2019-09-05 11:03:22 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
# API Controller for handling payments process in the front-end
|
|
|
|
class API::PaymentsController < API::ApiController
|
|
|
|
before_action :authenticate_user!
|
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
##
|
|
|
|
# Client requests to confirm a card payment will ask this endpoint.
|
|
|
|
# It will check for the need of a strong customer authentication (SCA) to confirm the payment or confirm that the payment
|
|
|
|
# was successfully made. After the payment was made, the reservation/subscription will be created
|
|
|
|
##
|
2019-09-05 11:03:22 +02:00
|
|
|
def confirm_payment
|
2020-06-08 17:42:59 +02:00
|
|
|
render(json: { error: 'Online payment is disabled' }, status: :unauthorized) and return unless Setting.get('online_payment_module')
|
2019-09-11 17:08:00 +02:00
|
|
|
|
2020-05-11 10:56:23 +02:00
|
|
|
amount = nil # will contains the amount and the details of each invoice lines
|
|
|
|
intent = nil # stripe's payment intent
|
|
|
|
res = nil # json of the API answer
|
|
|
|
|
2019-09-05 11:03:22 +02:00
|
|
|
begin
|
2020-05-11 10:56:23 +02:00
|
|
|
amount = card_amount
|
2019-09-09 17:37:54 +02:00
|
|
|
if params[:payment_method_id].present?
|
2019-09-11 10:31:22 +02:00
|
|
|
check_coupon
|
2019-09-11 16:19:24 +02:00
|
|
|
check_plan
|
2019-09-11 10:31:22 +02:00
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
# Create the PaymentIntent
|
2019-09-05 11:03:22 +02:00
|
|
|
intent = Stripe::PaymentIntent.create(
|
2020-06-10 11:33:03 +02:00
|
|
|
{
|
|
|
|
payment_method: params[:payment_method_id],
|
|
|
|
amount: amount[:amount],
|
2020-06-10 16:37:11 +02:00
|
|
|
currency: Setting.get('stripe_currency'),
|
2020-06-10 11:33:03 +02:00
|
|
|
confirmation_method: 'manual',
|
|
|
|
confirm: true,
|
|
|
|
customer: current_user.stp_customer_id
|
|
|
|
}, { api_key: Setting.get('stripe_secret_key') }
|
2019-09-05 11:03:22 +02:00
|
|
|
)
|
2019-09-09 17:37:54 +02:00
|
|
|
elsif params[:payment_intent_id].present?
|
2020-06-10 11:33:03 +02:00
|
|
|
intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id], api_key: Setting.get('stripe_secret_key'))
|
2019-09-05 11:03:22 +02:00
|
|
|
end
|
|
|
|
rescue Stripe::CardError => e
|
|
|
|
# Display error on client
|
2019-09-11 10:31:22 +02:00
|
|
|
res = { status: 200, json: { error: e.message } }
|
2019-09-10 17:57:46 +02:00
|
|
|
rescue InvalidCouponError
|
2019-09-11 10:31:22 +02:00
|
|
|
res = { json: { coupon_code: 'wrong coupon code or expired' }, status: :unprocessable_entity }
|
2019-09-11 16:19:24 +02:00
|
|
|
rescue InvalidGroupError
|
|
|
|
res = { json: { plan_id: 'this plan is not compatible with your current group' }, status: :unprocessable_entity }
|
2019-09-10 17:57:46 +02:00
|
|
|
end
|
|
|
|
|
2019-09-11 10:31:22 +02:00
|
|
|
if intent&.status == 'succeeded'
|
2019-09-10 17:57:46 +02:00
|
|
|
if params[:cart_items][:reservation]
|
2020-05-11 10:56:23 +02:00
|
|
|
res = on_reservation_success(intent, amount[:details])
|
2019-09-10 17:57:46 +02:00
|
|
|
elsif params[:cart_items][:subscription]
|
2020-12-21 16:12:34 +01:00
|
|
|
res = on_subscription_success(intent, amount[:details])
|
2019-09-10 17:57:46 +02:00
|
|
|
end
|
2019-09-05 11:03:22 +02:00
|
|
|
end
|
|
|
|
|
2019-09-11 10:31:22 +02:00
|
|
|
render generate_payment_response(intent, res)
|
2019-09-10 11:46:14 +02:00
|
|
|
end
|
2019-09-09 17:37:54 +02:00
|
|
|
|
2020-06-10 16:37:11 +02:00
|
|
|
def online_payment_status
|
|
|
|
authorize :payment
|
|
|
|
|
|
|
|
key = Setting.get('stripe_secret_key')
|
2020-07-01 11:48:00 +02:00
|
|
|
render json: { status: false } and return unless key&.present?
