def email_profile_to(self, to_email):
message = (f"{self.get_full_name()} has just signed up on the portal."
f"Their email is {self.user.email}.")
email_vars = {
"preheader": "",
"title": "New member signup",
"message": message
}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
subject = "A new member signed up! ({})".format(self.get_full_name())
postmark = PostmarkClient(server_token=config.POSTMARK_API_KEY)
postmark.emails.send(
From=config.EMAIL_DEFAULT_FROM,
To=to_email,
Subject=subject,
HtmlBody=email_string,
)
log_user_event(
self.user,
"Sent email with subject: " + subject,
"email",
"Email content: " + email_string,
)
return True
def issue(request):
# Handle submission.
if request.method == "POST":
print(request.POST.get("title"))
if request.POST.get("title") and request.POST.get("description"):
if "PORTAL_TRELLO_API_KEY" in os.environ and "PORTAL_TRELLO_API_TOKEN" in os.environ:
issue = request.POST.get("title", "")
details = request.POST.get("description", "")
url = "https://api.trello.com/1/cards"
trelloKey = os.environ.get("PORTAL_TRELLO_API_KEY")
trelloToken = os.environ.get("PORTAL_TRELLO_API_TOKEN")
querystring = {"name": issue, "desc": details, "pos": "top", "idList": "5529dd886d658fdace75c830",
"keepFromSource": "all", "key": trelloKey, "token": trelloToken}
response = requests.request("POST", url, params=querystring)
if response.status_code == 200:
log_user_event(request.user, "Submitted issue: " + issue + " Content: " + details, "generic")
return render(request, "issue.html", {"message": "Submission Successful!"})
else:
return render(request, "issue.html",
{"error": "Sorry but there was a server side error."})
else:
return render(request, "issue.html",
{"error": "Sorry but there was a server side error: Trello API is not configured."})
return render(request, "issue.html", {"error": "Invalid form submission..."})
# render template normally
return render(request, "issue.html")
def edit_group(request, group_id):
"""
The edit group (admin) view.
:param request:
:param group_id: group id to edit
:return:
"""
group = get_object_or_404(Group, pk=group_id)
if not request.user.profile.can_manage_groups or group not in request.user.profile.can_manage_group.all():
return HttpResponseForbidden("You do not have permission to access that.")
if request.method == "POST":
form = CauseForm(request.POST, instance=group)
if form.is_valid():
# if it was a form submission save it
form.save()
log_user_event(
request.user,
f"Edited {group.name} {config.GROUP_NAME}.",
"admin", form)
return HttpResponseRedirect("%s" % (reverse("manage_groups")))
else:
# otherwise return form with errors
return render(request, "edit_group.html", {"form": form})
else:
# if it's not a form submission, return an empty form
form = CauseForm(instance=Group.objects.get(pk=group_id))
return render(request, "edit_group.html", {"form": form})
def email_profile_to(self, to_email):
message = (f"{self.get_full_name()} has just signed up on the portal."
f"Their email is {self.user.email}.")
email_vars = {
"preheader": "",
"title": "New member signup",
"message": message
}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
subject = "A new member signed up! ({})".format(self.get_full_name())
sg = sendgrid.SendGridAPIClient(config.SENDGRID_API_KEY)
from_email = From(config.EMAIL_DEFAULT_FROM)
to_email = To(to_email)
content = Content("text/html", email_string)
mail = Mail(from_email, to_email, subject, content)
response = sg.send(mail)
if response.status_code == 202:
log_user_event(
self.user,
"Sent email with subject: " + subject,
"email",
"Email content: " + email_string,
)
return True
def send_single_email(user, email, subject, title, message):
message = escape(message)
message = message.replace("~br~", "<br>")
email_vars = {"preheader": "", "title": title, "message": message}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
if "PORTAL_SENDGRID_API_KEY" in os.environ:
sg = sendgrid.SendGridAPIClient(
os.environ.get("PORTAL_SENDGRID_API_KEY"))
from_email = From(config.EMAIL_DEFAULT_FROM)
to_email = To(email)
subject = subject
content = Content("text/html", email_string)
mail = Mail(from_email, to_email, subject, content)
response = sg.send(mail)
if response.status_code == 202:
log_user_event(user, "Sent email with subject: " + subject,
"email", "Email content: " + message)
return True
else:
return False
log_user_event(user, "Failed to send email with subject: " + subject,
"email", "Email content: " + message)
raise RuntimeError("No SendGrid API key found in environment variables.")
