def fallback(path): messages = resource_bundle.ResourceBundle() lang = detect_language() if path.startswith('X'): offer = wsgi_blueprint.ioc.new_offer_service().find_by_hash(path) if offer is not None: wsgi_blueprint.logger.info('['+get_customer_ip()+'] loading offer page by hash: %s'%path) wsgi_blueprint.ioc.new_event_service().persist(model.Event(get_customer_ip(), offer.account, path)) offer_title = util.LocaleUtil().get_localized_title(offer, lang) return render_template('offer.html', messages=messages.get_all(lang), language = lang, title=offer_title, account_hash = offer.account.hash, account_name = offer.account.name.replace("'", "'"), countries = [c.as_json() for c in wsgi_blueprint.ioc.new_country_service().find_all()], project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'], stripe_publishable=wsgi_blueprint.ioc.get_config()['stripe.publishable']) elif path.startswith('S'): wsgi_blueprint.logger.info('['+get_customer_ip()+'] loading seller page by hash: %s'%path) account = wsgi_blueprint.ioc.new_account_service().find_by_hash(path) if account is not None: return render_template('offer_list.html', messages=messages.get_all(lang), language = lang, title=account.name, account_hash = account.hash, account_name = account.name.replace("'", "'"), project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION']) else: wsgi_blueprint.logger.info('['+get_customer_ip()+'] could not find seller by name: [%s]'%path) return Response(status=404) else: return Response(status=404)
def login(): messages = resource_bundle.ResourceBundle() lang = detect_language() activation_hash = request.args.get('h') email_hash = request.args.get('e') if activation_hash is not None and email_hash is not None: wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting user activation with h=%s,e=%s'%(activation_hash, email_hash)) user = wsgi_blueprint.ioc.new_user_service().find_by_activation_hash(activation_hash) if user is not None: if hashlib.sha224(user.username.encode('utf-8')).hexdigest()==email_hash: user.active = True model.base.db.session.commit() session['username'] = user.username return redirect('/admin/') else: wsgi_blueprint.logger.info('['+get_customer_ip()+'] Failed activation, email hash not equal was: %s, expected: %s'%(hashlib.sha224(user.username.encode('utf-8')).hexdigest(), email_hash)) # todo handle when hash not equal else: # todo handle when user is null wsgi_blueprint.logger.info('['+get_customer_ip()+'] Failed activation, no user for given hash:%s'%activation_hash) pass messages = messages.get_all(lang) return render_template('main.html', project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'], messages=messages, page='login' )
def new(): messages = resource_bundle.ResourceBundle() password_blueprint.logger.info('['+get_customer_ip()+'] Processing new password request') password = request.json['password'] if password==request.json['confirmPassword']: reset_hash = request.json['h'] email_hash = request.json['e'] user = password_blueprint.ioc.new_user_service().find_by_reset_hash(reset_hash) if user is not None: if hashlib.sha224(user.username.encode('utf-8')).hexdigest()==email_hash: user.password = generate_password_hash(password) user.active = True model.base.db.session.commit() password_blueprint.logger.info('['+get_customer_ip()+'] Authenticating after password reset') session['username'] = user.username return Response(status=200, mimetype='application/json') else: password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, email hash invalid') else: password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, no such user') else: password_blueprint.logger.info('['+get_customer_ip()+'] Failed to process new password request, password mismatch confirm password') lang = detect_language() error_message = messages.get_text(lang, 'new_password_mismatch') return Response(json.dumps({"error_message": error_message}), status=400, mimetype='application/json')
