mirror of
https://github.com/LaCasemate/fab-manager.git
synced 2025-01-17 06:52:27 +01:00
read stripe_api_key from db
This commit is contained in:
parent
88208627c9
commit
82d6677cff
@ -24,15 +24,17 @@ class API::PaymentsController < API::ApiController
|
|||||||
|
|
||||||
# Create the PaymentIntent
|
# Create the PaymentIntent
|
||||||
intent = Stripe::PaymentIntent.create(
|
intent = Stripe::PaymentIntent.create(
|
||||||
payment_method: params[:payment_method_id],
|
{
|
||||||
amount: amount[:amount],
|
payment_method: params[:payment_method_id],
|
||||||
currency: Rails.application.secrets.stripe_currency,
|
amount: amount[:amount],
|
||||||
confirmation_method: 'manual',
|
currency: Rails.application.secrets.stripe_currency,
|
||||||
confirm: true,
|
confirmation_method: 'manual',
|
||||||
customer: current_user.stp_customer_id
|
confirm: true,
|
||||||
|
customer: current_user.stp_customer_id
|
||||||
|
}, { api_key: Setting.get('stripe_secret_key') }
|
||||||
)
|
)
|
||||||
elsif params[:payment_intent_id].present?
|
elsif params[:payment_intent_id].present?
|
||||||
intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id])
|
intent = Stripe::PaymentIntent.confirm(params[:payment_intent_id], api_key: Setting.get('stripe_secret_key'))
|
||||||
end
|
end
|
||||||
rescue Stripe::CardError => e
|
rescue Stripe::CardError => e
|
||||||
# Display error on client
|
# Display error on client
|
||||||
@ -62,7 +64,8 @@ class API::PaymentsController < API::ApiController
|
|||||||
.pay_and_save(@reservation, payment_details: details, payment_intent_id: intent.id)
|
.pay_and_save(@reservation, payment_details: details, payment_intent_id: intent.id)
|
||||||
Stripe::PaymentIntent.update(
|
Stripe::PaymentIntent.update(
|
||||||
intent.id,
|
intent.id,
|
||||||
description: "Invoice reference: #{@reservation.invoice.reference}"
|
{ description: "Invoice reference: #{@reservation.invoice.reference}" },
|
||||||
|
{ api_key: Setting.get('stripe_secret_key') }
|
||||||
)
|
)
|
||||||
|
|
||||||
if is_reserve
|
if is_reserve
|
||||||
@ -81,7 +84,8 @@ class API::PaymentsController < API::ApiController
|
|||||||
|
|
||||||
Stripe::PaymentIntent.update(
|
Stripe::PaymentIntent.update(
|
||||||
intent.id,
|
intent.id,
|
||||||
description: "Invoice reference: #{@subscription.invoices.first.reference}"
|
{ description: "Invoice reference: #{@subscription.invoices.first.reference}" },
|
||||||
|
{ api_key: Setting.get('stripe_secret_key') }
|
||||||
)
|
)
|
||||||
|
|
||||||
if is_subscribe
|
if is_subscribe
|
||||||
|
@ -112,7 +112,10 @@ class Reservation < ApplicationRecord
|
|||||||
end
|
end
|
||||||
|
|
||||||
def clean_pending_strip_invoice_items
|
def clean_pending_strip_invoice_items
|
||||||
pending_invoice_items = Stripe::InvoiceItem.list(customer: user.stp_customer_id, limit: 100).data.select { |ii| ii.invoice.nil? }
|
pending_invoice_items = Stripe::InvoiceItem.list(
|
||||||
|
{ customer: user.stp_customer_id, limit: 100 },
|
||||||
|
{ api_key: Setting.get('stripe_secret_key') }
|
||||||
|
).data.select { |ii| ii.invoice.nil? }
|
||||||
pending_invoice_items.each(&:delete)
|
pending_invoice_items.each(&:delete)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -178,7 +178,7 @@ class User < ApplicationRecord
|
|||||||
end
|
end
|
||||||
|
|
||||||
def stripe_customer
|
def stripe_customer
|
||||||
Stripe::Customer.retrieve stp_customer_id
|
Stripe::Customer.retrieve(stp_customer_id, api_key: Setting.get('stripe_secret_key'))
|
||||||
end
|
end
|
||||||
|
|
||||||
def active_for_authentication?
|
def active_for_authentication?
