Verify Stripe callbacks
This commit is contained in:
parent
c14c94f6f6
commit
ae8da03c3c
|
@ -4,10 +4,11 @@ from datetime import datetime
|
||||||
import stripe
|
import stripe
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||||
from django.http import JsonResponse
|
from django.http import HttpResponse, JsonResponse
|
||||||
from django.shortcuts import redirect, render
|
from django.shortcuts import redirect, render
|
||||||
from django.urls import reverse, reverse_lazy
|
from django.urls import reverse, reverse_lazy
|
||||||
from django.views import View
|
from django.views import View
|
||||||
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
from django.views.generic.edit import CreateView
|
from django.views.generic.edit import CreateView
|
||||||
from rest_framework.parsers import JSONParser
|
from rest_framework.parsers import JSONParser
|
||||||
from rest_framework.views import APIView
|
from rest_framework.views import APIView
|
||||||
|
@ -74,7 +75,22 @@ class Portal(LoginRequiredMixin, View):
|
||||||
class Callback(APIView):
|
class Callback(APIView):
|
||||||
parser_classes = [JSONParser]
|
parser_classes = [JSONParser]
|
||||||
|
|
||||||
|
@csrf_exempt
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
|
payload = request.body
|
||||||
|
sig_header = request.META["HTTP_STRIPE_SIGNATURE"]
|
||||||
|
|
||||||
|
try:
|
||||||
|
stripe.Webhook.construct_event(
|
||||||
|
payload, sig_header, settings.STRIPE_ENDPOINT_SECRET
|
||||||
|
)
|
||||||
|
except ValueError:
|
||||||
|
# Invalid payload
|
||||||
|
return HttpResponse(status=400)
|
||||||
|
except stripe.error.SignatureVerificationError:
|
||||||
|
# Invalid signature
|
||||||
|
return HttpResponse(status=400)
|
||||||
|
|
||||||
pp.pprint(request.data)
|
pp.pprint(request.data)
|
||||||
if request.data is None:
|
if request.data is None:
|
||||||
return JsonResponse({"success": False}, status=500)
|
return JsonResponse({"success": False}, status=500)
|
||||||
|
|
Loading…
Reference in New Issue