[Flask] (no subject)

Dorian Hoxha dorian.hoxha at gmail.com
Wed Sep 30 20:34:59 CEST 2015


Replace the code like I said and try again if the error persist.
I don't know if the fields do(nt) exist in your code, that's why you have
to fix them by actually checking.

On Wed, Sep 30, 2015 at 8:01 PM, Kyle Lawlor <klawlor419 at gmail.com> wrote:

> Ok. Thanks for the response. I will keep this in mind as I continue to
> diagnose my problem. Did you spot a place in my code where the field d.n.e.?
>
> On Wed, Sep 30, 2015 at 9:35 AM, Dorian Hoxha <dorian.hoxha at gmail.com>
> wrote:
>
>> ALWAYS check if the field exist in request.form, if it doesn't you will
>> get a 400 request-error.
>> 2 ways to check:
>> if 'field' in request.form
>> if request.form.get('field')
>>
>> On Wed, Sep 30, 2015 at 12:29 AM, Kyle Lawlor <klawlor419 at gmail.com>
>> wrote:
>>
>>> Hello, everyone.
>>>
>>> I've been working on web app for a friends restaurant. I am slowly
>>> adding the functionality that I need. Earlier today I was able to add a
>>> payment method via the Stripe API. I have confirmed that the test payments
>>> are going through to my Stripe logs. I followed very closely to the [stripe
>>> flask tutorial](https://stripe.com/docs/checkout/guides/flask).
>>> Basically I am doing the exact same thing as what is done in the tutorial,
>>> except I have adjusted the payment amount based on interaction with the
>>> "order online" portion of the website.
>>>
>>>
>>> *First issue:*
>>>
>>> One issue I am having (which I am sure is just a stupid mistake) is that
>>> once the purchase is confirmed, I redirect to a confirmation page to show a
>>> summary of the order, but I am getting a "400 Bad Request - CSRF token
>>> missing or incorrect" error.
>>>
>>> I tried to solve the problem using the methods from [this page](
>>> http://flask-wtf.readthedocs.org/en/latest/csrf.html), like adding an
>>> empty form with a CSRF token, to no avail. I also tried including a meta
>>> tag with the token which also did not work.
>>>
>>> I am puzzled. A curious thing is that I can access the "payment" page
>>> manually via url before and after the transaction goes through. It seems
>>> that the trouble only happens when I redirect from the Stripe payment.
>>>
>>> *Second issue:*
>>>
>>> Another possibly related issue is that there is a segment of code using
>>> the stripe API I have commented out for the following reason. When it is
>>> uncommented I get the following error in addition to the CSRF error stated
>>> above, "400 Bad Request - The browser (or proxy) sent a request that this
>>> server could not understand."
>>>
>>> If anyone has a chance to take a look at this for me it would be greatly
>>> appreciated. Here is the latest version of the project (currently using the
>>> meta tag with CSRF).
>>>
>>> *Project:* https://github.com/callmeskywalker/casa-site
>>>
>>>
>>>
>>> *First issue relevant:*
>>> stripe import and test keys:
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L38-L43
>>>
>>> order view function:
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47-L128
>>> <https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47>
>>>
>>> pass stripe key to 'order' template:
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L128
>>>
>>> stripe implementation in 'order' template:
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L50-L64
>>>
>>> action to redirect to the 'payment' template (just to display order
>>> details):
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L51
>>>
>>> payment template with csrf token:
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/payment.html#L5
>>>
>>> *Second issue relevant:*
>>>
>>> code from stripe API in payment view function (causing second error):
>>>
>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L138-L148
>>>
>>>
>>> Thanks ahead. I look forward to any responses.
>>>
>>> Best,
>>> Kyle
>>>
>>>
>>> _______________________________________________
>>> Flask mailing list
>>> Flask at python.org
>>> https://mail.python.org/mailman/listinfo/flask
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20150930/bba5911c/attachment-0001.html>


More information about the Flask mailing list