def payments_ipn(req): raw_data = req.body.decode("utf-8") raw_data += "&cmd=_notify-validate" ipnreq = urllib.request.Request(PP_WEBSCR) ipnreq.add_header("Content-type", "application/x-www-form-urlencoded") result = urllib.request.urlopen(ipnreq, raw_data.encode("utf-8")) response = result.read().decode("utf-8") if response != "VERIFIED": logger.error("IPN request %s not validated - response %s" % (req.body, response)) return HttpResponse(status=403) if req.POST["receiver_id"] != PP_RECEIVER_ID or req.POST[ "mc_currency"] != PAYMENT_CURRENCY: logger.error("IPN request %s has incorrect details" % req.POST) return HttpResponse(status=400) if req.POST["payment_status"] == "Refunded": Payments.ReversePayment(req.POST["parent_txn_id"]) logger.info("IPN refund %s OK" % str(req.POST)) return HttpResponse() if req.POST["payment_status"] != "Completed": logger.error("IPN request %s not complete" % req.POST) return HttpResponse() logger.info("IPN request %s OK" % str(req.POST)) payment = Payments.LogPayment(req.POST["txn_id"], amount=req.POST["mc_gross"], initialAssociatedAccount=req.POST["custom"], email=req.POST["payer_email"]) user = User.Get(req.POST["custom"]) User.AssociatePayment(user, payment) if "_id" not in payment: # Is the payment newly entered? Really should have used an ORM about 3 years ago. payments_send_confirmation(req, req.POST["payer_email"]) return HttpResponse()
def payments_ipn(req): raw_data = req.body.decode("utf-8") raw_data += "&cmd=_notify-validate" ipnreq = urllib.request.Request(PP_WEBSCR) ipnreq.add_header("Content-type", "application/x-www-form-urlencoded") result = urllib.request.urlopen(ipnreq, raw_data.encode("utf-8")) response = result.read().decode("utf-8") if response != "VERIFIED": logger.error("IPN request %s not validated - response %s" % (req.body, response)) return HttpResponse(status=403) if req.POST["receiver_id"] != PP_RECEIVER_ID or req.POST[ "mc_currency"] != PAYMENT_CURRENCY: logger.error("IPN request %s has incorrect details" % req.POST) return HttpResponse(status=400) if req.POST["payment_status"] != "Completed": logger.error("IPN request %s not complete" % req.POST) return HttpResponse() logger.info("IPN request %s OK" % str(req.POST)) payment = Payments.LogPayment(req.POST["txn_id"], amount=req.POST["mc_gross"], initialAssociatedAccount=req.POST["custom"], email=req.POST["payer_email"]) user = User.Get(req.POST["custom"]) User.AssociatePayment(user, payment) try: ab_experiment_complete("autosync", user["_id"], float(req.POST["mc_gross"])) except: logger.error("AB experiment did not complete - no experiment running?") return HttpResponse()
def payments_claim_return(request, code): user, payment = Payments.ConsumeClaimCode(code) if not payment: return render(request, "payments/claim_return_fail.html") User.AssociatePayment(user, payment) User.Login(user, request) # In case they somehow managed to log out - they've proved their identity. return redirect("/#/payments/claimed")