Using PayPal Standard with Encrypted Buttons¶
Note
At the time of writing M2Crypto is unavailable for Python 3, so this feature is only available on Python 2. See: https://gitlab.com/m2crypto/m2crypto/issues/114 for more information.
Use this method to encrypt your button so values in the form can’t be tampered with. Thanks to Jon Atkinson for the tutorial.
Encrypted buttons require the M2Crypto library:
pip install M2Crypto
Encrypted buttons require certificates. Create a private key:
openssl genrsa -out paypal_private.pem 1024
Create a public key:
openssl req -new -key paypal_private.pem -x509 -days 365 -out paypal_public.pem
Upload your public key to the paypal website (sandbox or live).
https://www.paypal.com/us/cgi-bin/webscr?cmd=_profile-website-cert
https://www.sandbox.paypal.com/us/cgi-bin/webscr?cmd=_profile-website-cert
Copy your
cert id
- you’ll need it in two steps. It’s on the screen where you uploaded your public key.Download PayPal’s public certificate - it’s also on that screen.
Edit your
settings.py
to include cert information:PAYPAL_PRIVATE_CERT = '/path/to/paypal_private.pem' PAYPAL_PUBLIC_CERT = '/path/to/paypal_public.pem' PAYPAL_CERT = '/path/to/paypal_cert.pem' PAYPAL_CERT_ID = 'get-from-paypal-website'
Swap out your unencrypted button for a
PayPalEncryptedPaymentsForm
:In views.py:
from paypal.standard.forms import PayPalEncryptedPaymentsForm def view_that_asks_for_money(request): ... # Create the instance. form = PayPalPaymentsForm(initial=paypal_dict) # Works just like before! form.render()
If you need to use multiple certificates, you can pass the arguments directly to the PayPalEncryptedPaymentsForm as below:
In views.py:
from paypal.standard.forms import PayPalEncryptedPaymentsForm def view_that_asks_for_money(request): ... # Paypal Certificate Information paypal_private_cert = '/path/to/another/paypal_private.pem' paypal_public_cert = '/path/to/another/paypal_public.pem' paypal_cert = '/path/to/another/paypal_cert.pem' paypal_cert_id = 'another-paypal-id' # Create the instance. form = PayPalPaymentsForm(initial=paypal_dict, private_cert=paypal_private_cert, public_cert=paypal_public_cert, paypal_cert=paypal_cert, cert_id=paypal_cert_id) ...