def edit_profile(request):
"""
The edit user profile view.
:param request:
:return:
"""
if request.method == "POST":
user_form = EditUserForm(request.POST, instance=request.user)
profile_form = EditProfileForm(
request.POST, instance=request.user.profile)
if user_form.is_valid() and profile_form.is_valid():
# if it was a form submission save it
user_form.save()
profile_form.save()
if request.user.profile.must_update_profile:
request.user.profile.must_update_profile = False
request.user.profile.save()
log_user_event(request.user, "User profile edited.", "profile")
return HttpResponseRedirect("%s" % (reverse("profile")))
else:
# if it's not a form submission, return an empty form
user_form = EditUserForm(instance=request.user)
profile_form = EditProfileForm(instance=request.user.profile)
return render(
request, "edit_profile.html",
{"user_form": user_form, "profile_form": profile_form})
def send_single_email(
user: object,
email: object,
subject: object,
title: object,
message: object,
) -> object:
message = escape(message)
message = message.replace("~br~", "<br>")
email_vars = {"preheader": "", "title": title, "message": message}
email_string = render_to_string(
"email_without_button.html", {"email": email_vars, "config": config}
)
postmark = PostmarkClient(server_token=config.POSTMARK_API_KEY)
postmark.emails.send(
From=config.EMAIL_DEFAULT_FROM, To=email, Subject=subject, HtmlBody=email_string
)
log_user_event(
user,
"Sent email with subject: " + subject,
"email",
"Email content: " + message,
)
return True
def admin_add_memberbucks(request, member_id, amount):
if not request.user.profile.can_see_members_memberbucks:
return HttpResponseForbidden(permission_message)
if request.method == "GET":
user = User.objects.get(pk=member_id)
# Convert from cents
amount = round(amount / 100, 2)
if amount > 50:
return HttpResponseBadRequest("Invalid amount.")
transaction = MemberBucks()
transaction.amount = amount
transaction.user = user
transaction.description = "Manually added by administrator."
transaction.transaction_type = "bank"
transaction.logging_info = ""
transaction.save()
log_user_event(request.user, "Manually added ${} to {}.".format(amount, user.profile.get_full_name()),
"memberbucks")
log_user_event(user, "{} manually added ${} to {}.".format(request.user.profile.get_full_name(), amount,
user.profile.get_full_name()), "stripe")
return JsonResponse({"success": True})
else:
return HttpResponseBadRequest("Invalid request method.")
def reboot_door(request, door_id):
if not request.user.profile.can_manage_doors:
return HttpResponseForbidden("You do not have permission to access that.")
door = Doors.objects.get(pk=door_id)
log_user_event(
request.user, "Rebooted {} door via API.".format(door.name), "interlock"
)
return JsonResponse({"success": door.reboot()})
def resend_welcome_email(request, member_id):
success = User.objects.get(pk=member_id).email_welcome()
log_user_event(request.user, "Resent welcome email.", "profile")
if success:
return JsonResponse({"message": success})
else:
return JsonResponse(
{"message": "Couldn't email member, unknown error."})
def reset_password(self):
log_user_event(self, "Password reset requested", "profile")
self.password_reset_key = uuid.uuid4()
self.password_reset_expire = timezone.now() + timedelta(hours=24)
self.save()
self.email_password_reset(
f"{config.SITE_URL}/profile/password/reset/{self.password_reset_key}"
)
return True
def delete_group(request, group_id):
group = get_object_or_404(Group, pk=group_id)
if not request.user.profile.can_manage_groups or group not in request.user.profile.can_manage_group.all():
return HttpResponseForbidden("You do not have permission to access that.")
