This is just about the Python back end and not the front end. Add in pre-auth handling to the purchasing and contribution, get_paykey methods so that if a pre-auth token exists for the user we use it. Let's log the use of the pre-auth and cope with when it goes wrong (eg: it's expired). Purchases will need to call the check_purchase which is currently in purchase_complete. We'll also need to check IPN's work as expected.