem creating your account. Please contact an admin.")
def __init__(self, name, price_per_month, description,
human_name=None, aliases=[], signin_limit=None,
member_limit=None, legacy=None, selectable=True, full=False,
admin_only=False, desk=False, create_events=True):
""" The name of the plan in PinPayments. """
self.name = name
""" The user-facing name of this plan. """
if human_name:
self.human_name = human_name
else:
self.human_name = self.name.capitalize()
""" The ID of the plan in PinPayments. """
if not Config().is_testing:
self.plan_id = str(keymaster.get("plan.%s" % (self.name,)))
else:
# Just use the name as the ID for testing.
self.plan_id = self.name
logging.debug("Using plan_id for %s: %s" % (self.name, self.plan_id))
""" A description of the plan. """
self.description = description
""" Any other names that this plan could be referred to by. """
self.aliases = aliases
""" None if this is not a legacy plan, otherwise the non-legacy version of
the plan. """
self.legacy = legacy
if self.legacy:
self.legacy_pairs.add((self, self.legacy))
""" Whether only an admin can put people on this plan. """
self.admin_only = True if self.legacy else admin_only
""" Whether this plan is available for general selection. """
self.selectable = False if (self.legacy or self.admin_only) else selectable
""" Whether this plan is currently full. """
self.full = full
""" Whether a user on this plan can create new events. """
self.create_events = create_events
""" The monthly price of this plan. """
self.price_per_month = price_per_month
""" Whether this plan comes with a private desk. """
self.desk = desk
""" Maximum number of times these people can sign in per month. """
self.signin_limit = signin_limit
""" Maximum number of people that can be on this plan at once. """
self.member_limit = member_limit
Plan.all_plans.append(self)
def get(self, key):
logging.debug("Getting list of users for maglock.")
# The maglock is requesting a list of users.
if key != keymaster.get("maglock:key"):
self._rest_error("Unauthorized", "Invalid maglock key.", 401)
return
# Our key is valid. Give it the list.
query = db.GqlQuery("SELECT * FROM Membership WHERE rfid_tag != NULL" \
" AND status IN ('active', 'no_visits')")
response = []
for member in query.run():
response.append({"rfid_tag": member.rfid_tag,
"username": member.username})
self.response.out.write(json.dumps(response))
def restore(username):
conf = Config()
def fail(exception):
mail.send_mail(sender=conf.EMAIL_FROM,
to=conf.INTERNAL_DEV_EMAIL,
subject="[%s] User restore failure: " % (conf.APP_NAME, username),
body=str(exception))
logging.error("User restore failure: %s" % (exception))
try:
resp = urlfetch.fetch("http://%s/restore/%s" % \
(conf.DOMAIN_HOST, username),
method="POST", deadline=10,
payload=urllib.urlencode({"secret": keymaster.get("api")}),
follow_redirects=False)
except Exception, e:
return fail(e)
def post(self):
def fail(what, details):
mail.send_mail(
sender=EMAIL_FROM, to=INTERNAL_DEV_EMAIL, subject="[%s] CreateUserTask failure" % APP_NAME, body=details
)
def retry(countdown=None):
retries = int(self.request.get("retries", 0)) + 1
if retries <= 5:
taskqueue.add(
url="/tasks/create_user",
method="POST",
countdown=countdown,
params={"hash": self.request.get("hash"), "retries": retries},
)
else:
fail("Too many retries")
membership = Membership.get_by_hash(self.request.get("hash"))
if membership is None or membership.username:
return
if not membership.spreedly_token:
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash + SPREEDLY_APIKEY).hexdigest()).split(":")
except (AttributeError, ValueError):
return fail("Account information expired")
try:
resp = urlfetch.fetch(
"http://%s/users" % DOMAIN_HOST,
method="POST",
payload=urllib.urlencode(
{
"username": username,
"password": password,
"first_name": membership.first_name,
"last_name": membership.last_name,
"secret": keymaster.get(DOMAIN_USER),
}
),
deadline=10,
)
except urlfetch.DownloadError, e:
return retry()
def get(self):
if self.request.get('id'):
m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get()