|
2020-06-10 16:37:11 +02:00
|
|
|
|
|
|
|
charges = Stripe::Charge.list({ limit: 1 }, { api_key: key })
|
|
|
|
render json: { status: charges.data.length.positive? }
|
2020-07-01 11:48:00 +02:00
|
|
|
rescue Stripe::AuthenticationError
|
|
|
|
render json: { status: false }
|
2020-06-10 16:37:11 +02:00
|
|
|
end
|
|
|
|
|
2020-12-08 12:26:03 +01:00
|
|
|
def setup_intent
|
|
|
|
user = User.find(params[:user_id])
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
@intent = Stripe::SetupIntent.create({ customer: user.stp_customer_id }, { api_key: key })
|
2020-12-15 15:48:13 +01:00
|
|
|
render json: { id: @intent.id, client_secret: @intent.client_secret }
|
2020-12-08 12:26:03 +01:00
|
|
|
end
|
|
|
|
|
2020-12-08 17:30:33 +01:00
|
|
|
def confirm_payment_schedule
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
intent = Stripe::SetupIntent.retrieve(params[:setup_intent_id], api_key: key)
|
|
|
|
|
|
|
|
amount = card_amount
|
|
|
|
if intent&.status == 'succeeded'
|
|
|
|
if params[:cart_items][:reservation]
|
|
|
|
res = on_reservation_success(intent, amount[:details])
|
|
|
|
elsif params[:cart_items][:subscription]
|
2020-12-21 16:12:34 +01:00
|
|
|
res = on_subscription_success(intent, amount[:details])
|
2020-12-08 17:30:33 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
render generate_payment_response(intent, res)
|
2020-12-23 15:29:56 +01:00
|
|
|
rescue Stripe::InvalidRequestError => e
|
|
|
|
render json: e, status: :unprocessable_entity
|
2020-12-08 17:30:33 +01:00
|
|
|
end
|
|
|
|
|
2021-02-09 12:09:26 +01:00
|
|
|
def update_card
|
|
|
|
user = User.find(params[:user_id])
|
|
|
|
key = Setting.get('stripe_secret_key')
|
|
|
|
Stripe::Customer.update(user.stp_customer_id,
|
|
|
|
{ invoice_settings: { default_payment_method: params[:payment_method_id] } },
|
|
|
|
{ api_key: key })
|
|
|
|
render json: { updated: true }, status: :ok
|
|
|
|
rescue Stripe::StripeError => e
|
|
|
|
render json: { updated: false, error: e }, status: :unprocessable_entity
|
|
|
|
end
|
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
private
|
2019-09-09 18:04:31 +02:00
|
|
|
|
2020-05-06 12:43:47 +02:00
|
|
|
def on_reservation_success(intent, details)
|
2019-09-10 11:46:14 +02:00
|
|
|
@reservation = Reservation.new(reservation_params)
|
2021-01-04 16:26:44 +01:00
|
|
|
payment_method = params[:cart_items][:reservation][:payment_method] || 'stripe'
|
2020-12-09 16:47:51 +01:00
|
|
|
user_id = if current_user.admin? || current_user.manager?
|
|
|
|
params[:cart_items][:reservation][:user_id]
|
|
|
|
else
|
|
|
|
current_user.id
|
|
|
|
end
|
|
|
|
is_reserve = Reservations::Reserve.new(user_id, current_user.invoicing_profile.id)
|
2020-12-14 17:42:23 +01:00
|
|
|
.pay_and_save(@reservation,
|
|
|
|
payment_details: details,
|
2020-12-23 16:25:24 +01:00
|
|
|
intent_id: intent.id,
|
2020-12-16 18:33:43 +01:00
|
|
|
schedule: params[:cart_items][:reservation][:payment_schedule],
|
2021-01-04 16:26:44 +01:00
|
|
|
payment_method: payment_method)
|
2020-12-08 17:30:33 +01:00
|
|
|
if intent.class == Stripe::PaymentIntent
|
|
|
|
Stripe::PaymentIntent.update(
|
|
|
|
intent.id,
|
|
|
|
{ description: "Invoice reference: #{@reservation.invoice.reference}" },
|
|
|
|
{ api_key: Setting.get('stripe_secret_key') }
|
|
|
|
)
|
|
|
|
end
|
2019-09-09 17:37:54 +02:00
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
if is_reserve
|
|
|
|
SubscriptionExtensionAfterReservation.new(@reservation).extend_subscription_if_eligible
|
2019-09-05 16:17:02 +02:00
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
{ template: 'api/reservations/show', status: :created, location: @reservation }
|
|
|
|
else
|
|
|
|
{ json: @reservation.errors, status: :unprocessable_entity }
|
|
|
|
end
|
2019-09-10 17:57:46 +02:00
|
|
|
end
|
|
|
|
|
2020-12-21 16:12:34 +01:00
|
|
|
def on_subscription_success(intent, details)
|
2019-09-10 17:57:46 +02:00
|
|
|
@subscription = Subscription.new(subscription_params)
|
2020-12-09 16:47:51 +01:00
|
|
|
user_id = if current_user.admin? || current_user.manager?