group.delete()
log_user_event(request.user, "Deleted {} group.".format(group.name), "admin")
return HttpResponseRedirect(reverse("manage_groups"))
def sync_xero_accounts(request):
from .xerohelpers import sync_xero_accounts
success = sync_xero_accounts(User.objects.all().prefetch_related())
log_user_event(request.user, "Resynced xero accounts.", "profile")
if success:
return JsonResponse({"message": success})
else:
return JsonResponse(
{"message": "Couldn't sync xero accounts, unknown error."})
def change_password(request):
if request.method == "POST":
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
user = form.save()
update_session_auth_hash(request, user)
log_user_event(request.user, "User password changed.", "profile")
return redirect("profile")
else:
return render(request, "change_password.html", {"form": form})
else:
form = PasswordChangeForm(request.user)
return render(request, "change_password.html", {"form": form})
def bump_door(request, door_id):
if not request.user.profile.can_manage_doors:
return HttpResponseForbidden("You do not have permission to access that.")
door = Doors.objects.get(pk=door_id)
if door in request.user.profile.doors.all():
log_user_event(
request.user, "Bumped {} door via API.".format(door.name), "door"
)
return JsonResponse({"success": door.unlock()})
return JsonResponse(
{"success": False, "message": "You are not authorised to access that door."}
)
def __send_email(self, subject, body):
postmark = PostmarkClient(server_token=config.POSTMARK_API_KEY)
postmark.emails.send(
From=config.EMAIL_DEFAULT_FROM,
To=self.email,
Subject=subject,
HtmlBody=body,
)
log_user_event(
self,
"Sent email with subject: " + subject,
"email",
"Email content: " + body,
)
return True
def send_group_email(user, emails, subject, title, message):
message = escape(message)
message = message.replace("~br~", "<br>")
email_vars = {"preheader": "", "title": title, "message": message}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
emails.append(config.EMAIL_ADMIN)
mail = Mail()
for to_email in emails:
print(to_email)
# Create new instance for each email
personalization = Personalization()
# Add email addresses to personalization instance
personalization.add_to(Email(to_email))
# Add personalization instance to Mail object
mail.add_personalization(personalization)
# Add data that is common to all personalizations
mail.from_email = Email(config.EMAIL_DEFAULT_FROM)
mail.reply_to = Email(user.email)
mail.subject = subject
mail.add_content(Content("text/html", email_string))
# Send
sg = sendgrid.SendGridAPIClient(config.SENDGRID_API_KEY)
response = sg.send(mail)
if response.status_code == 202:
log_user_event(
user,
"Sent email with subject: " + subject,
"email",
"Email content: " + email_string,
)
return True
else:
log_user_event(
user,
"Failed to send email with subject: " + subject,
"email",
"Email content: " + email_string,
)
return False
def __send_email(self, subject, body):
sg = sendgrid.SendGridAPIClient(config.SENDGRID_API_KEY)
from_email = From(config.EMAIL_DEFAULT_FROM)
to_email = To(self.email)
subject = subject
content = Content("text/html", body)
mail = Mail(from_email, to_email, subject, content)
response = sg.send(mail)
if response.status_code == 202:
log_user_event(
self,
"Sent email with subject: " + subject,
"email",
"Email content: " + body,
)
return True
def deactivate(self, request=None):
if request:
log_user_event(
self.user,
request.user.profile.get_full_name() + " deactivated member",
"profile",
)
else:
log_user_event(
self.user,
"system deactivated member",
"profile",
)
self.user.email_disable_member()
self.state = "inactive"
self.save()
return True
def edit_theme_song(request):
if request.method == "POST":
theme_form = ThemeForm(request.POST, request.FILES,
instance=request.user.profile)
if theme_form.is_valid():
# todo: pass the uploaded file (or removal request) to asterisk
# handle_uploaded_file(request.FILES["theme"])
theme_form.save()
log_user_event(request.user, "User theme updated.", "profile")
return HttpResponseRedirect("%s" % (reverse("edit_theme_song")))
else:
# if it"'s not a form submission, return an empty form
theme_form = ThemeForm(instance=request.user.profile)
return render(
request, "edit_theme_song.html",
{"theme_form": theme_form}, )
def email_profile_to(self, to_email):
groups = self.groups.all()
groups_string = "none :("
if groups.count() == 3:
groups_string = "{}, {} and {}".format(groups[0], groups[1],
groups[2])
elif groups.count() == 2:
groups_string = "{} and {}".format(groups[0], groups[1])
elif groups.count() == 1:
groups_string = groups[0]
message = (
f"{self.get_full_name()} has just signed up. Their membership level is {self.member_type} and their selected {config.GROUP_NAME} are {groups_string}. "
f"Their email is {self.user.email}.")
