bornhack-website/shop/views.py

337 lines
11 KiB
Python
Raw Normal View History

from django.conf import settings
2016-05-12 17:08:54 +00:00
from django.contrib import messages
2016-05-15 22:09:00 +00:00
from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.urlresolvers import reverse_lazy
from django.db.models import Count, F
from django.http import HttpResponseRedirect, Http404
from django.views.generic import (
View,
2016-05-15 22:09:00 +00:00
TemplateView,
ListView,
DetailView,
FormView,
)
from django.views.generic.detail import SingleObjectMixin
from camps.models import Camp
2016-05-15 22:09:00 +00:00
from shop.models import (
Order,
Product,
OrderProductRelation,
ProductCategory,
2016-05-16 17:12:59 +00:00
EpayCallback,
2016-05-15 22:09:00 +00:00
)
from .forms import AddToOrderForm
2016-05-16 15:25:57 +00:00
import hashlib
class EnsureUserOwnsOrderMixin(SingleObjectMixin):
model = Order
def dispatch(self, request, *args, **kwargs):
if self.get_object().user != request.user:
raise Http404("Order not found")
return super(EnsureUserOwnsOrderMixin, self).dispatch(
request, *args, **kwargs
)
2016-05-12 17:08:54 +00:00
class ShopIndexView(ListView):
model = Product
template_name = "shop_index.html"
2016-05-15 22:09:00 +00:00
context_object_name = 'products'
2016-05-13 06:36:56 +00:00
def get_context_data(self, **kwargs):
2016-05-13 06:50:04 +00:00
context = super(ShopIndexView, self).get_context_data(**kwargs)
2016-05-15 22:09:00 +00:00
if 'category' in self.request.GET:
category = self.request.GET.get('category')
context['products'] = context['products'].filter(
category__slug=category
)
context['current_category'] = category
context['categories'] = ProductCategory.objects.annotate(
num_products=Count('products')
).filter(
num_products__gt=0
)
return context
2016-05-13 06:36:56 +00:00
2016-05-15 22:09:00 +00:00
class OrderListView(LoginRequiredMixin, ListView):
model = Order
template_name = "order_list.html"
2016-05-13 06:36:56 +00:00
2016-05-15 22:09:00 +00:00
def get_context_data(self, **kwargs):
context = super(OrderListView, self).get_context_data(**kwargs)
context['orders'] = Order.objects.filter(user=self.request.user)
return context
2016-05-13 06:36:56 +00:00
class OrderDetailView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, DetailView):
2016-05-12 17:08:54 +00:00
model = Order
2016-05-15 22:09:00 +00:00
template_name = 'order_detail.html'
2016-05-12 17:08:54 +00:00
context_object_name = 'order'
def get(self, request, *args, **kwargs):
order = self.get_object()
if not order.products.count() > 0:
return HttpResponseRedirect(reverse_lazy('shop:index'))
2016-05-15 22:09:00 +00:00
return super(OrderDetailView, self).get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
order = self.get_object()
payment_method = request.POST.get('payment_method')
if payment_method in order.PAYMENT_METHODS:
order.payment_method = payment_method
# Mark the order as closed
order.open = None
2016-05-16 14:36:15 +00:00
order.save()
reverses = {
Order.CREDIT_CARD: reverse_lazy(
'shop:epay_form',
2016-05-16 14:36:15 +00:00
kwargs={'pk': order.id}
),
Order.BLOCKCHAIN: reverse_lazy(
'shop:coinify_pay',
2016-05-16 14:36:15 +00:00
kwargs={'pk': order.id}
),
Order.BANK_TRANSFER: reverse_lazy(
'shop:bank_transfer',
2016-05-16 14:36:15 +00:00
kwargs={'pk': order.id}
)
}
return HttpResponseRedirect(reverses[payment_method])
if 'update_order' in request.POST:
for order_product in order.orderproductrelation_set.all():
order_product_id = str(order_product.pk)
if order_product_id in request.POST:
new_quantity = int(request.POST.get(order_product_id))
order_product.quantity = new_quantity
order_product.save()
product_remove = request.POST.get('remove_product')
if product_remove:
order.orderproductrelation_set.filter(pk=product_remove).delete()
if not order.products.count() > 0:
return HttpResponseRedirect(reverse_lazy('shop:index'))
2016-05-15 22:09:00 +00:00
return super(OrderDetailView, self).get(request, *args, **kwargs)
2016-05-15 22:09:00 +00:00
class ProductDetailView(LoginRequiredMixin, FormView, DetailView):
model = Product
template_name = 'product_detail.html'
form_class = AddToOrderForm
context_object_name = 'product'
2016-05-12 17:08:54 +00:00
def form_valid(self, form):
2016-05-15 22:09:00 +00:00
product = self.get_object()
quantity = form.cleaned_data.get('quantity')
