[Flask] (no subject)
Kyle Lawlor
klawlor419 at gmail.com
Wed Sep 30 00:29:48 CEST 2015
Hello, everyone.
I've been working on web app for a friends restaurant. I am slowly adding
the functionality that I need. Earlier today I was able to add a payment
method via the Stripe API. I have confirmed that the test payments are
going through to my Stripe logs. I followed very closely to the [stripe
flask tutorial](https://stripe.com/docs/checkout/guides/flask). Basically I
am doing the exact same thing as what is done in the tutorial, except I
have adjusted the payment amount based on interaction with the "order
online" portion of the website.
*First issue:*
One issue I am having (which I am sure is just a stupid mistake) is that
once the purchase is confirmed, I redirect to a confirmation page to show a
summary of the order, but I am getting a "400 Bad Request - CSRF token
missing or incorrect" error.
I tried to solve the problem using the methods from [this page](
http://flask-wtf.readthedocs.org/en/latest/csrf.html), like adding an empty
form with a CSRF token, to no avail. I also tried including a meta tag with
the token which also did not work.
I am puzzled. A curious thing is that I can access the "payment" page
manually via url before and after the transaction goes through. It seems
that the trouble only happens when I redirect from the Stripe payment.
*Second issue:*
Another possibly related issue is that there is a segment of code using the
stripe API I have commented out for the following reason. When it is
uncommented I get the following error in addition to the CSRF error stated
above, "400 Bad Request - The browser (or proxy) sent a request that this
server could not understand."
If anyone has a chance to take a look at this for me it would be greatly
appreciated. Here is the latest version of the project (currently using the
meta tag with CSRF).
*Project:* https://github.com/callmeskywalker/casa-site
*First issue relevant:*
stripe import and test keys:
https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L38-L43
order view function:
https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47-L128
<https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47>
pass stripe key to 'order' template:
https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L128
stripe implementation in 'order' template:
https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L50-L64
action to redirect to the 'payment' template (just to display order
details):
https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L51
payment template with csrf token:
https://github.com/callmeskywalker/casa-site/blob/master/app/templates/payment.html#L5
*Second issue relevant:*
code from stripe API in payment view function (causing second error):
https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L138-L148
Thanks ahead. I look forward to any responses.
Best,
Kyle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20150929/f83c861f/attachment.html>
More information about the Flask
mailing list