def delete_image(target, id): user = offer.ioc.new_user_service().find_by_username(session['username']) if target=='additional_image': offer.logger.debug('['+get_customer_ip()+'] delete additional image id:'+id) image = offer.ioc.new_image_service().find_by_id(int(id)) if image.offer_item.offer.account_id==user.account_id: for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'): os.remove(fl) offer.ioc.new_image_service().delete(image) return Response(status=200) elif target=='offer_item': offer.logger.debug('['+get_customer_ip()+'] delete image - target offer_item') offer_item = offer.ioc.new_offer_service().find_offer_item_by_id(id) if offer_item.offer.account_id==user.account_id: offer_item.img=None for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'): os.remove(fl) if offer_item.variations.count()>0: for variation in offer_item.variations: if variation.img is None and variation.img is not None: offer_item.img = variation.img model.base.db.session.commit() return Response(status=200) else: offer_item_variation = offer.ioc.new_offer_service().find_offer_item_variation_by_id(id) if offer_item_variation.offer_item.offer.account_id==user.account_id: offer_item_variation.img=None for fl in glob.glob(offer.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'*'): os.remove(fl) offer.logger.debug('['+get_customer_ip()+'] deleted images') model.base.db.session.commit() return Response(status=200) return Response(status=400)
def list(): order_blueprint.logger.debug('['+get_customer_ip()+'] list orders username %s, page=%s'%(session['username'], request.args.get('page'))) user = order_blueprint.ioc.new_user_service().find_by_username(session['username']) orders = order_blueprint.ioc.new_order_service().find_by_page(user.account, int(request.args.get('page'))) order_blueprint.logger.debug('['+get_customer_ip()+'] returning %s orders'%(len(orders))) count = order_blueprint.ioc.new_order_service().find_paid_orders_count(user.account) js = { "orders" : [o.as_json() for o in orders], "count" : count} return Response(json.dumps(js), mimetype='application/json')
def upload_image(offer_item_id, target, id): wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting image upload') try: file = request.files['file'] wsgi_blueprint.logger.info('['+get_customer_ip()+'] Starting image upload file=%s'%file.filename) if file and allowed_file(file.filename): wsgi_blueprint.logger.debug('['+get_customer_ip()+'] image extenssion allowed') filename = secure_filename(file.filename) mkdirs(wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target) offer_item = wsgi_blueprint.ioc.new_offer_service().find_offer_item_by_id(offer_item_id) user = wsgi_blueprint.ioc.new_user_service().find_by_username(session['username']) if offer_item.offer.account_id!=user.account_id: raise RuntimeError('Tried to change image for different account') if target=='additional_image': additional_image = model.Image(offer_item) offer_item.images.append(additional_image) elif target=='offer_item': offer_item.img = target+'/'+id elif offer_item.img is not None and offer_item.img.startswith('offer_item_variation'): offer_item.img = target+'/'+id if target.startswith('offer_item_variation'): offer_item_variation = wsgi_blueprint.ioc.new_offer_service().find_offer_item_variation_by_id(id) offer_item_variation.img = target+'/'+id model.base.db.session.commit() if target=='additional_image': value = additional_image.creation_date id = str(additional_image.id)+str(value) try: file.save(wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'.png') with Image(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'.png') as img: with img.clone() as i: i.resize(int(100), int(100/i.width*i.height)) i.save(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'_thumb.png') with img.clone() as i: i.compression_quality=99 i.resize(int(500), int(500/i.width*i.height)) i.save(filename=wsgi_blueprint.ioc.get_config()['UPLOAD_FOLDER']+'/'+target+'/'+id+'_500.png') if target=='additional_image': js = { "images" : [o.as_json() for o in offer_item.images]} return Response(json.dumps(js), mimetype='application/json') else: return Response(status=200) except IOError: traceback.print_exc(file=sys.stdout) print("cannot create thumbnail for '%s'" % filename) return Response(status=500) else: wsgi_blueprint.logger.debug('['+get_customer_ip()+'] extenssion not allowed filename=%s'%file.filename) return Response(status=400) except: traceback.print_exc(file=sys.stdout) return Response(status=400)