2016-05-15 22:09:00 +00:00
# do we have an open order?
try:
order = Order.objects.get(
user=self.request.user,
2016-05-15 22:14:45 +00:00
open__isnull=False
2016-05-15 22:09:00 +00:00
)
except Order.DoesNotExist:
# no open order - open a new one
order = Order.objects.create(
user=self.request.user,
camp=Camp.objects.current()
)
2016-05-15 22:09:00 +00:00
# get product from kwargs
if product in order.products.all():
# this product is already added to this order,
# increase count by quantity
OrderProductRelation.objects.filter(
product=product,
order=order
).update(quantity=F('quantity') + quantity)
2016-05-12 17:08:54 +00:00
else:
order.orderproductrelation_set.create(
product=product,
quantity=quantity,
)
2016-05-15 22:09:00 +00:00
messages.info(
self.request,
'{}x {} has been added to your order.'.format(
quantity,
product.name
)
)
2016-05-12 17:08:54 +00:00
2016-05-15 22:09:00 +00:00
# done
return super(ProductDetailView, self).form_valid(form)
2016-05-12 17:08:54 +00:00
def get_success_url(self):
return Order.objects.get(user=self.request.user, open__isnull=False).get_absolute_url()
2016-05-12 17:08:54 +00:00
class CoinifyRedirectView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, DetailView):
model = Order
2016-05-12 17:08:54 +00:00
template_name = 'coinify_redirect.html'
2016-05-15 22:09:00 +00:00
2016-05-13 06:36:56 +00:00
def get(self, request, *args, **kwargs):
2016-05-15 22:09:00 +00:00
# validate a few things
order = self.get_object()
2016-05-13 06:36:56 +00:00
if order.open is not None:
2016-05-13 06:36:56 +00:00
messages.error(request, 'This order is still open!')
return HttpResponseRedirect('shop:order_detail')
if order.paid:
2016-05-13 06:36:56 +00:00
messages.error(request, 'This order is already paid for!')
return HttpResponseRedirect('shop:order_detail')
if not order.products.count() > 0:
2016-05-13 06:36:56 +00:00
messages.error(request, 'This order contains no products!')
