add some docs, fix template and requirements

7bac0247 · Pelle Koster · 9493d117 · 7bac0247 · 7bac0247 · 7bac0247
Commit 7bac0247 authored 7 months ago by Pelle Koster
--- a/docs/source/gateway.rst
+++ b/docs/source/gateway.rst
+.. gateway intro
+Visit Stripe Gateway
+====================
+This service acts as a gateway between Visit(cloud) and Stripe and its main purpose is to be able
+to customize the checkout process for people registering for TNC2025 and enable the following
+features:
+ * Payment through bank transfer
+ * Addition of PO and VAT number in the invoice
+These features are not supported by Visit's implementation of the Stripe integration. This
+service acts as an in-between layer and does support these features
+When visitors are registering to TNC2025 in Visit cloud, they are redirected to this service in the
+final step of the registration form. Here they get the opportunity to fill out a purchase order
+and/or VAT number and select wether to pay using credit card or bank transfer. They then get
+redirected to the relevant stripe web page
+Design
+------
+This gateway service is designed in two parts. The first part is a Django app that takes care
+of user interaction, setting up the Stripe payment objects and redirecting the users. When it
+creates a payment object (either a checkout Session or a PaymentIntent), it also creates a database
+entry (name ``Order``) that links the stripe payment object back to the Visit visitor (ie. the
+registrant). It does not directly update the visitor's paid status in Visit. Whenever the visitor
+has fulfilled its payment, Stripe will call a webhook in our service (see below) to notify us of
+this fact. We store this ``Event`` in our database and process it asynchronously. Stripe requires
+us to handle the webhook request fast, so we cannot directly update the status in Visit.
+The second part of the design is a worker script that checks the databases for any new ``Event``
+entries, and performs the necessary updates in our database and in Visit through the Visit API.
+This worker is configured as a cronjob
+Endpoints
+---------
+The following endpoints are configured in this service
+``/checkout/<visitor_id>/``
+###########################
+The main entry point for users. Here they can configure a PO and VAT number and confirm their
+order. Upon confirmation they get redirected to Stripe.
+``/checkout/<visitor_id>/success/``
+###################################
+Used as a redirect by stripe on a successful payment. Because this endpoint not being secure, we
+do not update the Visit paid status.
+``/checkout/<visitor_id>/cancel/``
+##################################
+Used as a redirect by stripe on a canceled payment
+``/checkout/stripe-event``
+##########################
+This endpoint is configured as a stripe event webhook, so that we get updated whenever
+a payment (credit card or bank transfer) has succeeded and we can update the visitors Paid
+status in Visit. It is secured using Stripes signing secret method (cf.
+`https://docs.stripe.com/webhooks#verify-official-libraries`_
+)
+Administrative endpoints
+------------------------
+/visitors/
+##########
+Allow for quickly setting a visitor's shopping cart and paid items in Visit.
+/admin/
+#######
+Access to the Django admin interface. Here you can add new users, and manage PricedItems and
+Orders
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,6 +4,9 @@ jsonschema
 stripe
 requests
 click
+psycopg2
 pytest
 pytest-django
 responses

--- a/stripe_checkout/stripe_checkout/templates/checkout.html
+++ b/stripe_checkout/stripe_checkout/templates/checkout.html
@@ -23,8 +23,6 @@
                {% csrf_token %}
                <input type="submit" value="confirm">
            </form>
-            <a href="{% url 'stripe_checkout:checkout-creditcard' visitor_id %}">Credit card</a>
-            <a href="{% url 'stripe_checkout:checkout-banktransfer' visitor_id %}">Bank transfer</a>
        </div>
    {% else %}
        <p>You have nothing to pay for</p>