This repository has been archived by the owner on Apr 19, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 547
/
Copy pathapp.py
220 lines (167 loc) Β· 8.07 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
#! /usr/bin/env python3.6
"""
app.py
Stripe Payments Demo. Created by Adrienne Dreyfus (@adrind).
This is our Flask server that handles requests from our Stripe checkout flow.
It has all the endpoints you need to accept payments and manage orders.
Python 3.6 or newer required.
"""
import stripe
import json
import setup
import os
from inventory import Inventory
from stripe_types import Source, Order
from flask import Flask, render_template, jsonify, request, send_from_directory
from dotenv import load_dotenv, find_dotenv
static_dir = f'{os.path.abspath(os.path.join(__file__ ,"../../.."))}/public'
app = Flask(__name__, static_folder=static_dir)
def dynamic_3ds(source: Source, order: Order) -> Source:
"""
Create a 3DS Secure payment Source if the Source is a card that requires it or if the Order is over 5000.
"""
if source['card']['three_d_secure'] == 'required' or order['amount'] > 5000:
source = stripe.Source.create(amount=order['amount'], currency=order['currency'], type='three_d_secure',
three_d_secure={'card': source['id']}, metadata={'order': order['id']},
redirect={'return_url': request.headers.get('origin')})
return source
@app.route('/')
def home():
return send_from_directory(static_dir, 'index.html')
# Serve static assets and images for index.html
# Note: You can remove this if your frontend code is using Flask's templating
@app.route('/javascripts/<path:path>', methods=['GET'])
def serve_js(path):
return send_from_directory(f'{static_dir}/javascripts', path)
@app.route('/stylesheets/<path:path>', methods=['GET'])
def serve_css(path):
return send_from_directory(f'{static_dir}/stylesheets', path)
@app.route('/images/<path:path>', methods=['GET'])
def serve_image(path):
return send_from_directory(f'{static_dir}/images', path)
# Serve config set up in .env
@app.route('/config')
def get_config():
return jsonify({
'stripePublishableKey': os.getenv('STRIPE_PUBLISHABLE_KEY'),
'stripeCountry': os.getenv('STRIPE_ACCOUNT_COUNTRY') or 'US',
'country': 'US',
'currency': 'eur'
})
@app.route('/products', methods=['GET'])
def get_products():
products = Inventory.list_products()
if Inventory.products_exist(products):
return jsonify(products)
else:
# Create Products for our Stripe store if we haven't already.
setup.create_data()
products = Inventory.list_products()
return jsonify(products)
@app.route('/products/<string:product_id>', methods=['GET'])
def retrieve_product(product_id):
return jsonify(Inventory.retrieve_product(product_id))
@app.route('/orders', methods=['POST'])
def make_order():
# Creates a new Order with items that the user selected.
data = json.loads(request.data)
try:
order = Inventory.create_order(currency=data['currency'], items=data['items'], email=data['email'],
shipping=data['shipping'])
return jsonify({'order': order})
except Exception as e:
return jsonify(e), 403
@app.route('/orders/<string:order_id>/pay', methods=['POST'])
def pay_order(order_id):
"""
Creates a Charge for an Order using a payment Source provided by the user.
"""
data = json.loads(request.data)
source = data['source']
order = Inventory.retrieve_order(order_id)
if order['metadata']['status'] == 'pending' or order['metadata']['status'] == 'paid':
# Somehow this Order has already been paid for -- abandon request.
return jsonify({'source': source, 'order': order}), 403
if source['type'] == 'card':
source = dynamic_3ds(source, order)
if not source['livemode']:
# Demo: In test mode, replace the Source with a test token so Charges can work.
source['id'] = 'tok_visa'
if source['status'] == 'chargeable':
# Yay! Our user gave us a valid payment Source we can charge.
charge = stripe.Charge.create(source=source['id'], amount=order['amount'], currency=order['currency'],
receipt_email=order['email'], idempotency_key=order['id'])
if charge and charge['status'] == 'succeeded':
status = 'paid'
elif charge and 'status' in charge:
status = charge['status']
else:
status = 'failed'
# Update the Order with a new status based on what happened with the Charge.
Inventory.update_order(properties={'metadata': {'status': status}}, order=order)
return jsonify({'order': order, 'source': source})
@app.route('/webhook', methods=['POST'])
def webhook_received():
# You can use webhooks to receive information about asynchronous payment events.
# For more about our webhook events check out https://stripe.com/docs/webhooks.
webhook_secret = os.getenv('STRIPE_WEBHOOK_SECRET')
request_data = json.loads(request.data)
if webhook_secret:
# Retrieve the event by verifying the signature using the raw body and secret if webhook signing is configured.
signature = request.headers.get('stripe-signature')
try:
event = stripe.Webhook.construct_event(payload=request.data, sig_header=signature, secret=webhook_secret)
data = event['data']
except Exception as e:
return e
else:
data = request_data['data']
data_object = data['object']
# Monitor `source.chargeable` events.
if data_object['object'] == 'source' \
and data_object['status'] == 'chargeable' \
and 'order' in data_object['metadata']:
source = data_object
print(f'Webhook received! The source {source["id"]} is chargeable')
# Find the corresponding Order this Source is for by looking in its metadata.
order = Inventory.retrieve_order(source['metadata']['order'])
# Verify that this Order actually needs to be paid.
order_status = order['metadata']['status']
if order_status in ['pending', 'paid', 'failed']:
return jsonify({'error': f'Order already has a status of {order_status}'}), 403
# Create a Charge to pay the Order using the Source we just received.
try:
charge = stripe.Charge.create(source=source['id'], amount=order['amount'], currency=order['currency'],
receipt_email=order['email'], idempotency_key=order['id'])
if charge and charge['status'] == 'succeeded':
status = 'paid'
elif charge:
status = charge['status']
else:
status = 'failed'
except stripe.error.CardError:
# This is where you handle declines and errors.
# For the demo, we simply set the status to mark the Order as failed.
status = 'failed'
Inventory.update_order(properties={'metadata': {'status': status}}, order=order)
# Monitor `charge.succeeded` events.
if data_object['object'] == 'charge' \
and data_object['status'] == 'succeeded' \
and 'order' in data_object['source']['metadata']:
charge = data_object
print(f'Webhook received! The charge {charge["id"]} succeeded.')
Inventory.update_order(properties={'metadata': {'status': 'paid'}},
order_id=charge['source']['metadata']['order'])
# Monitor `source.failed`, `source.canceled`, and `charge.failed` events.
if data_object['object'] in ['source', 'charge'] and data_object['status'] in ['failed', 'canceled']:
source = data_object['source'] if data_object['source'] else data_object
print(f'Webhook received! Failure for {data_object["id"]}.`')
if source['metadata']['order']:
Inventory.update_order(properties={'metadata': {'status': 'failed'}},
order_id=source['metadata']['order']['id'])
return jsonify({'status': 'success'})
if __name__ == '__main__':
load_dotenv(find_dotenv())
stripe.api_key = os.getenv('STRIPE_SECRET_KEY')
stripe.api_version = '2018-02-06'
app.run()