return HttpResponseRedirect('shop:order_detail')
return super(CoinifyRedirectView, self).get(request, *args, **kwargs)
2016-05-13 06:36:56 +00:00
def get_context_data(self, **kwargs):
order = self.get_object()
2016-05-13 06:50:04 +00:00
context = super(CoinifyRedirectView, self).get_context_data(**kwargs)
context['order'] = order
2016-05-15 22:09:00 +00:00
# Initiate coinify API and create invoice
coinifyapi = CoinifyAPI(
settings.COINIFY_API_KEY,
settings.COINIFY_API_SECRET
)
response = coinifyapi.invoice_create(
amount,
currency,
plugin_name='BornHack 2016 webshop',
plugin_version='1.0',
description='BornHack 2016 order id #%s' % order.id,
2016-05-16 15:07:18 +00:00
callback_url=reverse_lazy(
2016-05-15 22:09:00 +00:00
'shop:coinfy_callback',
kwargs={'orderid': order.id}
),
2016-05-16 15:07:18 +00:00
return_url=reverse_lazy(
2016-05-15 22:09:00 +00:00
'shop:order_paid',
kwargs={'orderid': order.id}
),
)
if not response['success']:
api_error = response['error']
2016-05-15 22:09:00 +00:00
print "API error: %s (%s)" % (
api_error['message'],
api_error['code']
)
invoice = response['data']
2016-05-15 22:09:00 +00:00
# change this to pass only needed data when we get that far
context['invoice'] = invoice
return context
class EpayFormView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, DetailView):
model = Order
2016-05-16 13:31:37 +00:00
template_name = 'epay_form.html'
def get_context_data(self, **kwargs):
order = self.get_object()
accept_url = 'https://' + self.request.get_host() + str(reverse_lazy('epay_thanks', kwargs={'pk': order.pk}))
2016-05-16 15:48:04 +00:00
amount = order.total * 100
2016-05-16 14:49:52 +00:00
order_id = str(order.pk)
description = "BornHack 2016 order #%s" % order.pk
2016-05-16 13:31:37 +00:00
hashstring = (
'{merchant_number}{description}11{amount}DKK'
'{order_id}{accept_url}{md5_secret}'
).format(
merchant_number=settings.EPAY_MERCHANT_NUMBER,
description=description,
amount=str(amount),
2016-05-16 14:49:52 +00:00
order_id=order_id,
2016-05-16 13:31:37 +00:00
accept_url=accept_url,
md5_secret=settings.EPAY_MD5_SECRET,
)
epay_hash = hashlib.md5(hashstring).hexdigest()
context = super(EpayFormView, self).get_context_data(**kwargs)
context['merchant_number'] = settings.EPAY_MERCHANT_NUMBER
context['description'] = description
context['order_id'] = order_id
context['accept_url'] = accept_url
context['amount'] = amount
context['epay_hash'] = epay_hash
return context
class EpayCallbackView(View):
def get(self, request, **kwargs):
callback = EpayCallback.objects.create(
payload=request.GET
)
if 'orderid' in request.GET:
2016-05-16 19:14:56 +00:00
order = get_object_or_404(Order, pk=query.get('orderid'))
2016-05-16 13:31:37 +00:00
query = dict(
map(
lambda x: tuple(x.split('=')),
request.META['QUERY_STRING'].split('&')
)
)
hashstring = (
'{merchant_number}{description}11{amount}DKK'
'{order_id}{accept_url}{md5_secret}'
).format(
merchant_number=query.get('merchantnumber'),
description=query.get('description'),
amount=query.get('amount'),
order_id=query.get('orderid'),
accept_url=query.get('accepturl'),
md5_secret=settings.EPAY_MD5_SECRET,
)
epay_hash = hashlib.md5(hashstring).hexdigest()
2016-05-16 19:14:56 +00:00
if not epay_hash == query.get('hash'):
2016-05-16 13:31:37 +00:00
return HttpResponse(status=400)
EpayPayment.objects.create(
2016-05-16 19:14:56 +00:00
order=order,
2016-05-16 13:31:37 +00:00
callback=callback,
2016-05-16 19:14:56 +00:00
txnid=query.get('txnid'),
2016-05-16 13:31:37 +00:00
)
else:
return HttpResponse(status=400)
return HttpResponse('OK')
2016-05-16 14:31:51 +00:00
2016-05-16 17:31:14 +00:00
class EpayThanksView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, DetailView):
model = Order
template_name = 'epay_thanks.html'
def dispatch(self, request, *args, **kwargs):
if order.open:
### this order is open, what is the user doing here?
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': order.pk}))
return super(EpayThanksView, self).dispatch(
request, *args, **kwargs
)
class BankTransferView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, DetailView):
model = Order
template_name = 'bank_transfer.html'
2016-05-16 14:31:51 +00:00