Spaces:
Running
Running
Update app.py
Browse files
app.py
CHANGED
|
@@ -1023,17 +1023,25 @@ def is_valid(*, query: dict, secret: str) -> bool:
|
|
| 1023 |
decoded_hash_code = hash_code.decode('utf-8')[:-1].replace('+', '-').replace('/', '_')
|
| 1024 |
return query.get("sign") == decoded_hash_code
|
| 1025 |
|
| 1026 |
-
#
|
| 1027 |
@app.route('/get_order', methods=['POST'])
|
| 1028 |
def get_order():
|
| 1029 |
try:
|
| 1030 |
logging.debug("Starting get_order")
|
| 1031 |
|
| 1032 |
-
# Читаем параметры из POST-запроса
|
| 1033 |
vkid = request.form.get('vk_id', '')
|
| 1034 |
order = request.form.get('order', '')
|
| 1035 |
-
apps_id = request.form.get('apps_id', '')
|
| 1036 |
-
sign = request.form.get('sign', '')
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1037 |
|
| 1038 |
# Проверка подлинности подписи
|
| 1039 |
if apps_id not in api_key_apps_vk:
|
|
@@ -1041,7 +1049,10 @@ def get_order():
|
|
| 1041 |
return jsonify({order: 'not'}), 200
|
| 1042 |
|
| 1043 |
secret = api_key_apps_vk[apps_id]
|
|
|
|
|
|
|
| 1044 |
query_params = request.form.to_dict()
|
|
|
|
| 1045 |
|
| 1046 |
if not is_valid(query=query_params, secret=secret):
|
| 1047 |
logging.error("Invalid signature")
|
|
@@ -1049,8 +1060,9 @@ def get_order():
|
|
| 1049 |
|
| 1050 |
if not vkid or not order:
|
| 1051 |
logging.error("VK ID and order are required")
|
| 1052 |
-
return
|
| 1053 |
|
|
|
|
| 1054 |
conn = sqlite3.connect(DATABASE_NEW)
|
| 1055 |
cursor = conn.cursor()
|
| 1056 |
|
|
@@ -1058,19 +1070,26 @@ def get_order():
|
|
| 1058 |
cursor.execute("SELECT orders FROM contacts WHERE vk_id = ?", (vkid,))
|
| 1059 |
result = cursor.fetchone()
|
| 1060 |
|
| 1061 |
-
# Если запись по vk_id не
|
| 1062 |
-
if not result
|
| 1063 |
-
logging.error(f"VK ID {vkid} not found
|
| 1064 |
response = {order: 'not'}
|
| 1065 |
return jsonify(response), 200
|
| 1066 |
|
| 1067 |
-
#
|
| 1068 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1069 |
return jsonify(response), 200
|
| 1070 |
|
| 1071 |
except Exception as e:
|
| 1072 |
logging.error(f"An error occurred: {str(e)}")
|
| 1073 |
-
return
|
| 1074 |
|
| 1075 |
|
| 1076 |
|
|
|
|
| 1023 |
decoded_hash_code = hash_code.decode('utf-8')[:-1].replace('+', '-').replace('/', '_')
|
| 1024 |
return query.get("sign") == decoded_hash_code
|
| 1025 |
|
| 1026 |
+
# Маршрут для получения ордера
|
| 1027 |
@app.route('/get_order', methods=['POST'])
|
| 1028 |
def get_order():
|
| 1029 |
try:
|
| 1030 |
logging.debug("Starting get_order")
|
| 1031 |
|
| 1032 |
+
# Читаем параметры из POST-запроса и выводим их в лог
|
| 1033 |
vkid = request.form.get('vk_id', '')
|
| 1034 |
order = request.form.get('order', '')
|
| 1035 |
+
apps_id = request.form.get('apps_id', '') # apps_id приходит в виде строки
|
| 1036 |
+
sign = request.form.get('sign', '') # Значение sign полученное при запуске приложения
|
| 1037 |
+
|
| 1038 |
+
logging.debug(f"Received vk_id: {vkid}")
|
| 1039 |
+
logging.debug(f"Received order: {order}")
|
| 1040 |
+
logging.debug(f"Received apps_id: {apps_id}")
|
| 1041 |
+
logging.debug(f"Received sign: {sign}")
|
| 1042 |
+
|
| 1043 |
+
# Выводим значение переменной api_key_apps_vk перед проверкой
|
| 1044 |
+
logging.debug(f"api_key_apps_vk contents: {api_key_apps_vk}")
|
| 1045 |
|
| 1046 |
# Проверка подлинности подписи
|
| 1047 |
if apps_id not in api_key_apps_vk:
|
|
|
|
| 1049 |
return jsonify({order: 'not'}), 200
|
| 1050 |
|
| 1051 |
secret = api_key_apps_vk[apps_id]
|
| 1052 |
+
logging.debug(f"Using secret for validation: {secret}")
|
| 1053 |
+
|
| 1054 |
query_params = request.form.to_dict()
|
| 1055 |
+
logging.debug(f"Query params for validation: {query_params}")
|
| 1056 |
|
| 1057 |
if not is_valid(query=query_params, secret=secret):
|
| 1058 |
logging.error("Invalid signature")
|
|
|
|
| 1060 |
|
| 1061 |
if not vkid or not order:
|
| 1062 |
logging.error("VK ID and order are required")
|
| 1063 |
+
return jsonify({"error": "VK ID and order are required"}), 400
|
| 1064 |
|
| 1065 |
+
# Подключаемся к базе данных
|
| 1066 |
conn = sqlite3.connect(DATABASE_NEW)
|
| 1067 |
cursor = conn.cursor()
|
| 1068 |
|
|
|
|
| 1070 |
cursor.execute("SELECT orders FROM contacts WHERE vk_id = ?", (vkid,))
|
| 1071 |
result = cursor.fetchone()
|
| 1072 |
|
| 1073 |
+
# Если запись по vk_id не найдена, возвращаем значение "not" для ордера
|
| 1074 |
+
if not result:
|
| 1075 |
+
logging.error(f"VK ID {vkid} not found")
|
| 1076 |
response = {order: 'not'}
|
| 1077 |
return jsonify(response), 200
|
| 1078 |
|
| 1079 |
+
# Обработка значений в базе
|
| 1080 |
+
shop_st = result[0] if result[0] else '{}'
|
| 1081 |
+
logging.debug(f"Value from database for vk_id {vkid}: {shop_st}")
|
| 1082 |
+
|
| 1083 |
+
# Ищем значение по ключу order
|
| 1084 |
+
value = shop_st.get(order, 'not')
|
| 1085 |
+
|
| 1086 |
+
# Возвращаем данные из столбца
|
| 1087 |
+
response = {order: value}
|
| 1088 |
return jsonify(response), 200
|
| 1089 |
|
| 1090 |
except Exception as e:
|
| 1091 |
logging.error(f"An error occurred: {str(e)}")
|
| 1092 |
+
return jsonify({"error": str(e)}), 500
|
| 1093 |
|
| 1094 |
|
| 1095 |
|