vontor-cz/backend/thirdparty/stripe/views.py

from django.views.decorators.csrf import csrf_exempt
from django.conf import settings
from django.http import HttpResponse

from rest_framework import generics
from rest_framework.response import Response
from rest_framework.views import APIView
from drf_spectacular.utils import extend_schema

from .models import Order
from .serializers import OrderSerializer
import os

import stripe
stripe.api_key = os.getenv("STRIPE_SECRET_KEY")

class CreateCheckoutSessionView(APIView):
    @extend_schema(
        tags=["stripe"],
    )
    def post(self, request):
        serializer = OrderSerializer(data=request.data) #obecný serializer
        serializer.is_valid(raise_exception=True)

        order = Order.objects.create(
            amount=serializer.validated_data["amount"],
            currency=serializer.validated_data.get("currency", "czk"),
        )

        # Vytvoření Stripe Checkout Session
        session = stripe.checkout.Session.create(
            payment_method_types=["card"],
            line_items=[{
                "price_data": {
                    "currency": order.currency,
                    "product_data": {"name": f"Order {order.id}"},
                    "unit_amount": int(order.amount * 100),  # v centech
                },
                "quantity": 1,
            }],
            mode="payment",
            success_url=request.build_absolute_uri(f"/payment/success/{order.id}"),
            cancel_url=request.build_absolute_uri(f"/payment/cancel/{order.id}"),
        )

        order.stripe_session_id = session.id
        order.stripe_payment_intent = session.payment_intent
        order.save()

        data = OrderSerializer(order).data
        data["checkout_url"] = session.url
        return Response(data)
    




@csrf_exempt
def stripe_webhook(request):
    payload = request.body
    sig_header = request.META.get("HTTP_STRIPE_SIGNATURE")
    event = None

    try:
        event = stripe.Webhook.construct_event(
            payload, sig_header, settings.STRIPE_WEBHOOK_SECRET
        )
    except stripe.error.SignatureVerificationError:
        return HttpResponse(status=400)

    if event["type"] == "checkout.session.completed":
        session = event["data"]["object"]
        order = Order.objects.filter(stripe_session_id=session.get("id")).first()
        if order:
            order.status = "paid"
            order.save()

    return HttpResponse(status=200)