fix torob
This commit is contained in:
Parsa Nazer
@@ -53,15 +53,16 @@ class TorobProductsRequestSerializer(serializers.Serializer):
|
|||||||
modes = [name for name in ("page_urls", "page_uniques", "page") if name in attrs]
|
modes = [name for name in ("page_urls", "page_uniques", "page") if name in attrs]
|
||||||
|
|
||||||
if len(modes) != 1:
|
if len(modes) != 1:
|
||||||
raise serializers.ValidationError(
|
raise serializers.ValidationError("invalid request body")
|
||||||
"invalid request body"
|
|
||||||
)
|
|
||||||
|
|
||||||
if "page" in attrs and "sort" not in attrs:
|
if "page" in attrs and "sort" not in attrs:
|
||||||
raise serializers.ValidationError({"sort": "sort parameter is not provided"})
|
raise serializers.ValidationError({"sort": ["sort parameter is not provided"]})
|
||||||
|
|
||||||
if "page" not in attrs and "sort" in attrs:
|
if "page" not in attrs and "sort" in attrs:
|
||||||
raise serializers.ValidationError({"sort": "sort parameter is invalid"})
|
raise serializers.ValidationError({"sort": ["sort parameter is invalid"]})
|
||||||
|
|
||||||
|
if ("page_urls" in attrs or "page_uniques" in attrs) and "sort" in attrs:
|
||||||
|
raise serializers.ValidationError("invalid request body")
|
||||||
|
|
||||||
return attrs
|
return attrs
|
||||||
|
|
||||||
@@ -226,7 +227,6 @@ def _serialize_variant(request, product: ProductModel, variant: ProductVariant)
|
|||||||
"date_added": _variant_date_added(product, variant),
|
"date_added": _variant_date_added(product, variant),
|
||||||
"date_updated": _variant_date_updated(product, variant),
|
"date_updated": _variant_date_updated(product, variant),
|
||||||
"seller_name": product.shop.shop_name if product.shop else None,
|
"seller_name": product.shop.shop_name if product.shop else None,
|
||||||
"seller_city": _truncate_text(product.shop.city if product.shop else None, 200),
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if old_price is not None and old_price > current_price:
|
if old_price is not None and old_price > current_price:
|
||||||
@@ -253,11 +253,18 @@ def _validate_torob_token(request) -> None:
|
|||||||
key=TOROB_PUBLIC_KEY,
|
key=TOROB_PUBLIC_KEY,
|
||||||
algorithms=["EdDSA"],
|
algorithms=["EdDSA"],
|
||||||
audience=_get_hostname_from_request(request),
|
audience=_get_hostname_from_request(request),
|
||||||
|
options={"require": ["exp", "nbf", "aud"]},
|
||||||
)
|
)
|
||||||
logger.debug("Token validated successfully")
|
logger.debug("Token validated successfully")
|
||||||
|
except jwt.MissingRequiredClaimError as exc:
|
||||||
|
logger.warning(f"Missing required JWT claim: {exc}")
|
||||||
|
raise
|
||||||
except jwt.ExpiredSignatureError:
|
except jwt.ExpiredSignatureError:
|
||||||
logger.warning("Token has expired")
|
logger.warning("Token has expired")
|
||||||
raise
|
raise
|
||||||
|
except jwt.ImmatureSignatureError:
|
||||||
|
logger.warning("Token is not yet valid")
|
||||||
|
raise
|
||||||
except jwt.InvalidAudienceError:
|
except jwt.InvalidAudienceError:
|
||||||
logger.warning(f"Audience mismatch for request from {request.get_host()}")
|
logger.warning(f"Audience mismatch for request from {request.get_host()}")
|
||||||
raise
|
raise
|
||||||
@@ -284,15 +291,6 @@ class TorobProductSyncView(APIView):
|
|||||||
permission_classes = []
|
permission_classes = []
|
||||||
|
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
# Validate Content-Type header
|
|
||||||
content_type = request.META.get('CONTENT_TYPE', '').split(';')[0].strip()
|
|
||||||
if content_type != 'application/json':
|
|
||||||
logger.warning(f"Invalid Content-Type: {content_type}")
|
|
||||||
return Response(
|
|
||||||
{"error": "Content-Type must be application/json"},
|
|
||||||
status=status.HTTP_400_BAD_REQUEST
|
|
||||||
)
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
_validate_torob_token(request)
|
_validate_torob_token(request)
|
||||||
except TorobTokenError as exc:
|
except TorobTokenError as exc:
|
||||||
|
|||||||
Reference in New Issue
Block a user