if self.request.get('callback'): # jsonp callback support
self.response.out.write(self.request.get('callback')+"(");
if m:
email = '%s@%s' % (m.username, APPS_DOMAIN)
gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest()
self.response.out.write(simplejson.dumps({"gravatar": gravatar_url,"auto_signin":m.auto_signin, "status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username }))
else:
self.response.out.write(simplejson.dumps({}))
if self.request.get('callback'):
self.response.out.write(")");
else:
if self.request.get('maglock:key') == keymaster.get('maglock:key'):
self.response.out.write(simplejson.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in Membership.all().filter('rfid_tag !=', None).filter('status =', 'active')]))
else:
self.response.out.write("Access denied")
def get(self):
if self.request.get('id'):
m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get()
if self.request.get('callback'): # jsonp callback support
self.response.out.write(self.request.get('callback')+"(");
if m:
email = m.username + "@hackerdojo.com"
gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest()
self.response.out.write(simplejson.dumps({"gravatar": gravatar_url,"status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username }))
else:
self.response.out.write(simplejson.dumps({}))
if self.request.get('callback'):
self.response.out.write(")");
else:
if self.request.get('maglock:key') == keymaster.get('maglock:key'):
self.response.out.write(simplejson.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in Membership.all().filter('rfid_tag !=', None).filter('status =', 'active')]))
else:
self.response.out.write("Access denied")
def restore(self, username):
def fail(exception):
mail.send_mail(
sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] User restore failure: " % (APP_NAME, username),
body=str(exception),
)
logging.error("User restore failure: " + str(exception))
try:
resp = urlfetch.fetch(
"http://%s/restore/%s" % (DOMAIN_HOST, username),
method="POST",
deadline=10,
payload=urllib.urlencode({"secret": keymaster.get(DOMAIN_USER)}),
)
except Exception, e:
return fail(e)
def get(self, key):
logging.debug("Getting list of users for maglock.")
# The maglock is requesting a list of users.
if key != keymaster.get("maglock:key"):
self._rest_error("Unauthorized", "Invalid maglock key.", 401)
return
# Our key is valid. Give it the list.
query = db.GqlQuery("SELECT * FROM Membership WHERE rfid_tag != NULL" \
" AND status IN ('active', 'no_visits')")
response = []
for member in query.run():
response.append({
"rfid_tag": member.rfid_tag,
"username": member.username
})
self.response.out.write(json.dumps(response))
def get(self):
if self.request.get("id"):
m = Membership.all().filter("rfid_tag ==", self.request.get("id")).filter("status =", "active").get()
if self.request.get("callback"): # jsonp callback support
self.response.out.write(self.request.get("callback") + "(")
if m:
email = "%s@%s" % (m.username, APPS_DOMAIN)
gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest()
self.response.out.write(
simplejson.dumps(
{
"gravatar": gravatar_url,
"auto_signin": m.auto_signin,
"status": m.status,
"name": m.first_name + " " + m.last_name,
"rfid_tag": m.rfid_tag,
"username": m.username,
}
)
)
else:
self.response.out.write(simplejson.dumps({}))
if self.request.get("callback"):
self.response.out.write(")")
else:
if self.request.get("maglock:key") == keymaster.get("maglock:key"):
if self.request.get("machine"):
members = (
Membership.all()
.filter("rfid_tag !=", None)
.filter("status =", "active")
.filter("extra_" + self.request.get("machine") + " =", "True")
)
else:
members = Membership.all().filter("rfid_tag !=", None).filter("status =", "active")
self.response.out.write(
simplejson.dumps([{"rfid_tag": m.rfid_tag, "username": m.username} for m in members])
)
else:
self.response.out.write("Access denied")
def get(self):
if self.request.get('id'):
m = Membership.all().filter('rfid_tag ==', self.request.get('id')).filter('status =', 'active').get()
if self.request.get('callback'): # jsonp callback support
self.response.out.write(self.request.get('callback')+"(");
