-#!/usr/bin/env python
-# -*- python -*-
-
-import sys
-sys.path.insert(0, '/afs/hcoop.net/user/h/hc/hcoop/portal3/stripe/stripe-pkg/lib/python2.6/site-packages/')
-
-import stripe, cgi, psycopg2, cgitb, datetime, smtplib
-from email.mime.text import MIMEText
-from contextlib import contextmanager
-
-cgitb.enable()
-
-def notify_payment (charge, member):
- msg_text = """
-A member has paid us via Stripe. Please visit the portal money
-page at your earliest convenience to process the payment.
-
- Member : {0}
- Amount (cents) : {1}
- Stripe Charge ID: {2}
-""".format (member, charge.amount, charge.id)
-
- msg = MIMEText(msg_text)
- msg['Subject'] = 'Stripe payment received from {0}'.format(member)
- msg['From'] = 'payment@hcoop.net'
- msg['To'] = 'payment@hcoop.net'
-
- s = smtplib.SMTP ('mail.hcoop.net')
- s.sendmail ('payment@hcoop.net', ['payment@hcoop.net'], msg.as_string ())
- s.quit ()
-
-def stripe_key ():
- keyfile = open ("/afs/hcoop.net/user/h/hc/hcoop/.portal-private/stripe", "r")
- keystring = keyfile.read ()
- keyfile.close ()
- return keystring
-
-
-@contextmanager
-def stripe_error_handling ():
- try:
- yield
- except stripe.error.CardError, e: # The card has been declined
- print 'Status: 200 OK'
- print
- print '<html>'
- print '<head><title>Transaction Failed</title></head>'
- print '<body>'
- print '<h1>Failed</h1><p>Reason: '
- print e.json_body['error']['message']
- print '</p>'
- print '</body>'
- print '</html>'
- raise
-
-@contextmanager
-def stripe_refund_on_error (charge):
- try:
- yield
- except:
- print 'Status: 200 OK'
- print 'Content-Type: text/html'
- print ''
- print '<h1>Something went wrong after accepting payment!</h1>'
- charge.refund ()
- print '<p>The charge should be refunded. Please contact payment@hcoop.net if it was not!</p>'
- raise
-
-# Set your secret key: remember to change this to your live secret key in production
-# See your keys here https://manage.stripe.com/account
-
-stripe.api_key = stripe_key ()
-
-# Get the credit card details submitted by the form
-
-request_params = cgi.FieldStorage()
-
-token = request_params.getvalue ('stripeToken')
-webuser_id = request_params.getvalue('webuser_id')
-member_name = request_params.getvalue('webuser_name')
-amount = request_params.getvalue('stripeDues')
-
-# Create the charge on Stripe's servers - this will charge the user's card
-
-with stripe_error_handling ():
- charge = stripe.Charge.create( amount=amount,
- currency="usd",
- card=token,
- description='Payment for member {0}'.format (member_name))
-
-with stripe_refund_on_error (charge):
- with psycopg2.connect ('dbname=hcoop_portal3test user=hcoop host=postgres port=5433') as conn:
- with conn.cursor () as cur:
- balance = stripe.BalanceTransaction.retrieve (charge.balance_transaction);
- cur.execute ('insert into stripe_payment (charge_id, card_name, webuser_id, paid_on, gross, fee) values (%s, %s, %s, %s, %s, %s)',
- (charge.id, charge.card.name, webuser_id, datetime.date.today (), charge.amount, balance.fee))
-
-notify_payment (charge, member_name)
-print 'Status: 303 See Other'
-print 'Location: /portal/portal?cmd=stripeSuccess'
-print ''
-print '<a href="/portal/portal?cmd=stripeSuccess">Go back to the portal</a>'
-
+#!/usr/bin/env python
+# -*- python -*-
+
+from hcoopstripe import *
+
+import stripe, cgi, psycopg2, cgitb, datetime, smtplib
+
+hcoop_stripe_init ()
+
+# Get the credit card details submitted by the form
+
+request_params = cgi.FieldStorage()
+request_command = request_params.getvalue ('cmd', 'none');
+
+assert request_command != 'none', 'No command given.'
+
+# Create the charge on Stripe's servers - this will charge the user's card
+
+if request_command == 'member_payment':
+ token = request_params.getvalue ('stripeToken')
+ webuser_id = request_params.getvalue('webuser_id')
+ member_name = request_params.getvalue('webuser_name')
+ amount = request_params.getvalue('stripeDues')
+
+ with stripe_error_handling ():
+ charge = stripe.Charge.create( amount=amount,
+ currency="usd",
+ card=token,
+ description='Payment for member {0}'.format (member_name))
+
+ with stripe_refund_on_error (charge):
+# assert charge.card.address_line1_check == 'pass', 'Address verification failed or unknown.'
+ assert charge.card.cvc_check == 'pass', 'CVC verification failed or unknown.'
+# assert charge.card.address_zip_check == 'pass', 'Zipcode verification failed or unknown.'
+
+ balance = stripe.BalanceTransaction.retrieve (charge.balance_transaction)
+ conn = psycopg2.connect ('dbname=hcoop_portal3test user=hcoop host=postgres port=5433')
+ cur = conn.cursor ()
+ cur.execute ('insert into stripe_payment (charge_id, card_name, webuser_id, paid_on, gross, fee) values (%s, %s, %s, %s, %s, %s)',
+ (charge.id, charge.card.name, webuser_id, datetime.date.today (), charge.amount, balance.fee))
+ conn.commit ()
+
+ notify_payment (charge, member_name)
+ stripe_success ('/portal/portal?cmd=stripeSuccess')
+else:
+ assert False, 'Invalid command.'
+
+# Use mod_authz_groupfile to store money/root
+# (All hcoop members should be able to use this!)
+# [support Satisfy? Satisfy: all is OK for now...]
+# Whenever groups are updated in the portal, write the file
+# make sure to store the file outside of the web root (duh)
+# only users in money/root can do reject/adduser
+# common code should go into a module (feh!)
+# application_payment in one cgi (anyone)
+# member_payment in another (only kerberos users)
+# reject_payment / capture_application_payment (kerberos + inGroup {money, root})
+
+# If there is a way to allow all and check the group info
+# here... maybe investigate, but beware security holes
+# alt: libapache2-mod-authnz-external + db helper script
+# can use ExternalGroup, check kerberos user is in group specified in
+# another env var
+