email_vars = {
"preheader": "",
"title": "New member signup",
"message": message
}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
subject = "A new member signed up! ({})".format(self.get_full_name())
sg = sendgrid.SendGridAPIClient(config.SENDGRID_API_KEY)
from_email = From(config.EMAIL_DEFAULT_FROM)
to_email = To(to_email)
content = Content("text/html", email_string)
mail = Mail(from_email, to_email, subject, content)
response = sg.send(mail)
if response.status_code == 202:
log_user_event(
self.user,
"Sent email with subject: " + subject,
"email",
"Email content: " + email_string,
)
return True
def activate(self, request=None):
if request:
log_user_event(
self.user,
request.user.profile.get_full_name() + " activated member",
"profile",
)
else:
log_user_event(
self.user,
"system activated member",
"profile",
)
if self.state != "noob":
self.user.email_enable_member()
self.state = "active"
self.save()
return True
def manage_groups(request):
if not request.user.profile.can_manage_groups:
return HttpResponseForbidden("You do not have permission to access that.")
# if we want to add a group
if request.method == "POST":
form = CauseForm(request.POST)
if form.is_valid():
form.save()
log_user_event(
request.user,
f"Created {form.cleaned_data.get('name')} {config.GROUP_NAME}.",
"admin", form)
return HttpResponseRedirect(reverse("manage_groups"))
else:
form = CauseForm()
groups = Group.objects.all()
return render(request, "manage_groups.html", {"form": form, "groups": groups})
def admin_edit_member(request, member_id):
"""
Part of the process for our ajax requests for the member list.
:param request:
:param member_id:
:return:
"""
if not request.user.profile.can_see_members_personal_details:
return HttpResponseForbidden(permission_message)
profile = get_object_or_404(Profile, user=member_id)
data = dict()
profile_form = AdminEditProfileForm(instance=profile)
user_form = AdminEditUserForm(instance=profile.user)
form_valid = False
if request.method == "POST":
# if it's a form submission pass it to the form
profile_form = AdminEditProfileForm(request.POST, instance=profile)
user_form = AdminEditUserForm(request.POST, instance=profile.user)
if profile_form.is_valid() and user_form.is_valid():
# if it's a valid form submission then save and log it
try:
profile_form.save()
user_form.save()
form_valid = True
log_user_event(profile.user, request.user.profile.get_full_name() + " edited user profile.", "profile")
except IntegrityError:
form_valid = False
# render the form and return it
data["form_is_valid"] = form_valid
data["html_form"] = render_to_string(
"partial_admin_edit_member.html",
{"profile_form": profile_form, "user_form": user_form,
"member_id": member_id, "profile": profile, "config": config}, request=request)
return JsonResponse(data)
def send_single_email(
user: object,
email: object,
subject: object,
title: object,
message: object,
from_user=False,
) -> object:
message = escape(message)
message = message.replace("~br~", "<br>")
email_vars = {"preheader": "", "title": title, "message": message}
email_string = render_to_string("email_without_button.html", {
"email": email_vars,
"config": config
})
sg = sendgrid.SendGridAPIClient(config.SENDGRID_API_KEY)