if m:
email = '%s@%s' % (m.username, APPS_DOMAIN)
gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(email.lower()).hexdigest()
self.response.out.write(json.dumps({"gravatar": gravatar_url,"auto_signin":m.auto_signin, "status" : m.status, "name" : m.first_name + " " + m.last_name, "rfid_tag" : m.rfid_tag, "username" : m.username }))
else:
self.response.out.write(json.dumps({}))
if self.request.get('callback'):
self.response.out.write(")");
else:
if self.request.get('maglock:key') == keymaster.get('maglock:key'):
if self.request.get('machine'):
members = Membership.all().filter('rfid_tag !=', None).filter('status =', 'active').filter("extra_"+self.request.get('machine')+' =',"True")
else:
members = Membership.all().filter('rfid_tag !=', None).filter('status =', 'active')
self.response.out.write(json.dumps([ {"rfid_tag" : m.rfid_tag, "username" : m.username } for m in members]))
else:
self.response.out.write("Access denied")
def post(self):
def fail(exception):
logging.error("CreateUserTask failed: %s" % exception)
mail.send_mail(sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] CreateUserTask failure" % APP_NAME,
body=str(exception))
def retry(countdown=None):
retries = int(self.request.get('retries', 0)) + 1
if retries <= 5:
taskqueue.add(url='/tasks/create_user', method='POST', countdown=countdown,
params={'hash': self.request.get('hash'), 'retries': retries})
else:
fail(Exception("Too many retries for %s" % self.request.get('hash')))
membership = Membership.get_by_hash(self.request.get('hash'))
if membership is None or membership.username:
return
if not membership.spreedly_token:
logging.warn("CreateUserTask: No spreedly token yet, retrying")
return retry(300)
try:
username, password = memcache.get(hashlib.sha1(membership.hash+SPREEDLY_APIKEY).hexdigest()).split(':')
except (AttributeError, ValueError):
return fail(Exception("Account information expired for %s" % membership.email))
try:
resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, method='POST', payload=urllib.urlencode({
'username': username,
'password': password,
'first_name': membership.first_name,
'last_name': membership.last_name,
'secret': keymaster.get(DOMAIN_USER),
}), deadline=10)
except urlfetch.DownloadError, e:
logging.warn("CreateUserTask: API response error or timeout, retrying")
return retry()
def __init__(self):
try:
# Check if we are running on the local dev server.
Config.is_dev = os.environ["SERVER_SOFTWARE"].startswith("Dev")
except KeyError:
pass
try:
self.APP_NAME = app_identity.get_application_id()
except AttributeError:
# We're calling code outside of GAE, so we must be testing.
self.APP_NAME = "testbed-test"
if self.APP_NAME == "testbed-test":
Config.is_testing = True
if not Config.is_dev:
# Check if we are running on the dev application.
Config.is_dev = "-dev" in self.APP_NAME
Config.is_prod = not (Config.is_dev or Config.is_testing)
self.ORG_NAME = "Hacker Dojo"
self.EMAIL_FROM = "Dojo Signup <no-reply@%s.appspotmail.com>" % \
self.APP_NAME
self.EMAIL_FROM_AYST = "Billing System <*****@*****.**>"
self.DAYS_FOR_KEY = 0
self.INTERNAL_DEV_EMAIL = "Internal Dev <*****@*****.**>"
self.DOMAIN_HOST = "hd-domain-hrd.appspot.com"
self.DOMAIN_USER = "******"
self.SUCCESS_HTML_URL = \
"http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/\
SubscriptionSuccess/_type/html"
self.PAYPAL_EMAIL = "PayPal <*****@*****.**>"
self.APPS_DOMAIN = "hackerdojo.com"
self.SIGNUP_HELP_EMAIL = "*****@*****.**"
self.TREASURER_EMAIL = "*****@*****.**"
self.GOOGLE_ANALYTICS_ID = "UA-11332872-2"
# How many visits per month we allow on the lite membership.
#TODO(danielp): Figure out the real number here.
self.LITE_VISITS = 8
# How many people can have desks in the hive at any one time.
self.HIVE_MAX_OCCUPANCY = 15
# How long someone can be suspended in days before we stop counting them
# when calculating whether their plan is full or not.
self.PLAN_USER_IGNORE_THRESHOLD = 30
if Config.is_testing:
self.SPREEDLY_ACCOUNT = "hackerdojotest"
# We can't use the datastore.
self.SPREEDLY_APIKEY = "testapikey"
logging.debug("Is testing.")
