2021-04-09 17:17:58 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2021-04-12 10:45:41 +02:00
|
|
|
# API Controller for handling the payments process in the front-end, using the Stripe gateway
|
2021-04-09 17:17:58 +02:00
|
|
|
class API::StripeController < API::PaymentsController
|
2021-04-14 12:18:37 +02:00
|
|
|
require 'stripe/helper'
|
2021-05-26 14:00:51 +02:00
|
|
|
require 'stripe/service'
|
2021-04-09 17:17:58 +02:00
|
|
|
|
2021-06-09 16:42:06 +02:00
|
|
|
before_action :check_keys, except: :online_payment_status
|
2021-06-04 18:26:20 +02:00
|
|
|
|
2021-04-09 17:17:58 +02:00
|
|
|
##
|
|
|
|
# Client requests to confirm a card payment will ask this endpoint.
|
|
|
|
# It will check for the need of a strong customer authentication (SCA) to confirm the payment or confirm that the payment
|
|
|
|
# was successfully made. After the payment was made, the reservation/subscription will be created
|
|
|
|
##
|
|
|
|
def confirm_payment
|
2021-04-14 12:18:37 +02:00
|
|
|
render(json: { error: 'Bad gateway or online payment is disabled' }, status: :bad_gateway) and return unless Stripe::Helper.enabled?
|
2021-04-09 17:17:58 +02:00
|
|
|
|
|
|
|
intent = nil # stripe's payment intent
|
|
|
|
res = nil # json of the API answer
|
|
|
|
|
2021-05-19 18:12:52 +02:00
|
|
|
cart = shopping_cart
|
2021-04-09 17:17:58 +02:00
|
|
|
begin
|
2021-05-21 18:25:18 +02:00
|
|
|
amount = debit_amount(cart) # will contains the amount and the details of each invoice lines
|
2021-04-09 17:17:58 +02:00
|
|
|
if params[:payment_method_id].present?
|
|
|
|
# Create the PaymentIntent
|
|
|
|
intent = Stripe::PaymentIntent.create(
|
|
|
|
{
|
|
|
|
payment_method: params[:payment_method_id],
|
2021-05-28 17:34:20 +02:00
|
|
|
amount: Stripe::Service.new.stripe_amount(amount[:amount]),
|
2021-04-09 17:17:58 +02:00
|
|
|
currency: Setting.get('stripe_currency'),
|
|
|
|
confirmation_method: 'manual',
|
|
|
|
confirm: true,
|
2021-04-23 17:54:59 +02:00
|
|
|
customer: current_user.payment_gateway_object.gateway_object_id
|
2021-04-09 17:17:58 +02:00
|
|
|
}, { api_key: Setting.get('stripe_secret_key') }
|
|
|
|
)
|
|
|
|
elsif params[:payment_intent_id].present?
|
|
|
|
intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id], api_key: Setting.get('stripe_secret_key'))
|
|
|
|
end
|
|
|
|
rescue Stripe::CardError => e
|
|
|
|
# Display error on client
|
|
|
|
res = { status: 200, json: { error: e.message } }
|
|
|
|
rescue InvalidCouponError
|
|
|
|
res = { json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity }
|
|
|
|
rescue InvalidGroupError
|
|
|
|
res = { json: { plan_id: 'this plan is not compatible with your current group' }, status: :unprocessable_entity }
|
|
|
|
end
|
|
|
|
|
2021-05-28 17:34:20 +02:00
|
|
|
res = on_payment_success(intent, cart) if intent&.status == 'succeeded'
|
2021-04-09 17:17:58 +02:00
|
|
|
|
|
|
|
render generate_payment_response(intent, res)
|
|
|
|
end
|
|
|
|
|
|
|
|
def online_payment_status
|
|
|
|
authorize :payment
|
|
|
|
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
render json: { status: false } and return unless key&.present?
