from django.views.decorators.csrf import csrf_exempt from django.conf import settings from django.http import HttpResponse from rest_framework import generics from rest_framework.response import Response from rest_framework.views import APIView from .models import Order from .serializers import OrderSerializer import os import stripe stripe.api_key = os.getenv("STRIPE_SECRET_KEY") class CreateCheckoutSessionView(APIView): def post(self, request): serializer = OrderSerializer(data=request.data) #obecný serializer serializer.is_valid(raise_exception=True) order = Order.objects.create( amount=serializer.validated_data["amount"], currency=serializer.validated_data.get("currency", "czk"), ) # Vytvoření Stripe Checkout Session session = stripe.checkout.Session.create( payment_method_types=["card"], line_items=[{ "price_data": { "currency": order.currency, "product_data": {"name": f"Order {order.id}"}, "unit_amount": int(order.amount * 100), # v centech }, "quantity": 1, }], mode="payment", success_url=request.build_absolute_uri(f"/payment/success/{order.id}"), cancel_url=request.build_absolute_uri(f"/payment/cancel/{order.id}"), ) order.stripe_session_id = session.id order.stripe_payment_intent = session.payment_intent order.save() data = OrderSerializer(order).data data["checkout_url"] = session.url return Response(data) @csrf_exempt def stripe_webhook(request): payload = request.body sig_header = request.META.get("HTTP_STRIPE_SIGNATURE") event = None try: event = stripe.Webhook.construct_event( payload, sig_header, settings.STRIPE_WEBHOOK_SECRET ) except stripe.error.SignatureVerificationError: return HttpResponse(status=400) if event["type"] == "checkout.session.completed": session = event["data"]["object"] order = Order.objects.filter(stripe_session_id=session.get("id")).first() if order: order.status = "paid" order.save() return HttpResponse(status=200)