search

harishbisht / paytm-django

paytm payment gateway example
32 stars 33 forks source link

request.user gives Anonymous in the response view #12

Open guruprasadc6 opened 5 years ago

guruprasadc6 commented 5 years ago

image

In the above view, adding the user object foreign key to PaymentHistory model is giving an error because request.user becomes anonymous in this view although admin is logged in.

hashinclude72 commented 5 years ago

i had the same error , though you can fix this by sending the recieved data by POST to another view and saving in that view. I have done the same in this https://github.com/jaswal72/upes-fipi-jigyasa/tree/master/payments

guruprasadc6 commented 5 years ago

Thanks for the suggestion

On Thu, 21 Mar 2019, 12:31 p.m. Shubham Jaswal, notifications@github.com wrote:

i had the same error , though you can fix this by sending the recieved data by POST to another view and saving in that view. I have done the same in this https://github.com/jaswal72/upes-fipi-jigyasa/tree/master/payments

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475129259, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkYQri8_tCkHK0wyrQKEDddC6n2Dwks5vYy4ugaJpZM4cAzjN .

hashinclude72 commented 5 years ago

happy 2 help, for any errors feel free to contact.

guruprasadc6 commented 5 years ago

Yeah sure. Thank you

On Thu, 21 Mar 2019, 12:38 p.m. Shubham Jaswal, notifications@github.com wrote:

happy 2 help, for any errors feel free to contact.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475130510, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkT-WV09Lk8OZjhp6pcpI9CSTWc9xks5vYy_0gaJpZM4cAzjN .

guruprasadc6 commented 5 years ago

Hi I'm facing the same Anonymous User Issue. I'm using social-auth-django to use Google email login in my web app. In the payment view request.user prints correctly the user email ID, but once I get a response from paytm in the response view request.user prints Anonymous User after that I'm sending the received data to another view(add_to_database in my case) as POST (as you suggested). But still, request.user is giving Anonymous User

paytm/views.py

def payment(request): MERCHANT_KEY = settings.PAYTM_MERCHANT_KEY MERCHANT_ID = settings.PAYTM_MERCHANT_ID get_lang = "/" + get_language() if get_language() else ''

CALLBACK_URL = settings.HOST_URL +  settings.PAYTM_CALLBACK_URL

order_id = Checksum.__id_generator__()
print('in payment')
print(request.user)  #*outputs user emil ID*

if 'amt' in request.session:
    bill_amount = request.session['amt']
else:
    bill_amount='1'
request.session['amt'] = bill_amount

if bill_amount:
    data_dict = {
                'MID':MERCHANT_ID,
                'ORDER_ID':order_id,
                'TXN_AMOUNT': bill_amount,
                'CUST_ID':'1111',
                'INDUSTRY_TYPE_ID':'Retail',
                'WEBSITE': settings.PAYTM_WEBSITE,
                'CHANNEL_ID':'WEB',
                'CALLBACK_URL':CALLBACK_URL,
            }
    param_dict = data_dict
    param_dict['CHECKSUMHASH'] =

Checksum.generate_checksum(data_dict, MERCHANT_KEY) print(os.getcwd()) user = request.user return render(request,"payment.html",{'paytmdict':param_dict ,'user': user})

return HttpResponse("Bill Amount Could not find. ?bill_amount=10")

@csrf_exempt def add_to_database(request): data_dict = {} if request.method == "POST": print('in recipt') print(request.user) #outputs Anonymous User

    data_dict = dict(request.POST.items())
    print(data_dict)

    #add transaction to database
    PaytmHistory.objects.create(user=request.user, **data_dict)

# user = request.user
status = False
# if Paytm_history.objects.filter(user=user, STATUS = 'TXN_SUCCESS'):
#     status = True
for key,value in data_dict.items():
    if key == 'STATUS' and value == 'TXN_SUCCESS':
        status = True
        #add order to database

return render(request, "recipt.html", {"paytm": data_dict,

'title': 'Recipt', "status": status})

@login_required()

@csrf_exempt def response(request): print(1) print('in response') print(request.user) #outputs Anonymous User if request.method == "POST": MERCHANT_KEY = settings.PAYTM_MERCHANT_KEY data_dict = {} for key in request.POST: data_dict[key] = request.POST[key] print(data_dict)

print(data_dict['CUST_ID'])

    verify = Checksum.verify_checksum(data_dict, MERCHANT_KEY,

data_dict['CHECKSUMHASH']) if verify: print(2) print(request) print(request.user)

PaytmHistory.objects.create(user=request.user, **data_dict)

        return render(request,"response.html",{"paytm":data_dict})

redirecting to response

    else:
        return HttpResponse("checksum verify failed")
return HttpResponse(status=200)

response.html

{% for key,value in paytm.items %} {% if key == 'MID' or key == 'PAYMENTMODE' or key == 'CURRENCY' or key == 'RESPCODE' or key == 'GATEWAYNAME' or key == 'BANKNAME' %} {% else %} {% endif %} {% endfor %}

reciept.html

{% if status == True %}

Congratulation your payment is successful.

{% else %}

Transaction Failed, Please try again.

{% endif %} {% for key,value in paytmr.items %} {% if key == 'id' or key == 'user' or key == 'MID' or key == 'PAYMENTMODE' or key == 'CURRENCY' or key == 'RESPCODE' or key == 'GATEWAYNAME' or key == 'BANKNAME' %} {% else %} {{key}} - {{ value }}
{% endif %} {% endfor %}

urls.py

from django.conf.urls import include, url from .views import home, payment,response,add_to_database urlpatterns = [

Examples:

url(r'^payment/', payment, name='payment'),
url(r'^response/', response, name='response'),
url(r'recipt/', add_to_database, name='add_to_database'),

]

Please help to resolve this.

Thank you

Guruprasad C

On Thu, Mar 21, 2019 at 12:49 PM guruprasad c cguruprasad1@gmail.com wrote:

Yeah sure. Thank you

On Thu, 21 Mar 2019, 12:38 p.m. Shubham Jaswal, notifications@github.com wrote:

happy 2 help, for any errors feel free to contact.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475130510, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkT-WV09Lk8OZjhp6pcpI9CSTWc9xks5vYy_0gaJpZM4cAzjN .

hashinclude72 commented 5 years ago

Were you able to access request.user before using social-auth-django .

I have also found another fix around it , you can send your username in MERC_UNQ_REF variable to paytm and recieve that in response by same name. You can see the implimentation in here.

itsnikhil commented 4 years ago

The payment gateway response should never be logged in because that request will always spawn a new session thus request.user gives Anonymous in the response view.

How I solved this issue in my fork https://github.com/itsnikhil/paytm-django is by passing unique user_id (username in my case) in callbackurl and getting user from that unique attribute.

...
@login_required
def payment(request):
    CALLBACK_URL = settings.HOST_URL + settings.PAYTM_CALLBACK_URL + request.user.username + '/'
...
...
...
def response(request, user_id):
    PaytmHistory.objects.create(user=User.objects.get(username=user_id), **data_dict)
...

Now that I think more about it, I could have passed that unique attribute in CUST_ID and accessed from form data directly instead of making changes to url. 

data_dict = {
            ...
            'ORDER_ID': order_id,
            'CUST_ID': user.email,
            'CALLBACK_URL': CALLBACK_URL,
            ...
        }

Both approach will works!

  • © Githubissues.
  • Githubissues is a development platform for aggregating issues.