payumoney.md

<form action="{{ action }}"  name="payuForm" method="post">    
    {% csrf_token %}        
    <input type="hidden" name="key" value="{{ key }}" />            
    <input type="hidden" name="hash" value="{{ hash }}"/>            
    <input type="hidden" name="txnid" value="{{ txnid }}" />
    <input type="hidden" name="amount" value="{{ amount }}" />
    <input type="hidden" name="email" value="{{ email }}" />
    <input type="hidden" name="firstname" value="{{ firstname }}" />
    <input type="hidden" name="phone" value="{{ phone }}" />
    <input type="hidden" name="productinfo" value="{{ productinfo }}"/>
    <input type="hidden" name="surl" value="{{ surl }}"/>
    <input type="hidden" name="furl" value="{{ furl }}" />
    <input type="hidden" name="service_provider" value="{{ service_provider }}" />

    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Amount : {{amount}}
        </div>
    </div>
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Purpose : {{productinfo}}
        </div>
    </div>
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Name : {{name}}
        </div>
    </div>
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Email : {{email}}
        </div>
    </div>            
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Mobile : {{phone}}
        </div>
    </div>
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            Transaction ID : {{txnid}}
        </div>
    </div>
    <div class="form-group">
        <div class="col-md-12 col-sm-12" style="padding-bottom:20px;padding-top:20px;">
            After clicking 'Pay Now' button, you will be redirected to PayUMoney Secure Gateway.
        </div>
    </div>
    
    <div class="form-group">
        <div class="col-md-12 col-sm-12">
            <input type="submit" class="btn btn-success btn-sm" value="Pay Now">
        </div>
    </div>
</form>

from django.shortcuts import render, redirect
from django.http import HttpResponse, HttpResponseRedirect
from django.contrib.auth.decorators import login_required
from django.core.urlresolvers import reverse
from django.contrib import messages
import logging, traceback
import students.constants as constants
import students.config as config
import hashlib
import requests
from random import randint
from django.views.decorators.csrf import csrf_exempt

def payment(request):   
    data = {}
    txnid = get_transaction_id()
    hash_ = generate_hash(request, txnid)
    hash_string = get_hash_string(request, txnid)
    # use constants file to store constant values.
    # use test URL for testing
    data["action"] = constants.PAYMENT_URL_LIVE 
    data["amount"] = float(constants.PAID_FEE_AMOUNT)
    data["productinfo"]  = constants.PAID_FEE_PRODUCT_INFO
    data["key"] = config.KEY
    data["txnid"] = txnid
    data["hash"] = hash_
    data["hash_string"] = hash_string
    data["firstname"] = request.session["student_user"]["name"]
    data["email"] = request.session["student_user"]["email"]
    data["phone"] = request.session["student_user"]["mobile"]
    data["service_provider"] = constants.SERVICE_PROVIDER
    data["furl"] = request.build_absolute_uri(reverse("students:payment_failure"))
    data["surl"] = request.build_absolute_uri(reverse("students:payment_success"))
    
    return render(request, "students/payment/payment_form.html", data)        
    
# generate the hash
def generate_hash(request, txnid):
    try:
        # get keys and SALT from dashboard once account is created.
        # hashSequence = "key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5|udf6|udf7|udf8|udf9|udf10"
        hash_string = get_hash_string(request,txnid)
        generated_hash = hashlib.sha512(hash_string.encode('utf-8')).hexdigest().lower()
        return generated_hash
    except Exception as e:
        # log the error here.
        logging.getLogger("error_logger").error(traceback.format_exc())
        return None

# create hash string using all the fields
def get_hash_string(request, txnid):
    hash_string = config.KEY+"|"+txnid+"|"+str(float(constants.PAID_FEE_AMOUNT))+"|"+constants.PAID_FEE_PRODUCT_INFO+"|"
    hash_string += request.session["student_user"]["name"]+"|"+request.session["student_user"]["email"]+"|"
    hash_string += "||||||||||"+config.SALT

    return hash_string

# generate a random transaction Id.
def get_transaction_id():
    hash_object = hashlib.sha256(str(randint(0,9999)).encode("utf-8"))
    # take approprite length
    txnid = hash_object.hexdigest().lower()[0:32]
    return txnid

# no csrf token require to go to Success page. 
# This page displays the success/confirmation message to user indicating the completion of transaction.
@csrf_exempt
def payment_success(request):
    data = {}
    return render(request, "students/payment/success.html", data)

# no csrf token require to go to Failure page. This page displays the message and reason of failure.
@csrf_exempt
def payment_failure(request):
    data = {}
    return render(request, "students/payment/failure.html", data)

PAID_FEE_AMOUNT = 1
PAID_FEE_PRODUCT_INFO = "Message showing product details."
PAYMENT_URL_TEST = 'https://test.payu.in/_payment'
PAYMENT_URL_LIVE = 'https://secure.payu.in/_payment'
SERVICE_PROVIDER = "payu_paisa"

from django.conf.urls import url
from students import views

app_name = "appname"
urlpatterns = [
    url(r'^payment/$', views.payment, name="payment"),
    url(r'^payment/success$', views.payment_success, name="payment_success"),
    url(r'^payment/failure$', views.payment_failure, name="payment_failure"),
]