From 20aaa3d2b56b181a15d172b6bdd5d38b263f60f9 Mon Sep 17 00:00:00 2001
From: Magnus Hagander
Date: Thu, 27 Jun 2013 19:40:41 +0200
Subject: Support paypal/cc payment of invoices without a community account

In order to pay these invoices, it's necessary to be able to view them
on the website, which previously required a community login attached to
the invoice. We now genereate a secret URL for each invoice (based on a
SHA256 hash of the invoice itself and some random nonce). If this URL
is used to access the invoice, a login is no longer required.

It's still more convenient to use the logged in version of course, since
that lets you view your invoice history. Also, all autogenerated invoices
such as those from confreg and membership will still be using the logged
in version.
---
 postgresqleu/paypal/views.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'postgresqleu/paypal/views.py')

diff --git a/postgresqleu/paypal/views.py b/postgresqleu/paypal/views.py
index ac0c9728..aa46f1c9 100644
--- a/postgresqleu/paypal/views.py
+++ b/postgresqleu/paypal/views.py
@@ -132,7 +132,15 @@ def paypal_return_handler(request):
 			else:
 				# No processor, so redirect the user back to the basic
 				# invoice page.
-				url = "%s/invoices/%s/" % (settings.SITEBASE_SSL, i.pk)
+				if i.recipient_user:
+					# Registered to a specific user, so request that users
+					# login on redirect
+					url = "%s/invoices/%s/" % (settings.SITEBASE_SSL, i.pk)
+				else:
+					# No user account registered, so send back to the secret
+					# url version
+					url = "%s/invoices/%s/%s/" % (settings.SITEBASE_SSL, i.pk, i.recipient_secret)
+
 			return render_to_response('paypal/complete.html', {
 					'invoice': i,
 					'url': url,
-- 
cgit v1.2.3