|
|
|
|
|
|
|
|
charges = Stripe::Charge.list({ limit: 1 }, { api_key: key })
|
|
|
|
render json: { status: charges.data.length.positive? }
|
|
|
|
rescue Stripe::AuthenticationError
|
|
|
|
render json: { status: false }
|
|
|
|
end
|
|
|
|
|
|
|
|
def setup_intent
|
|
|
|
user = User.find(params[:user_id])
|
|
|
|
key = Setting.get('stripe_secret_key')
|
2021-04-23 17:54:59 +02:00
|
|
|
@intent = Stripe::SetupIntent.create({ customer: user.payment_gateway_object.gateway_object_id }, { api_key: key })
|
2021-04-09 17:17:58 +02:00
|
|
|
render json: { id: @intent.id, client_secret: @intent.client_secret }
|
|
|
|
end
|
|
|
|
|
|
|
|
def confirm_payment_schedule
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
intent = Stripe::SetupIntent.retrieve(params[:setup_intent_id], api_key: key)
|
|
|
|
|
2021-05-19 18:12:52 +02:00
|
|
|
cart = shopping_cart
|
2021-04-09 17:17:58 +02:00
|
|
|
if intent&.status == 'succeeded'
|
2021-05-28 17:34:20 +02:00
|
|
|
res = on_payment_success(intent, cart)
|
|
|
|
render generate_payment_response(intent, res)
|
2021-04-09 17:17:58 +02:00
|
|
|
end
|
|
|
|
rescue Stripe::InvalidRequestError => e
|
|
|
|
render json: e, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
|
|
|
|
def update_card
|
|
|
|
user = User.find(params[:user_id])
|
|
|
|
key = Setting.get('stripe_secret_key')
|
2021-04-23 17:54:59 +02:00
|
|
|
Stripe::Customer.update(user.payment_gateway_object.gateway_object_id,
|
2021-04-09 17:17:58 +02:00
|
|
|
{ invoice_settings: { default_payment_method: params[:payment_method_id] } },
|
|
|
|
{ api_key: key })
|
2021-06-04 18:26:20 +02:00
|
|
|
if params[:payment_schedule_id]
|
|
|
|
schedule = PaymentSchedule.find(params[:payment_schedule_id])
|
|
|
|
subscription = schedule.gateway_subscription.retrieve
|
|
|
|
Stripe::Subscription.update(subscription.id, { default_payment_method: params[:payment_method_id] }, { api_key: key })
|
|
|
|
end
|
2021-04-09 17:17:58 +02:00
|
|
|
render json: { updated: true }, status: :ok
|
|
|
|
rescue Stripe::StripeError => e
|
|
|
|
render json: { updated: false, error: e }, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2021-05-28 17:34:20 +02:00
|
|
|
def post_save(intent_id, intent_type, payment_document)
|
2021-04-26 17:42:03 +02:00
|
|
|
return unless intent_type == 'Stripe::PaymentIntent'
|
2021-04-09 17:17:58 +02:00
|
|
|
|
2021-04-26 17:42:03 +02:00
|
|
|
Stripe::PaymentIntent.update(
|
|
|
|
intent_id,
|
2021-05-28 17:34:20 +02:00
|
|
|
{ description: "#{payment_document.class.name} reference: #{payment_document.reference}" },
|
2021-04-26 17:42:03 +02:00
|
|
|
{ api_key: Setting.get('stripe_secret_key') }
|
|
|
|
)
|
2021-04-09 17:17:58 +02:00
|
|
|
end
|
|
|
|
|
2021-05-28 17:34:20 +02:00
|
|
|
def on_payment_success(intent, cart)
|
2021-05-21 18:25:18 +02:00
|
|
|
super(intent.id, intent.class.name, cart)
|
2021-04-09 17:17:58 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def generate_payment_response(intent, res = nil)
|
|
|
|
return res unless res.nil?
|
|
|
|
|
|
|
|
if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'
|
|
|
|
# Tell the client to handle the action
|
|
|
|
{
|
|
|
|
status: 200,
|
|
|
|
json: {
|
|
|
|
requires_action: true,
|
|
|
|
payment_intent_client_secret: intent.client_secret
|
|
|
|
}
|
|
|
|
}
|
|
|
|
elsif intent.status == 'succeeded'
|
|
|
|
# The payment didn't need any additional actions and is completed!
|
|
|
|
# Handle post-payment fulfillment
|
|
|
|
{ status: 200, json: { success: true } }
|
|
|
|
else
|
|
|
|
# Invalid status
|
|
|
|
{ status: 500, json: { error: 'Invalid PaymentIntent status' } }
|
|
|
|
end
|
|
|
|
end
|
2021-06-04 18:26:20 +02:00
|
|
|
|
|
|
|
def check_keys
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
raise Stripe::StripeError, 'Using live keys in development mode' if key&.match(/^sk_live_/) && Rails.env.development?
|
|
|
|
end
|
2021-04-09 17:17:58 +02:00
|
|
|
end
|