[Flask] (no subject)

Kyle Lawlor klawlor419 at gmail.com
Wed Sep 30 20:01:36 CEST 2015


Ok. Thanks for the response. I will keep this in mind as I continue to
diagnose my problem. Did you spot a place in my code where the field d.n.e.?

On Wed, Sep 30, 2015 at 9:35 AM, Dorian Hoxha <dorian.hoxha at gmail.com>
wrote:

> ALWAYS check if the field exist in request.form, if it doesn't you will
> get a 400 request-error.
> 2 ways to check:
> if 'field' in request.form
> if request.form.get('field')
>
> On Wed, Sep 30, 2015 at 12:29 AM, Kyle Lawlor <klawlor419 at gmail.com>
> wrote:
>
>> Hello, everyone.
>>
>> I've been working on web app for a friends restaurant. I am slowly adding
>> the functionality that I need. Earlier today I was able to add a payment
>> method via the Stripe API. I have confirmed that the test payments are
>> going through to my Stripe logs. I followed very closely to the [stripe
>> flask tutorial](https://stripe.com/docs/checkout/guides/flask).
>> Basically I am doing the exact same thing as what is done in the tutorial,
>> except I have adjusted the payment amount based on interaction with the
>> "order online" portion of the website.
>>
>>
>> *First issue:*
>>
>> One issue I am having (which I am sure is just a stupid mistake) is that
>> once the purchase is confirmed, I redirect to a confirmation page to show a
>> summary of the order, but I am getting a "400 Bad Request - CSRF token
>> missing or incorrect" error.
>>
>> I tried to solve the problem using the methods from [this page](
>> http://flask-wtf.readthedocs.org/en/latest/csrf.html), like adding an
>> empty form with a CSRF token, to no avail. I also tried including a meta
>> tag with the token which also did not work.
>>
>> I am puzzled. A curious thing is that I can access the "payment" page
>> manually via url before and after the transaction goes through. It seems
>> that the trouble only happens when I redirect from the Stripe payment.
>>
>> *Second issue:*
>>
>> Another possibly related issue is that there is a segment of code using
>> the stripe API I have commented out for the following reason. When it is
>> uncommented I get the following error in addition to the CSRF error stated
>> above, "400 Bad Request - The browser (or proxy) sent a request that this
>> server could not understand."
>>
>> If anyone has a chance to take a look at this for me it would be greatly
>> appreciated. Here is the latest version of the project (currently using the
>> meta tag with CSRF).
>>
>> *Project:* https://github.com/callmeskywalker/casa-site
>>
>>
>>
>> *First issue relevant:*
>> stripe import and test keys:
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L38-L43
>>
>> order view function:
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47-L128
>> <https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47>
>>
>> pass stripe key to 'order' template:
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L128
>>
>> stripe implementation in 'order' template:
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L50-L64
>>
>> action to redirect to the 'payment' template (just to display order
>> details):
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L51
>>
>> payment template with csrf token:
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/payment.html#L5
>>
>> *Second issue relevant:*
>>
>> code from stripe API in payment view function (causing second error):
>>
>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L138-L148
>>
>>
>> Thanks ahead. I look forward to any responses.
>>
>> Best,
>> Kyle
>>
>>
>> _______________________________________________
>> Flask mailing list
>> Flask at python.org
>> https://mail.python.org/mailman/listinfo/flask
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20150930/01d78313/attachment.html>


More information about the Flask mailing list