I have developed a web application in Django that accepts payments (and recurring payments) in paypal. Application works OK, however users encourage me to consider other payment options.
Problem is that I tried some and either (a) did not find an API to work on, or (b) do not offer their services outside the US (e.g. stripe or BrainTree[*]).
So my question is, do you know of a payment method that would integrate with django as easy as django-paypal and work for companies outside the US?
Chris
[*] Although BT does not offer services outside the US, I have been given the option to contact them about that. I contacted them and I am waiting for their answer.
You may want to check out Ogone. I found a project that integrates this with Django here.
Related
I am working on a project to create an online medical booking system using Dialogflow as the frontend to provide users with a more personable experience.
So far I have come up with an ideal stack PIC. I plan to have it hosted on AWS (or GCP). However, I am new to Dialogflow but I know it is a very powerful platform. My two criteria are: (A) A stack that makes it easy to personalize frontend UI display and (B) Scalability, I am starting with a web app but would like to also develop an iOS app.
I have two questions: (1) Would you change anything in the stack? and (2) Is there a way to change the name of the bot each time user visits (to make it more "real")?
Super appreciative of you guys expert opinion :)
IMHO, I've found GCP to be easier to use than AWS, since Google handles SSL encryption with .app domains, while AWS requires a more manual solution. Google Cloud also offers a terminal window inside a Chrome tab, which can be a fun experience. So, for hosting, I recommend Google Cloud, unless AWS has a unique feature that applies to your personal circumstances.
Personally, I prefer Angular to React, but Angular, React, and VueJS are all fine choices for a front-end framework on a web app. Your choice of these probably depends on which framework you already know, or (if you plan to outsource development) which language you can use to hire better engineering talent.
For my own projects, I use Express and Node on the server side, instead of GraphQL and Prisma. Your call there.
Good luck!
I am a very new developer who can write basic HTML (yes I know it's English), and is looking for a solution to a problem that I basically invented.
I recently bought a product called Doorbird, a very cool and well engineered IP Doorbell. The reason I bought it, is because it has an App, and integrates with IP phones and support video, and has a few bells and whistles, if you're not familiar with this product, I highly recommend looking at it.
The "problem" is that it does not integrate with Google Home, or Amazon Echo. However, it does have an API that allows you to go to the URL, login and unlock the door. I was looking into creating my own action that would have the Google Home login to the Doorbell and go to the unlock URL.
My issue is, I have no experience with this, but I pick things up very quickly, and believe in myself!
I already looked at the api.ai site from Google, and have signed up. It looked simple, but upon further investigation looks very complicated.
If anyone would be able to point me in the right direction I would be greatly appreciative.
Thanks in advance,
-Jack G
You need them to publish their REST api so that you can call the 'action' to unlock directly vs. having to go to a login page. You would probably set up oauth to have your server talk to theirs or use web headers. Ask their tech support if they support direct REST api using a security model.
I am in the process of designing an application that users will be able to log on remotely and use - via a web interface.
Security is of paramount importance (think credit card and personal banking type information)- so I need to make sure that I get the security aspect nailed down - HARD.
I intend to provide the application functionality via traditional (stateful) web pages , as well as web services.
For what its worth, I am intending to use web2py as my web application framework.
Is there a list of guidelines I can follow to make sure that I have all areas covered?
One stop shopping: https://www.owasp.org/index.php/Main_Page
Read that and take every suggestion to heart.
you should consider at least the following:
authentication. getting users to log on in some manner. which authentication method they use depends on what you aim to provide
privacy. making sure the information they send is only visible to them and your application and not an eavesdropper.
in the simplest case SSL can take care of both of the above. it will always provide encryption but can also be used to authenticate or at least make some simple authentication mechanism more secure. one thing to look at is security of ssl. ssl is suceptible to a man in the middle attack particluarly when the users already have a trust relationship with, say, their employer - who can them proceed to install an ssl gateway which is effectively a mim.
authorisation. making sure users are only allowed to see what you want them to see and no more.
this really depends on technology you are using.
non reputidation. making sure the user cannot dispute the actions they perform
this is a very open ended question. legally this is seldom (never?) used so it depends... something like signed logs of user requested actions for example is probably enough.
Your biggest threat, by far, is writing server-side webapp code that introduces vulnerabilities in your web application layer. This is not something you can checklist. For a starter, make sure you are 100% comfortable with the items in the OWASP Top Ten and understand how to code safely against them. If you are not expert in web application vulnerabilities, strongly consider hiring someone who is to help review the web layer. At the least, i would consider contacting a security testing company to perform some form of penetration testing, preferably with a code review component.
If you ever do anything with credit card data, you will need to comply with the PCI DSS which will require at least quarterly remote-testing from an Approved Scanning Vendor.
I want to start work on a new web application, but I really don't want to re-invent the wheel. I want to make a simple web application that provides some basic functionality, and looks really good. Does anybody know of anything (even if it isn't free) where I could get something that has a good framework laid down already? Where I can have a login/sign up function already built in and ready for use? I have seen a few ecommerce sites that fit the build, but Id have to do a ton of clean-up. I was hoping to find something that was basic, and ready for adding to right away.
I would think that word press or drupal would have something, but I've been looking and haven't been able to find anything.
Thanks!
Try out Thin PHP Framework, it has OAuth built in allow you to login with popular services Google, Twitter, Facebook... or you can use its simple username, password login. Check out the demo here:
http://demo.thinphp.com
website:
http://thinphp.com
Choose your language, there are a lot of different, good frameworks, but you will do best with the language you already know. Wordpress, Drupal, Django, Plone, Joomla, Typo3 are great, and of course they have user authentication.
Looking good is something different, that's design and it is done in CSS. And every CMS or web framework usually has good default CSS templates as a starting point.
I was hoping to get some suggestions on some best approaches to develop a multi tenant Django project on Google AppEngine.
Some Thoughts to Consider.
I would assume using djnago.contrib.sites is a must.
I would like to use existing applications such as django-profiles and django-registration, I know their models would need porting.
Can multiple domains be pointed to the GAE App and the site be automatically chosen from the request headers?
IF not multiple domains, is there a way to say take a request say to www.example.com/tenantA/login and www.example.com/tenantB/login and push them to one view but with knowledge tennant without changing all the views, maybe using custom managers to hide the complexity from the views.
Generally hoping this will be a discussion of any approaches you have taken in the past or plan to take.
Looking forward to any Comments/Answers.
Regards
Mark
I can answer the App Engine questions for you, though I don't know the Django ones:
Yes, anyone can point a domain to your app using Google Apps, with the 'add services' option, entering your App ID when prompted. You can then check the 'Host' header to determine what site you want to use.
You can hide information per-tenant by using hooks to automatically insert the host in entities and queries: http://code.google.com/appengine/articles/hooks.html
Today Google released SDK 1.3.6, which includes multi-tenancy baked right into the solution.
http://googleappengine.blogspot.com/2010/08/multi-tenancy-support-high-performance_17.html