elif Config.is_dev:
self.SPREEDLY_ACCOUNT = "hackerdojotest"
self.SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojotest")
logging.debug("Is dev server.")
else:
self.SPREEDLY_ACCOUNT = "hackerdojo"
self.SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojo")
logging.debug("Is production server.")
def suspend(self, username):
def fail(self, exception):
mail.send_mail(sender=EMAIL_FROM,
to=INTERNAL_DEV_EMAIL,
subject="[%s] User suspension failure: " % (APP_NAME,username),
body=str(exception))
logging.error("User suspension failure: "+str(exception))
try:
resp = urlfetch.fetch('http://%s/suspend/%s' % (DOMAIN_HOST,username), method='POST', deadline=10, payload=urllib.urlencode({'secret': keymaster.get('api')}))
except Exception, e:
return fail(e)
def post(self, hash):
username = self.request.get('username')
password = self.request.get('password')
c = Config()
if password != self.request.get('password_confirm'):
self.redirect(str(self.request.path + "?message=Passwords don't match"))
elif len(password) < 8:
self.redirect(str(self.request.path + "?message=Password must be 8 characters or longer"))
else:
membership = Membership.get_by_hash(hash)
if membership.username:
self.redirect(str(self.request.path + "?message=You already have a user account"))
return
# Yes, storing their username and password temporarily so we can make their account later
memcache.set(str(hashlib.sha1(str(membership.hash)+c.SPREEDLY_APIKEY).hexdigest()),
'%s:%s' % (username, password), time=3600)
if membership.status == 'active':
taskqueue.add(url='/tasks/create_user', method='POST', params={'hash': membership.hash}, countdown=3)
self.redirect(str('http://%s/success/%s' % (self.request.host, membership.hash)))
else:
customer_id = membership.key().id()
# This code is not weird...
if "1337" in membership.referrer:
if len(membership.referrer) !=16:
error = "<p>Error: code must be 16 digits."
error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!"
error += "<p><a href='/'>Start again</a>"
self.response.out.write(render('templates/error.html', locals()))
return
serial = membership.referrer[4:8]
hash = membership.referrer[8:16]
confirmation_hash = re.sub('[a-f]','',hashlib.sha1(serial+keymaster.get('code:hash')).hexdigest())[:8]
if hash != confirmation_hash:
error = "<p>Error: this code was invavlid: "+ membership.referrer
error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!"
error += "<p><a href='/'>Start again</a>"
uc = UsedCode(code=membership.referrer,email=membership.email,extra="invalid code")
uc.put()
self.response.out.write(render('templates/error.html', locals()))
return
previous = UsedCode.all().filter('code =', membership.referrer).get()
if previous:
error = "<p>Error: this code has already been used: "+ membership.referrer
error += "<p>Please contact "+ SIGNUP_HELP_EMAIL+" if you believe this message is in error and we can help!"
error += "<p><a href='/'>Start again</a>"
uc = UsedCode(code=membership.referrer,email=membership.email,extra="2nd+ attempt")
uc.put()
self.response.out.write(render('templates/error.html', locals()))
return
headers = {'Authorization': "Basic %s" % base64.b64encode('%s:X' % c.SPREEDLY_APIKEY),
'Content-Type':'application/xml'}
# Create subscriber
data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % (customer_id, membership.email)
resp = urlfetch.fetch("https://spreedly.com/api/v4/%s/subscribers.xml" % (c.SPREEDLY_ACCOUNT),
method='POST', payload=data, headers = headers, deadline=5)
# Credit
data = "<credit><amount>95.00</amount></credit>"
resp = urlfetch.fetch("https://spreedly.com/api/v4/%s/subscribers/%s/credits.xml" % (c.SPREEDLY_ACCOUNT, customer_id),
method='POST', payload=data, headers=headers, deadline=5)
uc = UsedCode(code=membership.referrer,email=membership.email,extra='OK')
uc.put()
query_str = urllib.urlencode({'first_name': membership.first_name, 'last_name': membership.last_name,
