[Flask] (no subject)

Dorian Hoxha dorian.hoxha at gmail.com
Wed Sep 30 21:57:06 CEST 2015 

>From a quick look, don't store config values in the code.
Careful with stripe keys (they look like test keys though)

I think it's more pythonic:
if 'a' not in b

instead of :

if not 'a' in b:

I'm not sure though.

On Wed, Sep 30, 2015 at 9:28 PM, Kyle Lawlor <klawlor419 at gmail.com> wrote:

> Ok, I will look into this first. Thanks again for the pointers. In the
> meantime, any further comments still appreciated.
>
> On Wed, Sep 30, 2015 at 2:34 PM, Dorian Hoxha <dorian.hoxha at gmail.com>
> wrote:
>
>> Replace the code like I said and try again if the error persist.
>> I don't know if the fields do(nt) exist in your code, that's why you have
>> to fix them by actually checking.
>>
>> On Wed, Sep 30, 2015 at 8:01 PM, Kyle Lawlor <klawlor419 at gmail.com>
>> wrote:
>>
>>> Ok. Thanks for the response. I will keep this in mind as I continue to
>>> diagnose my problem. Did you spot a place in my code where the field d.n.e.?
>>>
>>> On Wed, Sep 30, 2015 at 9:35 AM, Dorian Hoxha <dorian.hoxha at gmail.com>
>>> wrote:
>>>
>>>> ALWAYS check if the field exist in request.form, if it doesn't you will
>>>> get a 400 request-error.
>>>> 2 ways to check:
>>>> if 'field' in request.form
>>>> if request.form.get('field')
>>>>
>>>> On Wed, Sep 30, 2015 at 12:29 AM, Kyle Lawlor <klawlor419 at gmail.com>
>>>> wrote:
>>>>
>>>>> Hello, everyone.
>>>>>
>>>>> I've been working on web app for a friends restaurant. I am slowly
>>>>> adding the functionality that I need. Earlier today I was able to add a
>>>>> payment method via the Stripe API. I have confirmed that the test payments
>>>>> are going through to my Stripe logs. I followed very closely to the [stripe
>>>>> flask tutorial](https://stripe.com/docs/checkout/guides/flask).
>>>>> Basically I am doing the exact same thing as what is done in the tutorial,
>>>>> except I have adjusted the payment amount based on interaction with the
>>>>> "order online" portion of the website.
>>>>>
>>>>>
>>>>> *First issue:*
>>>>>
>>>>> One issue I am having (which I am sure is just a stupid mistake) is
>>>>> that once the purchase is confirmed, I redirect to a confirmation page to
>>>>> show a summary of the order, but I am getting a "400 Bad Request - CSRF
>>>>> token missing or incorrect" error.
>>>>>
>>>>> I tried to solve the problem using the methods from [this page](
>>>>> http://flask-wtf.readthedocs.org/en/latest/csrf.html), like adding an
>>>>> empty form with a CSRF token, to no avail. I also tried including a meta
>>>>> tag with the token which also did not work.
>>>>>
>>>>> I am puzzled. A curious thing is that I can access the "payment" page
>>>>> manually via url before and after the transaction goes through. It seems
>>>>> that the trouble only happens when I redirect from the Stripe payment.
>>>>>
>>>>> *Second issue:*
>>>>>
>>>>> Another possibly related issue is that there is a segment of code
>>>>> using the stripe API I have commented out for the following reason. When it
>>>>> is uncommented I get the following error in addition to the CSRF error
>>>>> stated above, "400 Bad Request - The browser (or proxy) sent a request that
>>>>> this server could not understand."
>>>>>
>>>>> If anyone has a chance to take a look at this for me it would be
>>>>> greatly appreciated. Here is the latest version of the project (currently
>>>>> using the meta tag with CSRF).
>>>>>
>>>>> *Project:* https://github.com/callmeskywalker/casa-site
>>>>>
>>>>>
>>>>>
>>>>> *First issue relevant:*
>>>>> stripe import and test keys:
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L38-L43
>>>>>
>>>>> order view function:
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47-L128
>>>>> <https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L47>
>>>>>
>>>>> pass stripe key to 'order' template:
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L128
>>>>>
>>>>> stripe implementation in 'order' template:
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L50-L64
>>>>>
>>>>> action to redirect to the 'payment' template (just to display order
>>>>> details):
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/order.html#L51
>>>>>
>>>>> payment template with csrf token:
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/templates/payment.html#L5
>>>>>
>>>>> *Second issue relevant:*
>>>>>
>>>>> code from stripe API in payment view function (causing second error):
>>>>>
>>>>> https://github.com/callmeskywalker/casa-site/blob/master/app/main/views.py#L138-L148
>>>>>
>>>>>
>>>>> Thanks ahead. I look forward to any responses.
>>>>>
>>>>> Best,
>>>>> Kyle
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Flask mailing list
>>>>> Flask at python.org
>>>>> https://mail.python.org/mailman/listinfo/flask
>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20150930/dd70b723/attachment-0001.html>

More information about the Flask mailing list