def process_init(): order_id = request.args.get('order_id') paypal_init.logger.info('['+get_customer_ip()+'] Paypal init [order_id:'+order_id+']') order = paypal_init.ioc.new_order_service().find_by_id(int(order_id)) payment_reference = security.Security().encrypt(str(order.id)+"#"+order.order_number) i = 0 shipping = 0.0 basket_items = [] for item in order.items: item_title = util.LocaleUtil().get_localized_title(item, order.lang) if item.variations is not None and item.variations.count()>0: itotal = 0.0 for iv in item.variations: itotal = itotal+((iv.quantity*(iv.net+iv.tax))) item_variation_title = util.LocaleUtil().get_localized_title(iv, order.lang) if iv.quantity==1: shipping = shipping + iv.shipping else: shipping = shipping + iv.shipping for c in range(iv.quantity-1): if iv.shipping_additional is not None: shipping = shipping + iv.shipping_additional else: shipping = shipping + iv.shipping if order.offer.currency!=order.currency: basket_items.append({'index':(i+1), 'title':item_title+'('+item_variation_title+')', 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, itotal), 2)}) else: basket_items.append({'index':(i+1), 'title':item_title+'('+item_variation_title+')', 'value': round(itotal, 2)}) i = i+1 else: if order.offer.currency!=order.currency: basket_items.append({'index':(i+1), 'title':item_title, 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, (item.quantity*(item.net+item.tax))), 2)}) else: basket_items.append({'index':(i+1), 'title':item_title, 'value':round((item.quantity*(item.net+item.tax)), 2)}) if item.quantity==1: shipping = shipping + item.shipping else: shipping = shipping + item.shipping for c in range(item.quantity-1): if item.shipping_additional is not None: shipping = shipping + item.shipping_additional else: shipping = shipping + item.shipping i = i+1 if order.offer.currency!=order.currency: basket_items.append({'index':(i+1), 'title':resource_bundle.ResourceBundle().get_text(order.lang, "shipping"), 'value':round(paypal_init.ioc.new_currency_service().convert(order.currency, shipping), 2)}) else: basket_items.append({'index':(i+1), 'title':resource_bundle.ResourceBundle().get_text(order.lang, "shipping"), 'value':round(shipping, 2)}) seller = paypal_init.ioc.get_config()['paypal.seller'] paypal_url = paypal_init.ioc.get_config()['paypal.url'] ipn_host = paypal_init.ioc.get_config()['address.www'] paypal_init.logger.info('['+get_customer_ip()+'] Paypal generating html [order_id:'+order_id+']') return paypal_init.ioc.new_paypal_service().generate_init_html(order, payment_reference, basket_items, ipn_host, seller, paypal_url)
def register(): account_name = request.json['name'] account = register_rest.ioc.new_account_service().find_by_name(account_name) lang = detect_language() messages = resource_bundle.ResourceBundle() if account is None: username = request.json['username'] register_rest.logger.info('['+get_customer_ip()+'] Processing registration request') user = register_rest.ioc.new_user_service().find_by_username(username) if user is None: a = model.Account() a.name = account_name a.lang = detect_language() u = model.User(username, generate_password_hash(request.json['password'])) u.activation_hash = str(uuid.uuid4()) a.users.append(u) register_rest.ioc.new_account_service().save(a) success_message = messages.get_text(lang, 'register_success') registration_email = register_rest.ioc.get_config()['registration_email'] customer_email = model.Email() customer_email.type = "REGISTRATION" customer_email.from_address = registration_email customer_email.ref_id = u.id customer_email.to_address = u.username customer_email.language = lang messages = resource_bundle.ResourceBundle() customer_email.subject = messages.get_text(lang, 'registration_email_subject') register_rest.ioc.new_email_service().save(customer_email) admin_email = model.Email() admin_email.type = 'REGISTRATION_ADMIN' admin_email.from_address = registration_email admin_email.to_address = registration_email admin_email.subject = "New customer: "+u.username register_rest.ioc.new_email_service().save(admin_email) if register_rest.ioc.get_config()['SKIP_ACCOUNT_ACTIVATION']: u.active = True session['username'] = u.username model.base.db.session.commit() register_rest.logger.info('['+get_customer_ip()+'] Registration successful') return Response(json.dumps({"success_message": success_message, 'skip_activation':register_rest.ioc.get_config()['SKIP_ACCOUNT_ACTIVATION']}), status=200, mimetype='application/json') else: register_rest.logger.info('['+get_customer_ip()+'] Registration failed, user already exist') error_message = messages.get_text(lang, 'register_user_already_exist') return Response(json.dumps({"error_message": error_message}), status=409, mimetype='application/json') else: register_rest.logger.info('['+get_customer_ip()+'] Registration failed, account already exist') error_message = messages.get_text(lang, 'register_account_already_exist') return Response(json.dumps({"error_message": error_message}), status=409, mimetype='application/json')