'email': membership.email, 'return_url': 'http://%s/success/%s' % (self.request.host, membership.hash)})
# check if they are active already since we didn't create a new member above
# apparently the URL will be different
self.redirect(str("https://spreedly.com/%s/subscribers/%s/subscribe/%s/%s?%s" %
(c.SPREEDLY_ACCOUNT, customer_id, c.PLAN_IDS[membership.plan], username, query_str)))
DOMAIN_USER = '******'
SUCCESS_HTML_URL = 'http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/SubscriptionSuccess/_type/html'
PAYPAL_EMAIL = 'PayPal <*****@*****.**>'
APPS_DOMAIN = 'hackerdojo.com'
SIGNUP_HELP_EMAIL = '*****@*****.**'
TREASURER_EMAIL = '*****@*****.**'
GOOGLE_ANALYTICS_ID = 'UA-11332872-2'
try:
is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev')
except:
is_dev = False
if is_dev:
SPREEDLY_ACCOUNT = 'hackerdojotest'
SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest')
PLAN_IDS = {'full': '1957'}
else:
SPREEDLY_ACCOUNT = 'hackerdojo'
SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo')
PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'minor': '3660', 'full-check': '6479', 'hardship-check': '6480', 'worktrade': '6608' }
is_prod = not is_dev
def fetch_usernames(use_cache=True):
usernames = memcache.get('usernames')
if usernames and use_cache:
return usernames
else:
resp = urlfetch.fetch('http://%s/users' % DOMAIN_HOST, deadline=10)
if resp.status_code == 200:
def post(self, hash):
username = self.request.get("username")
password = self.request.get("password")
plan = self.request.get("plan")
plan_object = plans.Plan.get_by_name(plan)
account_url = str("/account/%s" % hash)
conf = Config()
if password != self.request.get("password_confirm"):
self.response.out.write(self.render("templates/account.html", locals(), message="Passwords do not match."))
self.response.set_status(422)
return
elif len(password) < 8:
self.response.out.write(
self.render("templates/account.html", locals(), message="Password must be at least 8 characters.")
)
self.response.set_status(422)
return
membership = Membership.get_by_hash(hash)
if membership.domain_user:
logging.warning("Duplicate user '%s' should have been caught" " in first step." % (membership.username))
self.response.out.write(
self.render("templates/account.html", locals(), message="You already have an account.")
)
self.response.set_status(422)
return
# Start saving the parameters for new-style accounts now, so that these
# people won't have to re-enter anything when we make the transition.
membership.set_password(password)
# Set a username and password in the datastore.
membership.username = username
membership.password = password
membership.put()
if membership.status in ("active", "no_visits"):
taskqueue.add(
url="/tasks/create_user",
method="POST",
params={"hash": membership.hash, "username": username, "password": password},
countdown=3,
)
self.redirect(str("http://%s/success/%s" % (self.request.host, membership.hash)))
return
customer_id = membership.key().id()
# All our giftcards start out with 1337.
if membership.referrer and "1337" in membership.referrer:
if len(membership.referrer) != 16:
message = "<p>Error: code must be 16 digits."
message += (
"<p>Please contact %s if you believe this \
message is in error and we can help!"
% (conf.SIGNUP_HELP_EMAIL)
)
message += '<p><a href="/">Start again</a>'
internal = False
self.response.out.write(self.render("templates/error.html", locals()))
self.response.set_status(422)
return
# A unique number on all the giftcards.
serial = membership.referrer[4:8]
# How we know it's valid.
hash = membership.referrer[8:16]
confirmation_hash = re.sub("[a-f]", "", hashlib.sha1(serial + keymaster.get("code:hash")).hexdigest())[:8]
if hash != confirmation_hash:
message = "<p>Error: this code was invalid: %s" % (membership.referrer)
message += (
"<p>Please contact %s if you believe this \
message is in error and we can help!"