from_email = From(config.EMAIL_DEFAULT_FROM)
to_email = To(email)
subject = subject
content = Content("text/html", email_string)
mail = Mail(from_email, to_email, subject, content)
if from_user:
mail.reply_to = ReplyTo(user.email, user.profile.get_full_name())
response = sg.send(mail)
if response.status_code == 202:
log_user_event(
user,
"Sent email with subject: " + subject,
"email",
"Email content: " + message,
)
return True
else:
return False
def get(self, request):
profile = request.user.profile
if not profile.stripe_customer_id:
try:
log_user_event(request.user,
"Attempting to create stripe customer.",
"stripe")
customer = stripe.Customer.create(
email=request.user.email,
name=profile.get_full_name(),
phone=profile.phone,
)
profile.stripe_customer_id = customer.id
profile.save()
log_user_event(
request.user,
f"Created stripe customer {request.user.profile.get_full_name()} (Stripe ID: {customer.id}).",
"stripe",
)
intent = stripe.SetupIntent.create(
customer=profile.stripe_customer_id)
return Response({"clientSecret": intent.client_secret})
except stripe.error.StripeError as e:
log_user_event(
request.user,
"Unknown stripe while saving payment details.",
"stripe",
request,
)
return Response(
{
"success": False,
"message": str(e),
},
status=status.HTTP_503_SERVICE_UNAVAILABLE,
)
except Exception as e:
log_user_event(
request.user,
"Unknown other error while saving payment details.",
"stripe",
request,
)
return Response(
{
"success": False,
"message": "Unknown error (unrelated to stripe).",
},
status=status.HTTP_503_SERVICE_UNAVAILABLE,
)
else:
intent = stripe.SetupIntent.create(
customer=profile.stripe_customer_id)
return Response({"clientSecret": intent.client_secret})
def add_memberbucks(request, amount=None):
if request.method == "GET":
if "PORTAL_STRIPE_SECRET_KEY" in os.environ:
stripe.api_key = os.environ["PORTAL_STRIPE_SECRET_KEY"]
stripe.default_http_client = stripe.http_client.RequestsClient()
else:
return HttpResponseServerError("No stripe API details found.")
if amount is not None:
# lets restrict this to something reasonable
if amount <= 30:
log_user_event(
request.user, "Attempting to charge {} for ${}.".format(
request.user.profile.get_full_name(), amount),
"stripe")
charge = stripe.Charge.create(
amount=amount * 100, # convert to cents,
currency="aud",
description=
f"{config.MEMBERBUCKS_NAME} ({request.user.profile.get_full_name()})",
customer=request.user.profile.stripe_customer_id,
metadata={
"Payment By": request.user.profile.get_full_name(),
"For": f"{config.MEMBERBUCKS_NAME} Top Up"
},
)
if charge.paid:
transaction = MemberBucks()
transaction.amount = amount
transaction.user = request.user
transaction.description = f"Added {config.MEMBERBUCKS_NAME} via Stripe"
transaction.transaction_type = "stripe"
transaction.logging_info = charge
transaction.save()
log_user_event(
request.user,
"Successfully charged {} for ${}.".format(
request.user.profile.get_full_name(),
amount), "stripe")
subject = f"You just added {config.MEMBERBUCKS_NAME} to your {config.SITE_OWNER} account."
request.user.email_notification(
subject, subject, subject,
f"We just charged you card for ${amount} and "
f"added this to your {config.MEMBERBUCKS_NAME} balance."
