discoman/python-tdd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
631 Commits 1 Branch 1 Tag
410664fb0fba9bdd90b4d943f99a841270f689bc
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Disco DeDisco 410664fb0f feat: shop PaymentIntent flow — shop_buy + shop_confirm + stripe_webhook — Chunk 3 of [[project-wallet-shop-expansion]]. Three-endpoint split per the locked Stripe design: webhook is authoritative for fulfillment (resilient to 3DS, browser closes, network drops); sync /shop/confirm is a best-effort UX speedup (fulfills immediately when Stripe.js confirms client-side, no waiting for webhook delivery); both call Purchase.fulfill() which is idempotent — whichever lands first wins, the other becomes a no-op via the status==SUCCEEDED guard. **POST /dashboard/wallet/shop/buy** (form-encoded shop_item_slug): looks up active ShopItem (404 if missing/inactive); enforces max_owned via is_available_for(user) (409 if cap hit, eg already-owned BAND); requires a saved PaymentMethod (402 otherwise — picks most-recent via order_by('-pk').first() per the open-Q note in the scope doc); creates Stripe PaymentIntent (amount=item.price_cents, currency=usd, customer=user.stripe_customer_id, payment_method=pm.stripe_pm_id, automatic_payment_methods={enabled, allow_redirects=never} for in-window 3DS); creates Purchase w. pi.id; backfills pi.metadata.purchase_id via PaymentIntent.modify so the webhook handler can resolve back to the row; returns {client_secret, purchase_id} JSON for Stripe.js confirmCardPayment. **POST /dashboard/wallet/shop/confirm** (form-encoded purchase_id): retrieves PI from Stripe, if status=='succeeded' calls purchase.fulfill(); returns {status} JSON. 404 if the purchase doesn't belong to request.user. Idempotent — re-firing after fulfill is a safe no-op. **POST /stripe/webhook** (csrf_exempt, mounted at root /stripe/webhook so the URL stays stable across app-routing refactors w. Stripe's dashboard config): verifies signature via stripe.Webhook.construct_event against STRIPE_WEBHOOK_SECRET env var (400 on mismatch — Stripe won't retry on 4xx, only 5xx); on payment_intent.succeeded looks up Purchase by metadata.purchase_id w. fall-back to stripe_payment_intent_id (both unique). Unknown event types are no-op 200 (Stripe sends charge.dispute.created etc. + would retry indefinitely on 5xx). New STRIPE_WEBHOOK_SECRET = os.environ.get(...) setting; user swaps it on staging+prod per the live-mode env-var-only decision. TDD — 17 ITs in test_shop_views.py across 3 classes: ShopBuyViewTest (7 cases — login required, success path creates PI + Purchase w. correct shape, PI.create called w. correct args, unknown slug 404, inactive item 404, max_owned 409, no PM 402); ShopConfirmViewTest (5 cases — login required, succeeded PI triggers fulfill, processing PI leaves PENDING, idempotent on already-SUCCEEDED, other user's purchase 404); StripeWebhookViewTest (5 cases — sig mismatch 400, succeeded event triggers fulfill, unknown event type 2xx no-op, duplicate delivery idempotent, unknown purchase_id 2xx no-op). All Stripe API calls mocked via mock.patch('apps.dashboard.views.stripe'). 1208 IT/UT green 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-22 00:42:09 -04:00
.woodpecker
CI: route test_game_my_sea*.py to test-FTs-room stage — 49 my-sea FTs DRY-reuse the room-shell hex + sea-cross picker (same Selenium surface as test_game_room_* + test_trinket_*), so they belong w. the heavy room flows instead of bloating test-FTs-non-room. Filename-regex partition stays clean (13 room + 24 non-room = 37 total, no overlap)
2026-05-20 13:20:23 -04:00
infra
pyswiss_url env var added to more places throughout ansible vault architecture; staging now has working astro wheel
2026-04-16 12:04:46 -04:00
pyswiss
natus wheel: Semisquare & Sesquiquadrate; Ott orb pair detection; intensity sort
2026-04-27 20:16:47 -04:00
src
