python - Django - 条纹订阅
问题描述
我有一个视图,它使用 Stripe 收取一定金额,然后将用户重定向到订阅页面,但是如何防止用户直接访问该 url?
收费视图:
def testview(request):
charge = stripe.Charge.create(
amount=2000,
currency="usd",
source="tok_visa", # obtained with Stripe.js
description="Charge for jenny.rosen@example.com"
)
return render(request, 'test.html')
我的订阅创建视图:
def create_sub(request):
plan1 = "plan_DiiAhydC7AxqeG"
plan2 = "plan_DiiAypModfV7VJ"
plan = request.GET.get('plan')
if plan == '1':
active_plan = plan1
elif plan == '2':
active_plan = plan2
sub = stripe.Subscription.create(
customer=request.user.stripe_id,
items=[
{
"plan": active_plan,
},
]
)
我的 html 收费模板:
<form action="/test/create-sub?plan=2" method="POST">
{% csrf_token %}
<script
src="https://checkout.stripe.com/checkout.js" class="stripe-button"
data-key="stripe_api_code"
data-amount="100000"
data-name="Bilpard"
data-description="Paid plan"
data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
data-locale="auto">
</script>
</form>
解决方案
testview将视图包装在require_post装饰器中怎么样?
from django.views.decorators.http import require_POST
@require_POST()
def testview(request):
charge = stripe.Charge.create(
amount=2000,
currency="usd",
source="tok_visa", # obtained with Stripe.js
description="Charge for jenny.rosen@example.com"
)
return render(request, 'test.html')
这样,只有 POST 请求才允许访问此视图。