diff --git a/backend/core/templates/admin/paymentcode_changelist.html b/backend/core/templates/admin/paymentcode_changelist.html index efcbb95..be6ac30 100644 --- a/backend/core/templates/admin/paymentcode_changelist.html +++ b/backend/core/templates/admin/paymentcode_changelist.html @@ -1,6 +1,6 @@ {% extends "admin/change_list.html" %} {% block object-tools %} -
+
Generate Payment Codes
diff --git a/backend/core/templates/payment.html b/backend/core/templates/payment.html index 0672221..7f4a218 100644 --- a/backend/core/templates/payment.html +++ b/backend/core/templates/payment.html @@ -10,14 +10,19 @@ {% endif %}
{% csrf_token %} - +
+ + +
+ {% endblock %} \ No newline at end of file diff --git a/backend/core/urls.py b/backend/core/urls.py index 4c57b3c..57cf8da 100644 --- a/backend/core/urls.py +++ b/backend/core/urls.py @@ -16,6 +16,7 @@ urlpatterns = [ path('api/validate_form_fields/', v.validate_form_fields, name='validate_form_fields'), path('no_confidential_data/', v.no_confidential_data, name='no_confidential_data'), path('downloads/risklet_example_document.pdf', v.download_example_pdf, name='download_example_pdf'), + path('validate_code/', v.validate_code, name='validate_code'), #admin urls path('admin/payment-codes-pdf/', v.payment_codes_pdf_view, name='payment_codes_pdf'), diff --git a/backend/core/views.py b/backend/core/views.py index 69f528f..80db479 100644 --- a/backend/core/views.py +++ b/backend/core/views.py @@ -1,5 +1,8 @@ import logging import yaml +import os +import json +import time from django.shortcuts import render, redirect , get_object_or_404 from .forms import OrganizationForm @@ -9,15 +12,14 @@ from django.contrib.admin.views.decorators import staff_member_required from .utils import generate_pdf, generate_risk_graph, generate_residual_risk_graph from .tables import risk_matrix_table ,get_risk_table, get_safeguard_summary_table from django.conf import settings -site_domain = settings.SITE_DOMAIN from .processors import render_template from django.http import JsonResponse, FileResponse, Http404, HttpResponse from django.core.exceptions import ValidationError from django.core.validators import validate_email -import os from django.utils import timezone from weasyprint import HTML from django.template.loader import render_to_string +from django.views.decorators.csrf import csrf_exempt # @login_required @@ -25,6 +27,7 @@ from django.template.loader import render_to_string # return HttpResponse('

Django

Página simples.

') logger = logging.getLogger(__name__) +site_domain = settings.SITE_DOMAIN # @login_required def index(request): @@ -134,7 +137,7 @@ def payment_page(request): send_document_email(email, url, document) return redirect(url) except PaymentCode.DoesNotExist: - error = "CODE INVALID" + error = "❌ Invalid code" return render(request, 'payment.html', {'error': error}) def no_confidential_data(request): @@ -161,4 +164,18 @@ def payment_codes_pdf_view(request): pdf_content = HTML(string=html_string, base_url=request.build_absolute_uri('/')).write_pdf() response = HttpResponse(pdf_content, content_type='application/pdf') response['Content-Disposition'] = f'inline; filename=payment_codes_{timezone.now().strftime("%Y%m%d_%H%M%S")}.pdf' - return response \ No newline at end of file + return response + +@csrf_exempt +def validate_code(request): + if request.method == "POST": + try: + data = json.loads(request.body) + code = data.get("code", "").strip().upper() + from .models import PaymentCode + valid = PaymentCode.objects.filter(code=code, used=False).exists() + time.sleep(10) + return JsonResponse({"valid": valid}) + except Exception: + return JsonResponse({"valid": False}) + return JsonResponse({"valid": False}) \ No newline at end of file