From c0c490517af483f5d637260e6bb86f9381a15ad3 Mon Sep 17 00:00:00 2001
From: Son <nguyenkims@users.noreply.github.com>
Date: Fri, 26 Nov 2021 18:34:04 +0100
Subject: [PATCH] Create /paddle_coupon to handle coupon purchase

---
 server.py | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/server.py b/server.py
index 095128c9..690bccb9 100644
--- a/server.py
+++ b/server.py
@@ -70,6 +70,7 @@ from app.config import (
     COINBASE_WEBHOOK_SECRET,
     ROOT_DIR,
     PAGE_LIMIT,
+    PADDLE_COUPON_ID,
 )
 from app.dashboard.base import dashboard_bp
 from app.db import Session
@@ -110,6 +111,7 @@ from app.models import (
 from app.monitor.base import monitor_bp
 from app.oauth.base import oauth_bp
 from app.pgp_utils import load_public_key
+from app.utils import random_string
 
 if SENTRY_DSN:
     LOG.d("enable sentry")
@@ -795,6 +797,34 @@ def setup_paddle_callback(app: Flask):
                 return "No such subscription", 400
         return "OK"
 
+    @app.route("/paddle_coupon", methods=["GET", "POST"])
+    def paddle_coupon():
+        LOG.d(f"paddle coupon callback %s", request.form)
+
+        if not paddle_utils.verify_incoming_request(dict(request.form)):
+            LOG.e("request not coming from paddle. Request data:%s", dict(request.form))
+            return "KO", 400
+
+        product_id = request.form.get("p_product_id")
+        if product_id != PADDLE_COUPON_ID:
+            LOG.e("product_id %s not match with %s", product_id, PADDLE_COUPON_ID)
+            return "KO", 400
+
+        email = request.form.get("email")
+        LOG.d("Paddle coupon request for %s", email)
+
+        coupon = Coupon.create(
+            code=random_string(30),
+            comment="For 1-year coupon",
+            expires_date=arrow.now().shift(years=1, days=-1),
+            commit=True,
+        )
+
+        return (
+            f"Your 1-year coupon is <b>{coupon.code}</b> <br> "
+            f"It's valid until <b>{coupon.expires_date.date().isoformat()}</b>"
+        )
+
 
 def setup_coinbase_commerce(app):
     @app.route("/coinbase", methods=["POST"])