request.user gives Anonymous in the response view

[guruprasadc6]

trafficstars

In the above view, adding the user object foreign key to PaymentHistory model is giving an error because request.user becomes anonymous in this view although admin is logged in.

[hashinclude72]

i had the same error , though you can fix this by sending the recieved data by POST to another view and saving in that view. I have done the same in this https://github.com/jaswal72/upes-fipi-jigyasa/tree/master/payments

[guruprasadc6]

Thanks for the suggestion

On Thu, 21 Mar 2019, 12:31 p.m. Shubham Jaswal, [email protected] wrote:

i had the same error , though you can fix this by sending the recieved data by POST to another view and saving in that view. I have done the same in this https://github.com/jaswal72/upes-fipi-jigyasa/tree/master/payments

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475129259, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkYQri8_tCkHK0wyrQKEDddC6n2Dwks5vYy4ugaJpZM4cAzjN .

[hashinclude72]

happy 2 help, for any errors feel free to contact.

[guruprasadc6]

Yeah sure. Thank you

On Thu, 21 Mar 2019, 12:38 p.m. Shubham Jaswal, [email protected] wrote:

happy 2 help, for any errors feel free to contact.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475130510, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkT-WV09Lk8OZjhp6pcpI9CSTWc9xks5vYy_0gaJpZM4cAzjN .

[guruprasadc6]

Hi I'm facing the same Anonymous User Issue. I'm using social-auth-django to use Google email login in my web app. In the payment view request.user prints correctly the user email ID, but once I get a response from paytm in the response view request.user prints Anonymous User after that I'm sending the received data to another view(add_to_database in my case) as POST (as you suggested). But still, request.user is giving Anonymous User

paytm/views.py

def payment(request): MERCHANT_KEY = settings.PAYTM_MERCHANT_KEY MERCHANT_ID = settings.PAYTM_MERCHANT_ID get_lang = "/" + get_language() if get_language() else ''

CALLBACK_URL = settings.HOST_URL +  settings.PAYTM_CALLBACK_URL

order_id = Checksum.__id_generator__()
print('in payment')
print(request.user)  #*outputs user emil ID*

if 'amt' in request.session:
    bill_amount = request.session['amt']
else:
    bill_amount='1'
request.session['amt'] = bill_amount

if bill_amount:
    data_dict = {
                'MID':MERCHANT_ID,
                'ORDER_ID':order_id,
                'TXN_AMOUNT': bill_amount,
                'CUST_ID':'1111',
                'INDUSTRY_TYPE_ID':'Retail',
                'WEBSITE': settings.PAYTM_WEBSITE,
                'CHANNEL_ID':'WEB',
                'CALLBACK_URL':CALLBACK_URL,
            }
    param_dict = data_dict
    param_dict['CHECKSUMHASH'] =

Checksum.generate_checksum(data_dict, MERCHANT_KEY) print(os.getcwd()) user = request.user return render(request,"payment.html",{'paytmdict':param_dict ,'user': user})

return HttpResponse("Bill Amount Could not find. ?bill_amount=10")

@csrf_exempt def add_to_database(request): data_dict = {} if request.method == "POST": print('in recipt') print(request.user) #outputs Anonymous User

    data_dict = dict(request.POST.items())
    print(data_dict)

    #add transaction to database
    PaytmHistory.objects.create(user=request.user, **data_dict)



# user = request.user
status = False
# if Paytm_history.objects.filter(user=user, STATUS = 'TXN_SUCCESS'):
#     status = True
for key,value in data_dict.items():
    if key == 'STATUS' and value == 'TXN_SUCCESS':
        status = True
        #add order to database


return render(request, "recipt.html", {"paytm": data_dict,

'title': 'Recipt', "status": status})

@login_required()

@csrf_exempt def response(request): print(1) print('in response') print(request.user) #outputs Anonymous User if request.method == "POST": MERCHANT_KEY = settings.PAYTM_MERCHANT_KEY data_dict = {} for key in request.POST: data_dict[key] = request.POST[key] print(data_dict) # print(data_dict['CUST_ID']) verify = Checksum.verify_checksum(data_dict, MERCHANT_KEY, data_dict['CHECKSUMHASH']) if verify: print(2) print(request) print(request.user) # PaytmHistory.objects.create(user=request.user, **data_dict) return render(request,"response.html",{"paytm":data_dict}) #redirecting to response else: return HttpResponse("checksum verify failed") return HttpResponse(status=200)

response.html

{% for key,value in paytm.items %} {% if key == 'MID' or key == 'PAYMENTMODE' or key == 'CURRENCY' or key == 'RESPCODE' or key == 'GATEWAYNAME' or key == 'BANKNAME' %} {% else %} {% endif %} {% endfor %}

reciept.html

        {% if status == True %}
          <p class="text-primary">Congratulation your payment is

successful.

{% else %}

Transaction Failed, Please try again.

{% endif %}

        <table border="1">

        <tbody>


          {% for key,value in paytmr.items %}

            {% if key == 'id' or key == 'user' or key == 'MID' or

key == 'PAYMENTMODE' or key == 'CURRENCY' or key == 'RESPCODE' or key == 'GATEWAYNAME' or key == 'BANKNAME' %}

            {% else %}


              {{key}} - {{ value }}<br>

              {% endif %}
          {% endfor %}



        <!-- {% for key,value in paytmr.items %}
            <input type="hidden" name="{{key}}" value="{{value}}">
        {% endfor %} -->
        </tbody>

urls.py

from django.conf.urls import include, url from .views import home, payment,response,add_to_database urlpatterns = [ # Examples:

url(r'^payment/', payment, name='payment'),
url(r'^response/', response, name='response'),
url(r'recipt/', add_to_database, name='add_to_database'),

]

Please help to resolve this.

Thank you

Guruprasad C

On Thu, Mar 21, 2019 at 12:49 PM guruprasad c [email protected] wrote:

Yeah sure. Thank you

On Thu, 21 Mar 2019, 12:38 p.m. Shubham Jaswal, [email protected] wrote:

happy 2 help, for any errors feel free to contact.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/harishbisht/paytm-django/issues/12#issuecomment-475130510, or mute the thread https://github.com/notifications/unsubscribe-auth/AeYIkT-WV09Lk8OZjhp6pcpI9CSTWc9xks5vYy_0gaJpZM4cAzjN .

[hashinclude72]

Were you able to access request.user before using social-auth-django .

I have also found another fix around it , you can send your username in MERC_UNQ_REF variable to paytm and recieve that in response by same name. You can see the implimentation in here.

[itsnikhil]

The payment gateway response should never be logged in because that request will always spawn a new session thus request.user gives Anonymous in the response view.

How I solved this issue in my fork https://github.com/itsnikhil/paytm-django is by passing unique user_id (username in my case) in callbackurl and getting user from that unique attribute.

...
@login_required
def payment(request):
    CALLBACK_URL = settings.HOST_URL + settings.PAYTM_CALLBACK_URL + request.user.username + '/'
...
...
...
def response(request, user_id):
    PaytmHistory.objects.create(user=User.objects.get(username=user_id), **data_dict)
...

Now that I think more about it, I could have passed that unique attribute in CUST_ID and accessed from form data directly instead of making changes to url.

data_dict = {
            ...
            'ORDER_ID': order_id,
            'CUST_ID': user.email,
            'CALLBACK_URL': CALLBACK_URL,
            ...
        }

Both approach will works!