2 files changed, 29 insertions, 1 deletions

diff --git a/alphabetlearning/payments/urls.py b/alphabetlearning/payments/urls.py
index 52e2451..b782bdc 100644
--- a/alphabetlearning/payments/urls.py
+++ b/alphabetlearning/payments/urls.py
@@ -18,5 +18,5 @@ urlpatterns = [
     ),
     path("add-to-card/<int:resource_id>", views.add_to_cart, name="add_to_cart"),
     path("landing/", views.ProductLandingPageView.as_view(), name="landing"),
-    # path("webhook/", views.webhook, name="webhook"),
+    path("webhooks/stripe/", views.stripe_webhook, name="stripe-webhook"),
 ]
diff --git a/alphabetlearning/payments/views.py b/alphabetlearning/payments/views.py
index 80d6aa2..dfbf8f1 100644
--- a/alphabetlearning/payments/views.py
+++ b/alphabetlearning/payments/views.py
@@ -1,4 +1,5 @@
 import stripe
+from django.http import HttpResponse
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.shortcuts import get_object_or_404
@@ -6,6 +7,7 @@ from django.shortcuts import redirect
 from django.shortcuts import render
 from django.views import View
 from django.views.generic import TemplateView
+from django.views.decorators.csrf import csrf_exempt
 
 from alphabetlearning.resources.models import Resource
 from alphabetlearning.users.models import User
@@ -18,6 +20,7 @@ from .models import ShoppingCart
 # TODO get the cart integrated with Stripe
 # Steps to convert our Cart into something that can be used with Stripe:
 #
+#    - Sort out the webhook
 #    - Associate each of our resources with a Product item
 #        - this should be done in the create resource page
 #        - or we can do it manually for the time being
@@ -107,3 +110,28 @@ def checkout(request):
         return render(request, "cart/checkout_success.html")
 
     return render(request, "cart/checkout.html", {"cart": cart, "total": total})
+
+
+@csrf_exempt
+def stripe_webhook(request):
+    payload = request.body
+    sig_header = request.META["HTTP_STRIPE_SIGNATURE"]
+    event = None
+
+    # verify that the request came from STRIPE
+    try:
+        event = stripe.Webhook.construct_event(payload, sig_header, settings.STRIPE_WEBHOOK_SECRET)
+    except ValueError as e:
+        return HttpResponse(status=400)
+    except stripe.error.SignatureVerificationError as e:
+        return HttpResponse(status=400)
+
+    if event["type"] == "checkout.session.completed":
+        session = event["data"]["object"]
+        customer_email = session["customer_details"]["email"]
+        payment_intent = session["payment_intent"]
+
+        # TODO send an email to the customer
+        print("Here we send an email to the customer")
+
+    return HttpResponse(status=200)