pepettes/server.py
2021-02-15 05:25:55 +01:00

90 lines
2.7 KiB
Python

#! /usr/bin/env python3.6
"""
server.py
Stripe Sample.
Python 3.6 or newer required.
"""
import stripe
import json
import os
import random
import string
from flask import Flask, render_template, jsonify, request, send_from_directory, session
from flask_simple_csrf import CSRF
from dotenv import load_dotenv, find_dotenv
# Setup Stripe python client library.
load_dotenv(find_dotenv())
stripe.api_key = os.getenv('STRIPE_SECRET_KEY')
stripe.api_version = os.getenv('STRIPE_API_VERSION')
static_dir = str(os.path.abspath(os.path.join(
__file__, "..", os.getenv("STATIC_DIR"))))
app = Flask(__name__, static_folder=static_dir,
static_url_path="", template_folder=static_dir)
app.secret_key = os.getenv('SECRET_KEY')
CSRF = CSRF(config={
'SECRET_CSRF_KEY':os.getenv('SECRET_CSRF_KEY')
})
app = CSRF.init_app(app)
@app.before_request
def before_request():
if 'CSRF_TOKEN' not in session or 'USER_CSRF' not in session:
session['USER_CSRF'] = ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(64))
session['CSRF_TOKEN'] = CSRF.create(session['USER_CSRF'])
@app.route('/', methods=['GET'])
def get_index():
return render_template('index.html')
@app.route('/config', methods=['GET'])
def get_publishable_key():
return jsonify({
'publicKey': os.getenv('STRIPE_PUBLISHABLE_KEY'),
'name': os.getenv('PROJECT_NAME'),
'csrf': session['USER_CSRF'],
})
@app.route('/create-checkout-session', methods=['POST'])
def create_checkout_session():
data = json.loads(request.data)
domain_url = os.getenv('DOMAIN')
try:
if CSRF.verify(data['user_csrf'], session['CSRF_TOKEN']) is False or \
data['frequency'] not in ['RECURING', 'ONE_TIME'] or \
data['currency'] not in ['EUR', 'USD'] or \
int(data['quantity']) <= 0:
return jsonify(error="Bad value"), 400
# Create new Checkout Session for the order
price = f"{data['frequency']}_{data['currency']}_DONATION"
mode = "payment" if data['frequency'] == 'ONE_TIME' else "subscription"
checkout_session = stripe.checkout.Session.create(
success_url=domain_url +
"/success.html?session_id={CHECKOUT_SESSION_ID}",
cancel_url=domain_url + "/canceled.html",
payment_method_types= ["card"],
mode=mode,
line_items=[
{
"price": os.getenv(price),
"quantity": data['quantity']
}
]
)
return jsonify({'sessionId': checkout_session['id']})
except Exception as e:
return jsonify(error=str(e)), 403
if __name__ == '__main__':
app.run(port=os.getenv('PORT'), debug=os.getenv('DEBUG'))