X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/468c2e650c854ffa691afc73aa1f41ce61283cdb..0a02421dd593f0466226b9defc33337cdbf672ef:/src/paypal/views.py?ds=sidebyside diff --git a/src/paypal/views.py b/src/paypal/views.py index a4c04ce08..81c198559 100644 --- a/src/paypal/views.py +++ b/src/paypal/views.py @@ -6,7 +6,7 @@ from decimal import Decimal from django.contrib.auth.decorators import login_required from django.http import Http404 -from django.http.response import HttpResponseRedirect +from django.http.response import HttpResponseRedirect, HttpResponseForbidden from django.shortcuts import render from paypal.forms import PaypalSubscriptionForm @@ -14,9 +14,10 @@ from paypal.rest import execute_agreement, check_agreement, agreement_approval_u from paypal.models import BillingAgreement as BillingAgreementModel, BillingPlan -@login_required def paypal_form(request): if request.POST: + if not request.user.is_authenticated(): + return HttpResponseForbidden() form = PaypalSubscriptionForm(data=request.POST) if form.is_valid(): amount = form.cleaned_data['amount']