| 1 | #!/usr/bin/env python |
| 2 | # -*- python -*- |
| 3 | |
| 4 | from hcoopstripe import * |
| 5 | |
| 6 | import stripe, cgi, psycopg2, cgitb, datetime, smtplib |
| 7 | |
| 8 | hcoop_stripe_init () |
| 9 | |
| 10 | # Get the credit card details submitted by the form |
| 11 | |
| 12 | request_params = cgi.FieldStorage() |
| 13 | request_command = request_params.getvalue ('cmd', 'none'); |
| 14 | |
| 15 | assert request_command != 'none', 'No command given.' |
| 16 | |
| 17 | # Create the charge on Stripe's servers - this will charge the user's card |
| 18 | |
| 19 | if request_command == 'member_payment': |
| 20 | token = request_params.getvalue ('stripeToken') |
| 21 | webuser_id = request_params.getvalue('webuser_id') |
| 22 | member_name = request_params.getvalue('webuser_name') |
| 23 | amount = request_params.getvalue('stripeDues') |
| 24 | |
| 25 | with stripe_error_handling (): |
| 26 | charge = stripe.Charge.create( amount=amount, |
| 27 | currency="usd", |
| 28 | card=token, |
| 29 | description='Payment for member {0}'.format (member_name)) |
| 30 | |
| 31 | with stripe_refund_on_error (charge): |
| 32 | # assert charge.card.address_line1_check == 'pass', 'Address verification failed or unknown.' |
| 33 | assert charge.card.cvc_check != 'fail', 'CVC verification failed.' |
| 34 | # assert charge.card.address_zip_check == 'pass', 'Zipcode verification failed or unknown.' |
| 35 | |
| 36 | balance = stripe.BalanceTransaction.retrieve (charge.balance_transaction) |
| 37 | conn = psycopg2.connect ('dbname=hcoop_portal3 user=hcoop host=postgres port=5433') |
| 38 | cur = conn.cursor () |
| 39 | cur.execute ('insert into stripe_payment (charge_id, card_name, webuser_id, paid_on, gross, fee) values (%s, %s, %s, %s, %s, %s)', |
| 40 | (charge.id, charge.card.name, webuser_id, datetime.date.today (), charge.amount, balance.fee)) |
| 41 | conn.commit () |
| 42 | |
| 43 | notify_payment (charge, member_name) |
| 44 | stripe_success ('/portal/portal?cmd=stripeSuccess') |
| 45 | else: |
| 46 | assert False, 'Invalid command.' |
| 47 | |
| 48 | # Use mod_authz_groupfile to store money/root |
| 49 | # (All hcoop members should be able to use this!) |
| 50 | # [support Satisfy? Satisfy: all is OK for now...] |
| 51 | # Whenever groups are updated in the portal, write the file |
| 52 | # make sure to store the file outside of the web root (duh) |
| 53 | # only users in money/root can do reject/adduser |
| 54 | # common code should go into a module (feh!) |
| 55 | # application_payment in one cgi (anyone) |
| 56 | # member_payment in another (only kerberos users) |
| 57 | # reject_payment / capture_application_payment (kerberos + inGroup {money, root}) |
| 58 | |
| 59 | # If there is a way to allow all and check the group info |
| 60 | # here... maybe investigate, but beware security holes |
| 61 | # alt: libapache2-mod-authnz-external + db helper script |
| 62 | # can use ExternalGroup, check kerberos user is in group specified in |
| 63 | # another env var |
| 64 | |