"If this wasn't you, please let us know "
"immediately.")
return JsonResponse({"success": True})
else:
log_user_event(
request.user, "Problem charging {}.".format(
request.user.profile.get_full_name()), "stripe")
subject = f"Failed to add {config.MEMBERBUCKS_NAME} to your {config.SITE_OWNER} account."
request.user.email_notification(
subject, subject, subject,
"We just tried to charge your card for"
f"${amount} for {config.MEMBERBUCKS_NAME} but were not "
"successful. If this wasn't you, please "
"let us know immediately.")
return JsonResponse({"success": False})
else:
log_user_event(
request.user,
f"Tried to add invalid amount {amount} to {config.MEMBERBUCKS_NAME} via stripe.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success": False,
"message": "Invalid amount."
})
else:
return HttpResponseBadRequest("Invalid method")
def memberbucks_debit(request,
amount=None,
description="No Description",
rfid=None):
if amount is not None:
if abs(amount / 100) > 10:
return HttpResponseBadRequest(
"400 Invalid request. A maximum of $10 may be debited with this API."
)
if request.method == "GET":
if amount is None or rfid is None:
return HttpResponseBadRequest("400 Invalid request.")
amount = abs(amount / 100)
try:
profile = Profile.objects.get(rfid=rfid)
except ObjectDoesNotExist:
return HttpResponseBadRequest(
"400 Invalid request. User does not exist.")
elif request.method == "POST":
details = json.loads(request.body)
amount = abs(
details["amount"] / 100
) # the abs() stops us accidentally crediting an account if it's negative
description = details["description"]
profile = Profile.objects.get(rfid=details["rfid_code"])
else:
return HttpResponseBadRequest("400 Invalid request method.")
if profile.memberbucks_balance >= amount:
time_dif = (timezone.now() -
profile.last_memberbucks_purchase).total_seconds()
print(time_dif)
if time_dif > 5:
transaction = MemberBucks()
transaction.amount = amount * -1.0
transaction.user = profile.user
transaction.description = description.replace("+", " ")
transaction.transaction_type = "card"
transaction.save()
profile.last_memberbucks_purchase = timezone.now()
profile.save()
subject = f"You just made a ${amount} {config.MEMBERBUCKS_NAME} purchase."
message = "Description: {}. Balance Remaining: ${}. If this wasn't you, or you believe there has been an " \
"error, please let us know.".format(transaction.description, profile.memberbucks_balance)
User.objects.get(profile=profile).email_notification(
subject, subject, subject, message)
log_user_event(
profile.user,
f"Successfully debited ${amount} from {config.MEMBERBUCKS_NAME} account.",
"memberbucks")
return JsonResponse({
"success":
True,
"balance":
round(profile.memberbucks_balance, 2)
})
else:
return JsonResponse({
"success":
False,
"balance":
round(profile.memberbucks_balance, 2),
"message":
"Whoa! Not so fast!!"
})
# not enough $$
log_user_event(
profile.user,
f"Not enough funds to debit ${amount} from {config.MEMBERBUCKS_NAME} account.",
"memberbucks")
subject = f"Failed to make a ${amount} {config.MEMBERBUCKS_NAME} purchase."
User.objects.get(profile=profile).email_notification(
subject, subject, subject,
f"We just tried to debit ${amount} from your {config.MEMBERBUCKS_NAME} balance but were not successful. "
f"You currently have ${profile.memberbucks_balance}. If this wasn't you, please let us know "
"immediately.")