% (conf.SIGNUP_HELP_EMAIL)
)
message += '<p><a href="/">Start again</a>'
internal = False
uc = UsedCode(code=membership.referrer, email=membership.email, extra="invalid code")
uc.put()
self.response.out.write(self.render("templates/error.html", locals()))
self.response.set_status(422)
return
previous = UsedCode.all().filter("code =", membership.referrer).get()
if previous:
message = "<p>Error: this code has already been used: " + membership.referrer
message += "<p>Please contact %s if you believe this" " message is in error and we can help!" % (
conf.SIGNUP_HELP_EMAIL
)
message += '<p><a href="/">Start again</a>'
internal = False
uc = UsedCode(code=membership.referrer, email=membership.email, extra="2nd+ attempt")
uc.put()
self.response.out.write(self.render("templates/error.html", locals()))
self.response.set_status(422)
return
# If we're testing, I don't want it doing random things on
# pinpayments.
if not Config().is_testing:
headers = {
"Authorization": "Basic %s" % base64.b64encode("%s:X" % conf.get_api_key()),
"Content-Type": "application/xml",
}
# Create subscriber
data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % (
customer_id,
membership.email,
)
resp = urlfetch.fetch(
"https://subs.pinpayments.com" "/api/v4/%s/subscribers.xml" % (conf.SPREEDLY_ACCOUNT),
method="POST",
payload=data,
headers=headers,
deadline=5,
)
# Credit
data = "<credit><amount>95.00</amount></credit>"
resp = urlfetch.fetch(
"https://subs.pinpayments.com/api/v4"
"/%s/subscribers/%s/credits.xml" % (conf.SPREEDLY_ACCOUNT, customer_id),
method="POST",
payload=data,
headers=headers,
deadline=5,
)
uc = UsedCode(code=membership.referrer, email=membership.email, extra="OK")
uc.put()
# Redirect them to the PinPayments page, where they actually pay.
self.redirect(membership.new_subscribe_url(self.request.host, plan=plan))
DOMAIN_USER = "******"
SUCCESS_HTML_URL = "http://hackerdojo.pbworks.com/api_v2/op/GetPage/page/SubscriptionSuccess/_type/html"
PAYPAL_EMAIL = "PayPal <*****@*****.**>"
APPS_DOMAIN = "hackerdojo.com"
SIGNUP_HELP_EMAIL = "*****@*****.**"
TREASURER_EMAIL = "*****@*****.**"
GOOGLE_ANALYTICS_ID = "UA-11332872-2"
try:
is_dev = os.environ["SERVER_SOFTWARE"].startswith("Dev")
except:
is_dev = False
if is_dev:
SPREEDLY_ACCOUNT = "hackerdojotest"
SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojotest")
PLAN_IDS = {"full": "1957"}
else:
SPREEDLY_ACCOUNT = "hackerdojo"
SPREEDLY_APIKEY = keymaster.get("spreedly:hackerdojo")
PLAN_IDS = {
"full": "1987",
"hardship": "2537",
"supporter": "1988",
"family": "3659",
"worktrade": "6608",
"comped": "15451",
"threecomp": "18158",
"yearly": "18552",
"fiveyear": "18853",
"thielcomp": "19616",
import keymaster
import base64
import sys
APP_NAME = 'hd-signup'
EMAIL_FROM = "Dojo Signup <no-reply@%s.appspotmail.com>" % APP_NAME
DAYS_FOR_KEY = 60
try:
is_dev = os.environ['SERVER_SOFTWARE'].startswith('Dev')
except:
is_dev = False
if is_dev:
SPREEDLY_ACCOUNT = 'hackerdojotest'
SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojotest')
PLAN_IDS = {'full': '1957'}
else:
SPREEDLY_ACCOUNT = 'hackerdojo'
SPREEDLY_APIKEY = keymaster.get('spreedly:hackerdojo')
PLAN_IDS = {'full': '1987', 'hardship': '2537', 'supporter': '1988', 'family': '3659', 'minor': '3660', 'full-check': '6479', 'hardship-check': '6480', 'worktrade': '6608' }
is_prod = not is_dev
def fetch_usernames(use_cache=True):
usernames = memcache.get('usernames')
if usernames and use_cache:
return usernames
else:
resp = urlfetch.fetch('http://domain.hackerdojo.com/users', deadline=10)
if resp.status_code == 200:
def post(self, hash):
username = self.request.get("username")
password = self.request.get("password")
plan = self.request.get("plan")
plan_object = plans.Plan.get_by_name(plan)
account_url = str("/account/%s" % hash)
conf = Config()
if password != self.request.get("password_confirm"):
self.response.out.write(
self.render("templates/account.html",
locals(),
message="Passwords do not match."))
