main: Added test stripe verification

2023-08-24 16:41:38 +10:00 · 2023-08-24 16:41:38 +10:00 · 230dc2a12a
commit 230dc2a12a
parent d4fd470564
2 changed files with 28 additions and 13 deletions
--- a/master/main.py
+++ b/master/main.py
@ -234,20 +234,34 @@ def tlsa():
@app.route('/stripe', methods=['POST'])
-def stripe():
+def stripeapi():
     # Log all requests
    print(request.json)
    # Log for docker
    print(request.json, flush=True)
-    # Get API header
+    print(request.headers, flush=True)
-    api_key = request.headers.get('key')
+    payload = request.data
-    if api_key == None:
+    stripe.api_key = os.getenv('STRIPE_SECRET')
-        return jsonify({'error': 'Invalid API key', 'success': 'false'})
+    endpoint_secret = os.getenv('STRIPE_ENDPOINT_SECRET')
-    if api_key != os.getenv('STRIPE_KEY'):
+    sig_header = request.headers.get('HTTP_STRIPE_SIGNATURE')
-        return jsonify({'error': 'Invalid API key', 'success': 'false'})
+    events = None
-    
+    try:
-   
+        event = stripe.Webhook.construct_event(
        payload, sig_header, endpoint_secret
        )
    except ValueError as e:
    # Invalid payload
        return jsonify({'success': 'false'})
    except stripe.error.SignatureVerificationError as e:
        return jsonify({'success': 'false'})
    # Handle the event
    if event.type == 'payment_intent.succeeded':
        payment_intent = event.data.object # contains a stripe.PaymentIntent
        print('PaymentIntent was successful!', flush=True)
    elif event.type == 'payment_method.attached':
        payment_method = event.data.object # contains a stripe.PaymentMethod
        print('PaymentMethod was attached to a Customer!', flush=True)
    # ... handle other event types
    else:
        print('Unhandled event type {}'.format(event.type))
    return jsonify({'success': 'true'})
--- a/master/requirements.txt
+++ b/master/requirements.txt
@ -2,3 +2,4 @@ python-dotenv
 requests
 flask
 jsonify
 stripe