add: add payment api

config/settings/base.py

@@ -144,5 +144,6 @@ CSRF_TRUSTED_ORIGINS = [
 ]
 
 ALLOWED_ATMOS_IPS = []
-CONSUMER_KEY = ''
-CONSUMER_SECRET = ''
+CONSUMER_KEY = env.str('CONSUMER_KEY')
+CONSUMER_SECRET = env.str('CONSUMER_SECRET')
+STORE_ID = env.str('STORE_ID')

core/apps/payment/serializers.py

@@ -0,0 +1,8 @@
+from rest_framework import serializers
+
+
+class PaymentSerializer(serializers.Serializer):
+    order_number = serializers.IntegerField()
+    price = serializers.IntegerField()
+
+    

core/apps/payment/urls.py

@@ -1,7 +1,8 @@
 from django.urls import path
 
-from .views import AtmosCallbackApiView
+from .views import AtmosCallbackApiView, PaymentGenerateLinkApiView
 
 urlpatterns = [
     path('callback/', AtmosCallbackApiView.as_view()),
+    path('payment/', PaymentGenerateLinkApiView.as_view()),
 ]

core/apps/payment/views.py

@@ -1,12 +1,15 @@
 import hashlib
+
 from django.conf import settings
+
+from rest_framework.generics import GenericAPIView
 from rest_framework.views import APIView
 from rest_framework.response import Response
-from rest_framework import status
+from rest_framework import status, permissions
 
 from core.apps.orders.models import Order
-
-API_KEY = "ATMOS_API_KEY"  
+from core.apps.payment.serializers import PaymentSerializer
+from core.services.payment import Atmos
 
 
 def get_client_ip(request):
@@ -24,8 +27,8 @@ class AtmosCallbackApiView(APIView):
 
     def post(self, request):
         client_ip = get_client_ip(request)
-        if client_ip not in settings.ALLOWED_ATMOS_IPS:
-            return Response({"status": 0, "message": "IP ruxsat etilmagan"}, status=403)
+        # if client_ip not in settings.ALLOWED_ATMOS_IPS:
+        #     return Response({"status": 0, "message": "IP ruxsat etilmagan"}, status=403)
         data = request.data
         if not data:
             return Response(
@@ -39,7 +42,7 @@ class AtmosCallbackApiView(APIView):
         amount = data.get("amount")
         sign = data.get("sign")
 
-        check_string = f"{store_id}{transaction_id}{invoice}{amount}{API_KEY}"
+        check_string = f"{store_id}{transaction_id}{invoice}{amount}{settings.CONSUMER_KEY}"
         generated_sign = hashlib.sha256(check_string.encode()).hexdigest()
 
         if generated_sign != sign:
@@ -69,3 +72,19 @@ class AtmosCallbackApiView(APIView):
             {"status": 1, "message": "Успешно"},
             status=status.HTTP_200_OK
         )
+
+
+class PaymentGenerateLinkApiView(GenericAPIView):
+    serializer_class = PaymentSerializer
+    queryset = None
+    permission_classes = [permissions.IsAuthenticated]
+
+    def post(self, request):
+        serializer = self.serializer_class(data=request.data)
+        serializer.is_valid()
+        data = serializer.validated_data
+        service = Atmos()
+        res = service.create_transaction(data['price'], data['order_number'])
+        print(res)
+        return Response(res)
+

core/services/payment.py

@@ -1,13 +1,14 @@
-import requests
-import base64
+import requests, base64
+
+from django.conf import settings
 
 
 class Atmos:
-    def __init__(self, consumer_key, consumer_secret, terminal_id, store_id):
-        self.consumer_key = consumer_key
-        self.consumer_secret = consumer_secret
+    def __init__(self, terminal_id = None):
+        self.consumer_key = settings.CONSUMER_KEY
+        self.consumer_secret = settings.CONSUMER_SECRET
         self.terminal_id = terminal_id
-        self.store_id = store_id
+        self.store_id = settings.STORE_ID
     
     def login(self):
         credentials = f"{self.consumer_key}:{self.consumer_secret}"
@@ -34,20 +35,24 @@ class Atmos:
         url = 'https://apigw.atmos.uz/merchant/pay/create'
         headers = {
             'Authorization': f'Bearer {access_token}',
-            'Content-Type': 'application/json',
         }
         data = {
             'amount': amount,
-            'account': account,
-            'terminal_id': self.terminal_id,
+            'account': str(account),
             'store_id': self.store_id
         }
 
-        res = requests.post(url, headers=headers, data=data)
-        if res.json()['result']['code'] == 'OK':
-            return res.json()
-        else:
-            return None
+        res = requests.post(url, headers=headers, json=data)
+        print(self.store_id)
+        return res.json()
+        # try:
+        #     data = res.json()
+        # except Exception as e:
+        #     raise ValueError(f"Invalid JSON response: {res.text}") from e
+
+        # if data.get('result', {}).get('code') == 'OK':
+        #     return data
+        # return None
     
     def generate_url(self, transaction_id, redirect_url):
         url = f'https://test-checkout.pays.uz/invoice/get?storeId={self.store_id}&transactionId={transaction_id}&redirectLink={redirect_url}'

requirements.txt

@@ -37,3 +37,4 @@ uritemplate==4.2.0
 uvicorn==0.35.0
 vine==5.1.0
 wcwidth==0.2.13
+requests