def new_message(): contact_blueprint.logger.info('['+get_customer_ip()+'] Send contact message') oi = contact_blueprint.ioc.new_contact_service().save_conctact(model.Contact(get_customer_ip(), request.json['email'], request.json['message'])) messages = resource_bundle.ResourceBundle() lang = detect_language() admin_email = model.Email() admin_email.type = 'ADMIN_CONTACT_EMAIL' admin_email.ref_id = oi.id admin_email.from_address = contact_blueprint.ioc.get_config()['contact_email'] admin_email.to_address = contact_blueprint.ioc.get_config()['contact_email'] admin_email.subject = "Cusomer message" contact_blueprint.ioc.new_email_service().save(admin_email) return jsonify({'id':oi.id, 'success_message':messages.get_text(lang, 'contact_message_success')})
def refund(): order_blueprint.logger.debug('['+get_customer_ip()+'] process order refund request by username %s, order_id=%s'%(session['username'], request.args.get('id'))) user = order_blueprint.ioc.new_user_service().find_by_username(session['username']) order = order_blueprint.ioc.new_order_service().find_by_id(int(request.args.get('id'))) if order.account_id==user.account_id: order.ioc.new_order_service().refund_order(order) return Response(status=200, mimetype='application/json') else: return Response(status=400, mimetype='application/json')
def find_order_total(order): total = stripe_rest.ioc.new_order_service().find_order_total(order) if order.offer.currency!=order.currency: stripe_rest.logger.info('['+get_customer_ip()+'] doing currency exchange=[%s>%s]'+(order.offer.currency, order.currency)) # TODO do currency conversion # return stripe_rest.ioc.new_currency_service().convert(order.currency, total); pass else: return total
def register(): messages = resource_bundle.ResourceBundle() lang = detect_language() wsgi_blueprint.logger.info('['+get_customer_ip()+'] Detected customer language %s'%(lang)) return render_template('main.html', project_version=wsgi_blueprint.ioc.get_config()['PROJECT_VERSION'], messages=messages.get_all(lang), page='register' )
def request_withdrawal(): withdraw.logger.debug('['+get_customer_ip()+'] processing withdrawal request for user %s'%(session['username'])) user = withdraw.ioc.new_user_service().find_by_username(session['username']) amount = request.json['amount'] iban = request.json['iban'] bic = request.json['bic'] if user.account.balance>=float(amount): user.account.balance = user.account.balance - float(amount) withdrawal = model.Withdrawal(float(amount), iban, bic) withdrawal.account = user.account user.account.withdrawals.append(withdrawal) model.base.db.session.commit() js = { "balance" : user.account.balance, "withdrawals" : [o.as_json() for o in user.account.withdrawals] } return Response(json.dumps(js), mimetype='application/json', status=200) else: withdraw.logger.debug('['+get_customer_ip()+'] not enough funds to make withdrawal for user %s'%(session['username'])) messages = resource_bundle.ResourceBundle() js = { "msg" : messages.get_text(user.account.lang, 'not_enough_funds')} return Response(json.dumps(js), mimetype='application/json', status=400)
def login(): username = request.json['username'] messages = resource_bundle.ResourceBundle() lang = detect_language() login_blueprint.logger.info('['+get_customer_ip()+'] Processing authentication request') user = login_blueprint.ioc.new_user_service().find_by_username(username) if user is not None and user.active: if check_password_hash(user.password, request.json['password']): login_blueprint.logger.info('['+get_customer_ip()+'] Authentication successful') session['username'] = username return Response(status=200, mimetype='application/json') else: error_message = messages.get_text(lang, 'login_wrong_username_or_password') login_blueprint.logger.info('['+get_customer_ip()+'] Authentication failed password mismatch') else: if user is None: error_message = messages.get_text(lang, 'login_wrong_username_or_password') else: error_message = messages.get_text(lang, 'login_user_inactive') login_blueprint.logger.info('['+get_customer_ip()+'] Authentication failed no user for username:'******'application/json')
