Commits

Anonymous committed 83b771c

success form added

Comments (0)

Files changed (3)

         return md5(x).hexdigest().upper() + md5(SALT).hexdigest().upper()
 
 
+class _RedirectPageForm(ResultURLForm):
+    '''Форма для проверки контрольной суммы на страницах Success и Fail'''
 
+    Culture = forms.CharField(max_length=10)
 
+    def _get_signature_string(self):
+        _val = lambda name: unicode(self.cleaned_data[name])
+        standard_part = ':'.join([_val('OutSum'), _val('InvId'), PASSWORD1])
+        return self._append_extra_part(standard_part, _val)
+
+
+class SuccessRedirectForm(_RedirectPageForm):
+    """ Форма для обработки страницы Success с дополнительной защитой. Она
+    проверяет, что Assist.ru предварительно уведомил систему о платеже,
+    отправив запрос на ResultURL. """
+
+    def clean(self):
+        data = super(SuccessRedirectForm, self).clean()
+
+        if not AssistAuthResult.objects.filter(OrderNumber=data['ordernumber']):
+            raise forms.ValidationError(u'От Assist.ru не было предварительного уведомления')
+        return data
+
+
+class FailRedirectForm(_RedirectPageForm):
+    '''Форма для проверки контрольной суммы на странице Fail'''
+    pass
     
         
     
           'receive_result',
           name='assist_result'
     ),
-
+    url(
+          r'^success/$',
+          'success',
+          name='assist_success'
+    ),
+    url(
+          r'^fail/$',
+          'fail',
+          name='assist_fail'
+    ),
 )
 except ImportError: # django < 1.2
     from django.contrib.csrf.middleware import csrf_exempt
 
-from assist.forms import ResultURLForm
+from assist.forms import ResultURLForm, SuccessRedirectForm, FailRedirectForm
 from assist.models import AssistAuthResult
 from assist.signals import result_received
 
     return direct_to_template(request, 'badresponse.html', locals())  #
 
 
+@csrf_exempt
+def success(request, template_name='assist/success.html', error_template_name = 'assist/error.html'):
+    """ обработчик для SuccessURL """
+    data = request.POST 
+    form = SuccessRedirectForm(data)
+    if form.is_valid():
+        return direct_to_template(request, template_name)
+    return direct_to_template(request, error_template_name)
 
+
+@csrf_exempt
+def fail(request, template_name='assist/fail.html', error_template_name = 'assist/error.html'):
+    """ обработчик для FailURL """
+    data = request.POST 
+    form = FailRedirectForm(data)
+    if form.is_valid():
+        return direct_to_template(request, template_name)
+    return direct_to_template(request, error_template_name)
+