|
|
|
|
params[:cart_items][:subscription][:user_id]
|
|
|
|
else
|
|
|
|
current_user.id
|
|
|
|
end
|
|
|
|
is_subscribe = Subscriptions::Subscribe.new(current_user.invoicing_profile.id, user_id)
|
2020-11-23 11:48:44 +01:00
|
|
|
.pay_and_save(@subscription,
|
2020-12-21 16:12:34 +01:00
|
|
|
payment_details: details,
|
2020-12-23 16:25:24 +01:00
|
|
|
intent_id: intent.id,
|
2020-12-09 16:47:51 +01:00
|
|
|
schedule: params[:cart_items][:subscription][:payment_schedule],
|
2020-11-23 11:48:44 +01:00
|
|
|
payment_method: 'stripe')
|
2020-12-08 17:30:33 +01:00
|
|
|
if intent.class == Stripe::PaymentIntent
|
|
|
|
Stripe::PaymentIntent.update(
|
|
|
|
intent.id,
|
|
|
|
{ description: "Invoice reference: #{@subscription.invoices.first.reference}" },
|
|
|
|
{ api_key: Setting.get('stripe_secret_key') }
|
|
|
|
)
|
|
|
|
end
|
2019-09-10 17:57:46 +02:00
|
|
|
|
|
|
|
if is_subscribe
|
|
|
|
{ template: 'api/subscriptions/show', status: :created, location: @subscription }
|
|
|
|
else
|
|
|
|
{ json: @subscription.errors, status: :unprocessable_entity }
|
|
|
|
end
|
2019-09-10 11:46:14 +02:00
|
|
|
end
|
2019-09-05 16:17:02 +02:00
|
|
|
|
2019-09-11 10:31:22 +02:00
|
|
|
def generate_payment_response(intent, res = nil)
|
|
|
|
return res unless res.nil?
|
|
|
|
|
2019-09-05 16:17:02 +02:00
|
|
|
if intent.status == 'requires_action' && intent.next_action.type == 'use_stripe_sdk'
|
|
|
|
# Tell the client to handle the action
|
|
|
|
{
|
|
|
|
status: 200,
|
|
|
|
json: {
|
|
|
|
requires_action: true,
|
|
|
|
payment_intent_client_secret: intent.client_secret
|
|
|
|
}
|
|
|
|
}
|
|
|
|
elsif intent.status == 'succeeded'
|
2019-09-09 18:04:31 +02:00
|
|
|
# The payment didn't need any additional actions and is completed!
|
2019-09-05 16:17:02 +02:00
|
|
|
# Handle post-payment fulfillment
|
|
|
|
{ status: 200, json: { success: true } }
|
|
|
|
else
|
|
|
|
# Invalid status
|
|
|
|
{ status: 500, json: { error: 'Invalid PaymentIntent status' } }
|
|
|
|
end
|
2019-09-05 11:03:22 +02:00
|
|
|
end
|
2019-09-09 17:37:54 +02:00
|
|
|
|
2019-09-10 11:46:14 +02:00
|
|
|
def get_wallet_debit(user, total_amount)
|
|
|
|
wallet_amount = (user.wallet.amount * 100).to_i
|
|
|
|
wallet_amount >= total_amount ? total_amount : wallet_amount
|
|
|
|
end
|
|
|
|
|
2019-09-11 10:31:22 +02:00
|
|
|
def card_amount
|
|
|
|
if params[:cart_items][:reservation]
|
|
|
|
reservable = cart_items_params[:reservable_type].constantize.find(cart_items_params[:reservable_id])
|
2019-09-11 11:51:04 +02:00
|
|
|
plan_id = cart_items_params[:plan_id]
|
2019-09-11 10:31:22 +02:00
|
|
|
slots = cart_items_params[:slots_attributes] || []
|
|
|
|
nb_places = cart_items_params[:nb_reserve_places]
|
|
|
|
tickets = cart_items_params[:tickets_attributes]
|
2020-12-28 18:30:03 +01:00
|
|
|
user_id = if current_user.admin? || current_user.manager?