return JsonResponse({
"success": False,
"balance": round(profile.memberbucks_balance, 2)
})
def post(self, request):
body = request.data
title = body["title"]
description = request.user.profile.get_full_name(
) + ": " + body["description"]
if not (title and description):
return Response(status=status.HTTP_400_BAD_REQUEST)
use_trello = config.ENABLE_TRELLO_INTEGRATION
trello_key = config.TRELLO_API_KEY
trello_token = config.TRELLO_API_TOKEN
trello_id_list = config.TRELLO_ID_LIST
if use_trello:
url = "https://api.trello.com/1/cards"
querystring = {
"name": title,
"desc": description,
"pos": "top",
"idList": trello_id_list,
"keepFromSource": "all",
"key": trello_key,
"token": trello_token,
}
response = requests.request("POST", url, params=querystring)
if response.status_code == 200:
log_user_event(
request.user,
"Submitted issue: " + title + " Content: " + description,
"generic",
)
return Response(
{
"success": True,
"url": response.json()["shortUrl"]
},
status=status.HTTP_201_CREATED,
)
else:
return Response(status=status.HTTP_500_INTERNAL_SERVER_ERROR)
# if Trello isn't configured, use email instead
else:
subject = (
f"{request.user.profile.get_full_name()} submitted an issue ({title})"
)
if send_single_email(
request.user,
config.EMAIL_ADMIN,
subject,
subject,
description,
from_user=True,
):
return Response(
{"success": True},
status=status.HTTP_201_CREATED,
)
else:
return Response(status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def add_memberbucks_payment_info(request):
if request.method == "POST":
if "PORTAL_STRIPE_SECRET_KEY" in os.environ:
stripe.api_key = os.environ["PORTAL_STRIPE_SECRET_KEY"]
stripe.default_http_client = stripe.http_client.RequestsClient()
else:
return HttpResponseServerError("Can't find stripe API details.")
try:
log_user_event(request.user,
"Attempting to create stripe customer.", "stripe")
customer = stripe.Customer.create(
source=request.POST.get("stripeToken"),
email=request.POST.get("stripeEmail"),
)
profile = request.user.profile
profile.stripe_customer_id = customer.id
profile.stripe_card_expiry = str(
customer.sources.data[0]["exp_month"]) + "/" + str(
customer.sources.data[0]["exp_year"])
profile.stripe_card_last_digits = customer.sources.data[0]["last4"]
profile.save()
log_user_event(
request.user, "Created stripe customer.".format(
request.user.profile.get_full_name()), "stripe")
subject = f"You just added a payment card to your {config.SITE_OWNER} account."
request.user.email_notification(
subject, subject, subject,
"Don't worry, your card details are stored safe "
"with Stripe and are not on our servers. You "
"can remove this card at any time via the "
f"{config.SITE_NAME}.")
except stripe.error.CardError as e:
# Since it's a decline, stripe.error.CardError will be caught
body = e.json_body
err = body.get("error", {})
log_user_event(request.user,
"Card declined while saving payment details.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
err
})
except stripe.error.RateLimitError as e:
log_user_event(request.user,
"Rate limtied while saving payment details.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
"Our server is talking to stripe too quickly, try again later."
})
except stripe.error.InvalidRequestError as e:
log_user_event(request.user,
"Invalid request while saving payment details.",
"stripe", request)
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
"There was an error with the request details."
})
except stripe.error.AuthenticationError as e:
log_user_event(
request.user,
"Can't authenticate with stripe while saving payment details.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
"Our server was unable to authenticate with the Stripe server."
})
except stripe.error.APIConnectionError as e:
log_user_event(
request.user,
"Stripe API connection error while saving payment details.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
"Our server was unable to communicate with the Stripe server."
})
except stripe.error.StripeError as e:
log_user_event(request.user,
"Unkown stripe while saving payment details.",
"stripe", request)
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
e
})
except Exception as e:
log_user_event(request.user,
"Unkown other error while saving payment details.",
"stripe", request)
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success":
False,
"message":
"Unkown error (unrelated to stripe)."
})
log_user_event(request.user, "Successfully saved payment details.",
"stripe")
return render(
request, "add_memberbucks.html", {
"PORTAL_STRIPE_PUBLIC_KEY":
os.environ["PORTAL_STRIPE_PUBLIC_KEY"],
"success": True,
"message": "Your payment details were successfully saved."
})
else:
return redirect(reverse("add_memberbucks"))
