[hcoop/portal.git] / stripe / stripe-payment.cgi

#!/usr/bin/env python
# -*- python -*-

from hcoopstripe import *

import stripe, cgi, psycopg2, cgitb, datetime, smtplib

hcoop_stripe_init ()

# Get the credit card details submitted by the form

request_params = cgi.FieldStorage()
request_command = request_params.getvalue ('cmd', 'none');

assert request_command != 'none', 'No command given.'

# Create the charge on Stripe's servers - this will charge the user's card 

if request_command == 'member_payment':
    token = request_params.getvalue ('stripeToken')
    webuser_id = request_params.getvalue('webuser_id')
    member_name = request_params.getvalue('webuser_name')
    amount = request_params.getvalue('stripeDues')

    with stripe_error_handling ():
        charge = stripe.Charge.create( amount=amount,
                                       currency="usd", 
                                       card=token, 
                                       description='Payment for member {0}'.format (member_name))

    with stripe_refund_on_error (charge):
#        assert charge.card.address_line1_check == 'pass', 'Address verification failed or unknown.'
        assert charge.card.cvc_check != 'fail', 'CVC verification failed.'
#        assert charge.card.address_zip_check == 'pass', 'Zipcode verification failed or unknown.'

        balance = stripe.BalanceTransaction.retrieve (charge.balance_transaction)
        conn =  psycopg2.connect ('dbname=hcoop_portal3 user=hcoop host=postgres port=5433')
        cur = conn.cursor ()
        cur.execute ('insert into stripe_payment (charge_id, card_name, webuser_id, paid_on, gross, fee) values (%s, %s, %s, %s, %s, %s)', 
                     (charge.id, charge.card.name, webuser_id, datetime.date.today (), charge.amount, balance.fee))
        conn.commit ()

    notify_payment (charge, member_name)
    stripe_success ('/portal/portal?cmd=stripeSuccess')
else:
    assert False, 'Invalid command.'

# Use mod_authz_groupfile to store money/root
#   (All hcoop members should be able to use this!)
#  [support Satisfy? Satisfy: all is OK for now...]
# Whenever groups are updated in the portal, write the file
# make sure to store the file outside of the web root (duh)
# only users in money/root can do reject/adduser
# common code should go into a module (feh!)
# application_payment in one cgi (anyone)
# member_payment in another (only kerberos users)
# reject_payment / capture_application_payment (kerberos + inGroup {money, root})

# If there is a way to allow all and check the group info
# here... maybe investigate, but beware security holes
# alt: libapache2-mod-authnz-external + db helper script
# can use ExternalGroup, check kerberos user is in group specified in
# another env var
Commit	Line	Data
f8b39e09 CE	1	#!/usr/bin/env python
	2	# -- python --
	3
e4964ef9	4	from hcoopstripe import *
f8b39e09 CE	5
f8b39e09 CE	6	import stripe, cgi, psycopg2, cgitb, datetime, smtplib
f8b39e09	7
e4964ef9	8	hcoop_stripe_init ()
f8b39e09 CE	9
	10	# Get the credit card details submitted by the form
	11
	12	request_params = cgi.FieldStorage()
bd5d2441	13	request_command = request_params.getvalue ('cmd', 'none');
f8b39e09	14
bd5d2441	15	assert request_command != 'none', 'No command given.'
f8b39e09 CE	16
	17	# Create the charge on Stripe's servers - this will charge the user's card
	18
bd5d2441 CE	19	if request_command == 'member_payment':
	20	token = request_params.getvalue ('stripeToken')
	21	webuser_id = request_params.getvalue('webuser_id')
	22	member_name = request_params.getvalue('webuser_name')
	23	amount = request_params.getvalue('stripeDues')
	24
	25	with stripe_error_handling ():
	26	charge = stripe.Charge.create( amount=amount,
	27	currency="usd",
	28	card=token,
	29	description='Payment for member {0}'.format (member_name))
	30
	31	with stripe_refund_on_error (charge):
	32	# assert charge.card.address_line1_check == 'pass', 'Address verification failed or unknown.'
1db9e12c	33	assert charge.card.cvc_check != 'fail', 'CVC verification failed.'
bd5d2441 CE	34	# assert charge.card.address_zip_check == 'pass', 'Zipcode verification failed or unknown.'
	35
	36	balance = stripe.BalanceTransaction.retrieve (charge.balance_transaction)
588a1662	37	conn = psycopg2.connect ('dbname=hcoop_portal3 user=hcoop host=postgres port=5433')
bd5d2441 CE	38	cur = conn.cursor ()
	39	cur.execute ('insert into stripe_payment (charge_id, card_name, webuser_id, paid_on, gross, fee) values (%s, %s, %s, %s, %s, %s)',
	40	(charge.id, charge.card.name, webuser_id, datetime.date.today (), charge.amount, balance.fee))
	41	conn.commit ()
	42
	43	notify_payment (charge, member_name)
	44	stripe_success ('/portal/portal?cmd=stripeSuccess')
bd5d2441 CE	45	else:
	46	assert False, 'Invalid command.'
	47
	48	# Use mod_authz_groupfile to store money/root
	49	# (All hcoop members should be able to use this!)
	50	# [support Satisfy? Satisfy: all is OK for now...]
	51	# Whenever groups are updated in the portal, write the file
	52	# make sure to store the file outside of the web root (duh)
	53	# only users in money/root can do reject/adduser
	54	# common code should go into a module (feh!)
	55	# application_payment in one cgi (anyone)
	56	# member_payment in another (only kerberos users)
	57	# reject_payment / capture_application_payment (kerberos + inGroup {money, root})
	58
	59	# If there is a way to allow all and check the group info
	60	# here... maybe investigate, but beware security holes
	61	# alt: libapache2-mod-authnz-external + db helper script
	62	# can use ExternalGroup, check kerberos user is in group specified in
	63	# another env var
5e6afd1a	64