|
|
|
|
params[:cart_items][:reservation][:user_id]
|
|
|
|
else
|
|
|
|
current_user.id
|
|
|
|
end
|
2019-09-11 10:31:22 +02:00
|
|
|
else
|
|
|
|
raise NotImplementedError unless params[:cart_items][:subscription]
|
|
|
|
|
|
|
|
reservable = nil
|
2019-09-11 11:51:04 +02:00
|
|
|
plan_id = subscription_params[:plan_id]
|
2019-09-11 10:31:22 +02:00
|
|
|
slots = []
|
|
|
|
nb_places = nil
|
|
|
|
tickets = nil
|
2020-12-28 18:30:03 +01:00
|
|
|
user_id = if current_user.admin? || current_user.manager?
|
|
|
|
params[:cart_items][:subscription][:user_id]
|
|
|
|
else
|
|
|
|
current_user.id
|
|
|
|
end
|
2019-09-11 10:31:22 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
price_details = Price.compute(false,
|
2020-12-28 18:30:03 +01:00
|
|
|
User.find(user_id),
|
2019-09-11 10:31:22 +02:00
|
|
|
reservable,
|
|
|
|
slots,
|
2020-11-03 16:50:11 +01:00
|
|
|
plan_id: plan_id,
|
|
|
|
nb_places: nb_places,
|
|
|
|
tickets: tickets,
|
|
|
|
coupon_code: coupon_params[:coupon_code])
|
2019-09-11 10:31:22 +02:00
|
|
|
|
|
|
|
# Subtract wallet amount from total
|
|
|
|
total = price_details[:total]
|
|
|
|
wallet_debit = get_wallet_debit(current_user, total)
|
2020-05-11 10:56:23 +02:00
|
|
|
{ amount: total - wallet_debit, details: price_details }
|
2019-09-11 10:31:22 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def check_coupon
|
|
|
|
return if coupon_params[:coupon_code].nil?
|
|
|
|
|
|
|
|
coupon = Coupon.find_by(code: coupon_params[:coupon_code])
|
|
|
|
raise InvalidCouponError if coupon.nil? || coupon.status(current_user.id) != 'active'
|
|
|
|
end
|
|
|
|
|
2019-09-11 16:19:24 +02:00
|
|
|
def check_plan
|
|
|
|
plan_id = if params[:cart_items][:subscription]
|
|
|
|
subscription_params[:plan_id]
|
|
|
|
elsif params[:cart_items][:reservation]
|
|
|
|
reservation_params[:plan_id]
|
|
|
|
end
|
|
|
|
|
|
|
|
return unless plan_id
|
|
|
|
|
|
|
|
plan = Plan.find(plan_id)
|
|
|
|
raise InvalidGroupError if plan.group_id != current_user.group_id
|
|
|
|
end
|
|
|
|
|
2019-09-09 17:37:54 +02:00
|
|
|
def reservation_params
|
|
|
|
params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :nb_reserve_places,
|
2019-09-09 18:04:31 +02:00
|
|
|
tickets_attributes: %i[event_price_category_id booked],
|
|
|
|
slots_attributes: %i[id start_at end_at availability_id offered])
|
2019-09-09 17:37:54 +02:00
|
|
|
end
|
2019-09-09 18:04:31 +02:00
|
|
|
|
2019-09-10 17:57:46 +02:00
|
|
|
def subscription_params
|
|
|
|
params[:cart_items].require(:subscription).permit(:plan_id)
|
|
|
|
end
|
|
|
|
|
2019-09-09 17:37:54 +02:00
|
|
|
def cart_items_params
|
|
|
|
params[:cart_items].require(:reservation).permit(:reservable_id, :reservable_type, :plan_id, :user_id, :nb_reserve_places,
|
2019-09-09 18:04:31 +02:00
|
|
|
tickets_attributes: %i[event_price_category_id booked],
|
|
|
|
slots_attributes: %i[id start_at end_at availability_id offered])
|
2019-09-09 17:37:54 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def coupon_params
|
|
|
|
params.require(:cart_items).permit(:coupon_code)
|
|
|
|
end
|
2019-09-09 18:04:31 +02:00
|
|
|
end
|