Make protocoin transactions atomic to fix race conditions

apiserver/apiserver/api/views.py

@@ -1047,6 +1047,8 @@ class InterestViewSet(Base, Retrieve, Create):
 class ProtocoinViewSet(Base):
     @action(detail=False, methods=['post'], permission_classes=[AllowMetadata | IsAuthenticated])
     def send_to_member(self, request):
+        try:
+            with transaction.atomic():
                 source_user = self.request.user
                 source_member = source_user.member
 
@@ -1126,6 +1128,8 @@ class ProtocoinViewSet(Base):
                 utils.log_transaction(tx)
 
                 return Response(200)
+        except OperationalError:
+            self.send_to_member(request)
 
     @action(detail=True, methods=['get'])
     def card_vend_balance(self, request, pk=None):
@@ -1147,6 +1151,8 @@ class ProtocoinViewSet(Base):
 
     @action(detail=True, methods=['post'])
     def card_vend_request(self, request, pk=None):
+        try:
+            with transaction.atomic():
                 auth_token = request.META.get('HTTP_AUTHORIZATION', '')
                 if secrets.VEND_API_TOKEN and auth_token != 'Bearer ' + secrets.VEND_API_TOKEN:
                     raise exceptions.PermissionDenied()
@@ -1206,6 +1212,8 @@ class ProtocoinViewSet(Base):
                 utils.log_transaction(tx)
 
                 return Response(200)
+        except OperationalError:
+            self.card_vend_request(request, pk)
 
 
 class RegistrationView(RegisterView):