diff --git a/postmark/views.py b/postmark/views.py index 2a0eabc..ef62fd1 100755 --- a/postmark/views.py +++ b/postmark/views.py @@ -1,6 +1,7 @@ from django.http import HttpResponse, HttpResponseNotAllowed, HttpResponseBadRequest, HttpResponseForbidden from django.core.exceptions import ImproperlyConfigured from django.views.decorators.csrf import csrf_exempt +from django.views.decorators.http import require_POST from django.shortcuts import get_object_or_404 from django.conf import settings from datetime import datetime @@ -28,6 +29,7 @@ (POSTMARK_API_PASSWORD is not None and POSTMARK_API_USER is None)): raise ImproperlyConfigured("POSTMARK_API_USER and POSTMARK_API_PASSWORD must both either be set, or unset.") +@require_POST @csrf_exempt def bounce(request): """ @@ -51,45 +53,42 @@ def bounce(request): "Subject": null } """ - if request.method in ["POST"]: - if POSTMARK_API_USER is not None: - if not request.META.has_key("HTTP_AUTHORIZATION"): - return HttpResponseForbidden() - - type, base64encoded = request.META["HTTP_AUTHORIZATION"].split(" ", 1) - print type, base64encoded + if POSTMARK_API_USER is not None: + if not request.META.has_key("HTTP_AUTHORIZATION"): + return HttpResponseForbidden() - if type.lower() == "basic": - username_password = base64.decodestring(base64encoded) - print username_password - else: - return HttpResponseForbidden() - - if not username_password == "%s:%s" % (POSTMARK_API_USER, POSTMARK_API_PASSWORD): - print "lol" - return HttpResponseForbidden() + type, base64encoded = request.META["HTTP_AUTHORIZATION"].split(" ", 1) + print type, base64encoded - bounce_dict = json.loads(request.read()) + if type.lower() == "basic": + username_password = base64.decodestring(base64encoded) + print username_password + else: + return HttpResponseForbidden() - timestamp, tz = bounce_dict["BouncedAt"].rsplit("+", 1) - tz_offset = int(tz.split(":", 1)[0]) - tz = timezone("Etc/GMT%s%d" % ("+" if tz_offset >= 0 else "-", tz_offset)) - bounced_at = tz.localize(datetime.strptime(timestamp[:26], POSTMARK_DATETIME_STRING)).astimezone(pytz.utc) - - em = get_object_or_404(EmailMessage, message_id=bounce_dict["MessageID"], to=bounce_dict["Email"]) - eb, created = EmailBounce.objects.get_or_create( - id=bounce_dict["ID"], - default={ - "message": em, - "type": bounce_dict["Type"], - "description": bounce_dict["Description"], - "details": bounce_dict["Details"], - "inactive": bounce_dict["Inactive"], - "can_activate": bounce_dict["CanActivate"], - "bounced_at": bounced_at, - } - ) + if not username_password == "%s:%s" % (POSTMARK_API_USER, POSTMARK_API_PASSWORD): + print "lol" + return HttpResponseForbidden() + + bounce_dict = json.loads(request.read()) + + timestamp, tz = bounce_dict["BouncedAt"].rsplit("+", 1) + tz_offset = int(tz.split(":", 1)[0]) + tz = timezone("Etc/GMT%s%d" % ("+" if tz_offset >= 0 else "-", tz_offset)) + bounced_at = tz.localize(datetime.strptime(timestamp[:26], POSTMARK_DATETIME_STRING)).astimezone(pytz.utc) - return HttpResponse(json.dumps({"status": "ok"})) - else: - return HttpResponseNotAllowed(['POST']) + em = get_object_or_404(EmailMessage, message_id=bounce_dict["MessageID"], to=bounce_dict["Email"]) + eb, created = EmailBounce.objects.get_or_create( + id=bounce_dict["ID"], + default={ + "message": em, + "type": bounce_dict["Type"], + "description": bounce_dict["Description"], + "details": bounce_dict["Details"], + "inactive": bounce_dict["Inactive"], + "can_activate": bounce_dict["CanActivate"], + "bounced_at": bounced_at, + } + ) + + return HttpResponse(json.dumps({"status": "ok"}))