feat: shop PaymentIntent flow — shop_buy + shop_confirm + stripe_webhook — Chunk 3 of [[project-wallet-shop-expansion]]. Three-endpoint split per the locked Stripe design: webhook is authoritative for fulfillment (resilient to 3DS, browser closes, network drops); sync /shop/confirm is a best-effort UX speedup (fulfills immediately when Stripe.js confirms client-side, no waiting for webhook delivery); both call Purchase.fulfill() which is idempotent — whichever lands first wins, the other becomes a no-op via the status==SUCCEEDED guard. **POST /dashboard/wallet/shop/buy** (form-encoded shop_item_slug): looks up active ShopItem (404 if missing/inactive); enforces max_owned via is_available_for(user) (409 if cap hit, eg already-owned BAND); requires a saved PaymentMethod (402 otherwise — picks most-recent via order_by('-pk').first() per the open-Q note in the scope doc); creates Stripe PaymentIntent (amount=item.price_cents, currency=usd, customer=user.stripe_customer_id, payment_method=pm.stripe_pm_id, automatic_payment_methods={enabled, allow_redirects=never} for in-window 3DS); creates Purchase w. pi.id; backfills pi.metadata.purchase_id via PaymentIntent.modify so the webhook handler can resolve back to the row; returns {client_secret, purchase_id} JSON for Stripe.js confirmCardPayment. **POST /dashboard/wallet/shop/confirm** (form-encoded purchase_id): retrieves PI from Stripe, if status=='succeeded' calls purchase.fulfill(); returns {status} JSON. 404 if the purchase doesn't belong to request.user. Idempotent — re-firing after fulfill is a safe no-op. **POST /stripe/webhook** (csrf_exempt, mounted at root /stripe/webhook so the URL stays stable across app-routing refactors w. Stripe's dashboard config): verifies signature via stripe.Webhook.construct_event against STRIPE_WEBHOOK_SECRET env var (400 on mismatch — Stripe won't retry on 4xx, only 5xx); on payment_intent.succeeded looks up Purchase by metadata.purchase_id w. fall-back to stripe_payment_intent_id (both unique). Unknown event types are no-op 200 (Stripe sends charge.dispute.created etc. + would retry indefinitely on 5xx). New STRIPE_WEBHOOK_SECRET = os.environ.get(...) setting; user swaps it on staging+prod per the live-mode env-var-only decision. TDD — 17 ITs in test_shop_views.py across 3 classes: ShopBuyViewTest (7 cases — login required, success path creates PI + Purchase w. correct shape, PI.create called w. correct args, unknown slug 404, inactive item 404, max_owned 409, no PM 402); ShopConfirmViewTest (5 cases — login required, succeeded PI triggers fulfill, processing PI leaves PENDING, idempotent on already-SUCCEEDED, other user's purchase 404); StripeWebhookViewTest (5 cases — sig mismatch 400, succeeded event triggers fulfill, unknown event type 2xx no-op, duplicate delivery idempotent, unknown purchase_id 2xx no-op). All Stripe API calls mocked via mock.patch('apps.dashboard.views.stripe'). 1208 IT/UT green
2026-05-22 00:42:09 -04:00
.dockerignore
ignore .vscode/ in git & docker contexts; workspace tasks/settings are local-only (Windows paths + per-machine venv layout)
2026-05-04 18:17:54 -04:00
.gitattributes
added .gitattributes for real this time
2026-02-17 17:57:20 -05:00
.gitignore
ignore .vscode/ in git & docker contexts; workspace tasks/settings are local-only (Windows paths + per-machine venv layout)
2026-05-04 18:17:54 -04:00
ansible.cfg
Gitea repo init; Woodpecker pipeline init; much CI/CD structure outlined in ./infra, incl. docker-compose.yaml, cicd-playbook.yaml, new cicd vault, & config files for gitea, woodpecker & ansible
2026-02-10 21:16:00 -05:00
CLAUDE.md
rename natus → sky across the codebase — natal chart abstraction is now sky throughout, since chart inputs aren't birthday-gated
2026-05-04 20:36:15 -04:00
Dockerfile
Dockerfile updated to run uvicorn worker class to support asgi (was still gunicorn & wsgi)
2026-03-18 22:03:10 -04:00
Dockerfile.ci
Dockerfile.ci & debug-ci now build working container for CI test image
2026-02-10 22:42:45 -05:00
requirements.dev.txt
requirements: align dev w. prod — add celery, psycopg2-binary, redis to requirements.dev.txt (missing from the CI dev image's pre-installed set, which means the CI fallback pip install -r requirements.dev.txt step would not satisfy these prod runtime deps if the image lagged); bump requests 2.31.0 → 2.32.5 in requirements.txt to align w. the dev pin (eliminates the version-drift wedge where CI's dev-only install would silently downgrade-or-upgrade vs prod's pin)
2026-05-12 20:10:22 -04:00
requirements.txt
requirements: align dev w. prod — add celery, psycopg2-binary, redis to requirements.dev.txt (missing from the CI dev image's pre-installed set, which means the CI fallback pip install -r requirements.dev.txt step would not satisfy these prod runtime deps if the image lagged); bump requests 2.31.0 → 2.32.5 in requirements.txt to align w. the dev pin (eliminates the version-drift wedge where CI's dev-only install would silently downgrade-or-upgrade vs prod's pin)
2026-05-12 20:10:22 -04:00
requirements.wsl.txt
added wsl reqs
2026-01-13 20:58:25 -05:00
Description
No description provided
155 MiB
Languages
Python 45%
JavaScript 37.6%
HTML 9%
SCSS 8.2%
Jinja 0.1%