self.response.set_status(422)
return
elif len(password) < 8:
self.response.out.write(
self.render("templates/account.html",
locals(),
message="Password must be at least 8 characters."))
self.response.set_status(422)
return
membership = Membership.get_by_hash(hash)
if membership.domain_user:
logging.warning(
"Duplicate user '%s' should have been caught" \
" in first step." % (membership.username))
self.response.out.write(
self.render("templates/account.html",
locals(),
message="You already have an account."))
self.response.set_status(422)
return
# Start saving the parameters for new-style accounts now, so that these
# people won't have to re-enter anything when we make the transition.
membership.set_password(password)
# Set a username and password in the datastore.
membership.username = username
membership.password = password
membership.put()
if membership.status in ("active", "no_visits"):
taskqueue.add(url="/tasks/create_user",
method="POST",
params={
"hash": membership.hash,
"username": username,
"password": password
},
countdown=3)
self.redirect(
str("http://%s/success/%s" %
(self.request.host, membership.hash)))
return
customer_id = membership.key().id()
# All our giftcards start out with 1337.
if (membership.referrer and "1337" in membership.referrer):
if len(membership.referrer) != 16:
message = "<p>Error: code must be 16 digits."
message += "<p>Please contact %s if you believe this \
message is in error and we can help!" % \
(conf.SIGNUP_HELP_EMAIL)
message += "<p><a href=\"/\">Start again</a>"
internal = False
self.response.out.write(
self.render("templates/error.html", locals()))
self.response.set_status(422)
return
# A unique number on all the giftcards.
serial = membership.referrer[4:8]
# How we know it's valid.
hash = membership.referrer[8:16]
confirmation_hash = re.sub(
"[a-f]", "",
hashlib.sha1(serial +
keymaster.get("code:hash")).hexdigest())[:8]
if hash != confirmation_hash:
message = "<p>Error: this code was invalid: %s" % \
(membership.referrer)
message += "<p>Please contact %s if you believe this \
message is in error and we can help!" % \
(conf.SIGNUP_HELP_EMAIL)
message += "<p><a href=\"/\">Start again</a>"
internal = False
uc = UsedCode(code=membership.referrer,
email=membership.email,
extra="invalid code")
uc.put()
self.response.out.write(
self.render("templates/error.html", locals()))
self.response.set_status(422)
return
previous = UsedCode.all().filter("code =",
membership.referrer).get()
if previous:
message = "<p>Error: this code has already been used: " + membership.referrer
message += "<p>Please contact %s if you believe this" \
" message is in error and we can help!" % \
(conf.SIGNUP_HELP_EMAIL)
message += "<p><a href=\"/\">Start again</a>"
internal = False
uc = UsedCode(code=membership.referrer,
email=membership.email,
extra="2nd+ attempt")
uc.put()
self.response.out.write(
self.render("templates/error.html", locals()))
self.response.set_status(422)
return
# If we're testing, I don't want it doing random things on
# pinpayments.
if not Config().is_testing:
headers = {"Authorization": "Basic %s" % \
base64.b64encode("%s:X" % conf.get_api_key()),
"Content-Type":"application/xml"}
# Create subscriber
data = "<subscriber><customer-id>%s</customer-id><email>%s</email></subscriber>" % (
customer_id, membership.email)
resp = \
urlfetch.fetch("https://subs.pinpayments.com"
"/api/v4/%s/subscribers.xml" % \
(conf.SPREEDLY_ACCOUNT),
method="POST", payload=data,
headers = headers, deadline=5)
# Credit
data = "<credit><amount>95.00</amount></credit>"
resp = \
urlfetch.fetch("https://subs.pinpayments.com/api/v4"
"/%s/subscribers/%s/credits.xml" % \
(conf.SPREEDLY_ACCOUNT, customer_id),
method="POST", payload=data,
headers=headers, deadline=5)
uc = UsedCode(code=membership.referrer,
email=membership.email,
extra="OK")
uc.put()
# Redirect them to the PinPayments page, where they actually pay.
self.redirect(
membership.new_subscribe_url(self.request.host, plan=plan))