def reset(): password_blueprint.logger.info('['+get_customer_ip()+'] Processing reset password request') user = password_blueprint.ioc.new_user_service().find_by_username(request.json['username']) messages = resource_bundle.ResourceBundle() if user is not None: user.reset_hash = str(uuid.uuid4()) model.base.db.session.commit() reset_password_subject = resource_bundle.ResourceBundle().get_text(user.account.lang, 'reset_password') reset_password_email = model.Email() reset_password_email.language = user.account.lang reset_password_email.ref_id = user.id reset_password_email.type = 'RESET_PASSWORD' reset_password_email.from_address = password_blueprint.ioc.get_config()['no_reply'] reset_password_email.to_address = user.username reset_password_email.subject = reset_password_subject password_blueprint.ioc.new_email_service().save(reset_password_email) success_message = messages.get_text(user.account.lang, 'reset_password_link_info') return Response(json.dumps({"success_message": success_message}), status=200, mimetype='application/json') else: password_blueprint.logger.info('['+get_customer_ip()+'] Failed to request reset password, no such user') lang = detect_language() error_message = messages.get_text(lang, 'reset_password_no_email') return Response(json.dumps({"error_message": error_message}), status=204, mimetype='application/json')
def process(): stripe_rest.logger.info('['+get_customer_ip()+'] Process payment with stripe for order:'+str(request.json['order_id'])) order = stripe_rest.ioc.new_order_service().find_by_id(int(request.json['order_id'])) if order is not None: stripe_rest.logger.info('['+get_customer_ip()+'] Order='+str(order.id)) amount = find_order_total(order) currency = order.currency.lower() try: stripe_rest.logger.info('['+get_customer_ip()+'] stripe charge order=%s, amount=%s'%(request.json['order_id'], amount)) resp = stripe_rest.ioc.new_stripe_service().charge( amount=int(math.ceil(amount*100)), currency=currency, card=request.json['stripe_token'], description=order.order_number ) stripe_rest.logger.info('['+get_customer_ip()+'] Success - stripe response '+str(resp)+' order number: '+order.order_number) stripe_message = model.StripeMessage(resp.id, str(resp), int(request.json['order_id'])) stripe_rest.ioc.new_stripe_service().save(stripe_message) stripe_rest.ioc.new_payment_processor_service().process_paid_order(order) return Response(status=200) except: traceback.print_exc(file=sys.stdout) raise BadRequest('['+get_customer_ip()+'] Failed to collect payment')
def process_success(): paypal_success.logger.info('['+get_customer_ip()+'] Paypal success') # TODO implement payment-successful.html return redirect('/payment-successful.html')
def save(): user = offer.ioc.new_user_service().find_by_username(session['username']) offer.logger.debug('['+get_customer_ip()+'] save offer %s'%json.dumps(request.json)) x = json.loads(json.dumps(request.json), object_hook=lambda d: namedtuple('X', d.keys())(*d.values())) o = offer.ioc.new_offer_service().save_offer(user.account, x) return Response(json.dumps(o.as_json()), mimetype='application/json')
def get_by_hash(hash): offer.logger.debug('['+get_customer_ip()+'] retrieve offer by hash %s'%hash) js = offer.ioc.new_offer_service().find_by_hash(hash).as_json() return Response(json.dumps(js), mimetype='application/json')
def get_by_account(hash): offer.logger.debug('['+get_customer_ip()+'] retrieve offers by hash %s'%hash) account = offer.ioc.new_account_service().find_by_hash(hash) offers = offer.ioc.new_offer_service().find_by_account_id(account.id) js = {"offers" : [o.as_json() for o in offers]} return Response(json.dumps(js), mimetype='application/json')
def apply_payment(): payment.logger.info('['+get_customer_ip()+'] Apply payment for order: %s'%json.dumps(request.json)) # TODO handle QuantityNotAvailable x = json.loads(json.dumps(request.json), object_hook=lambda d: namedtuple('X', d.keys())(*d.values())) order = payment.ioc.new_order_service().save(x) return jsonify({'id':order.id, 'order_number': order.order_number})