|
||||||
|
@ -1,15 +1,15 @@
|
|||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
# validates the given card token through the Stripe API
|
||||||
class StripeCardTokenValidator
|
class StripeCardTokenValidator
|
||||||
def validate(record)
|
def validate(record)
|
||||||
if options[:token]
|
return unless options[:token]
|
||||||
begin
|
|
||||||
res = Stripe::Token.retrieve(options[:token])
|
res = Stripe::Token.retrieve(options[:token], api_key: Setting.get('stripe_secret_key'))
|
||||||
if res[:id] != options[:token]
|
if res[:id] != options[:token]
|
||||||
record.errors[:card_token] << "A problem occurred while retrieving the card with the specified token: #{res.id}"
|
record.errors[:card_token] << "A problem occurred while retrieving the card with the specified token: #{res.id}"
|
||||||
end
|
|
||||||
rescue Stripe::InvalidRequestError => e
|
|
||||||
record.errors[:card_token] << e
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
rescue Stripe::InvalidRequestError => e
|
||||||
|
record.errors[:card_token] << e
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -12,8 +12,11 @@ class StripeWorker
|
|||||||
def create_stripe_customer(user_id)
|
def create_stripe_customer(user_id)
|
||||||
user = User.find(user_id)
|
user = User.find(user_id)
|
||||||
customer = Stripe::Customer.create(
|
customer = Stripe::Customer.create(
|
||||||
description: user.profile.full_name,
|
{
|
||||||
email: user.email
|
description: user.profile.full_name,
|
||||||
|
email: user.email
|
||||||
|
},
|
||||||
|
{ api_key: Setting.get('stripe_secret_key') }
|
||||||
)
|
)
|
||||||
user.update_columns(stp_customer_id: customer.id)
|
user.update_columns(stp_customer_id: customer.id)
|
||||||
end
|
end
|
||||||
@ -34,11 +37,11 @@ class StripeWorker
|
|||||||
stp_coupon[:redeem_by] = coupon.valid_until.to_i unless coupon.valid_until.nil?
|
stp_coupon[:redeem_by] = coupon.valid_until.to_i unless coupon.valid_until.nil?
|
||||||
stp_coupon[:max_redemptions] = coupon.max_usages unless coupon.max_usages.nil?
|
stp_coupon[:max_redemptions] = coupon.max_usages unless coupon.max_usages.nil?
|
||||||
|
|
||||||
Stripe::Coupon.create(stp_coupon)
|
Stripe::Coupon.create(stp_coupon, api_key: Setting.get('stripe_secret_key'))
|
||||||
end
|
end
|
||||||
|
|
||||||
def delete_stripe_coupon(coupon_code)
|
def delete_stripe_coupon(coupon_code)
|
||||||
cpn = Stripe::Coupon.retrieve(coupon_code)
|
cpn = Stripe::Coupon.retrieve(coupon_code, api_key: Setting.get('stripe_secret_key'))
|
||||||
cpn.delete
|
cpn.delete
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -11,7 +11,7 @@ class SyncMembersOnStripeWorker
|
|||||||
User.online_payers.each_with_index do |member, index|
|
User.online_payers.each_with_index do |member, index|
|
||||||
logger.debug "#{index} / #{total}"
|
logger.debug "#{index} / #{total}"
|
||||||
begin
|
begin
|
||||||
stp_customer = Stripe::Customer.retrieve member.stp_customer_id
|
stp_customer = Stripe::Customer.retrieve(member.stp_customer_id, api_key: Setting.get('stripe_secret_key'))
|
||||||
StripeWorker.perform(:create_stripe_customer, member.id) if stp_customer.nil? || stp_customer[:deleted]
|
StripeWorker.perform(:create_stripe_customer, member.id) if stp_customer.nil? || stp_customer[:deleted]
|
||||||
rescue Stripe::InvalidRequestError
|
rescue Stripe::InvalidRequestError
|
||||||
StripeWorker.perform(:create_stripe_customer, member.id)
|
StripeWorker.perform(:create_stripe_customer, member.id)
|
||||||
|
@ -2,5 +2,4 @@
|
|||||||
|
|
||||||
require 'stripe'
|
require 'stripe'
|
||||||
|
|
||||||
Stripe.api_key = Rails.application.secrets.stripe_api_key
|
Stripe.api_version = '2019-08-14'
|
||||||
Stripe.api_version = '2019-08-14'
|
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
|
|
||||||
development:
|
development:
|
||||||
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
||||||
stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
|
|
||||||
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
||||||
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
||||||
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
||||||
@ -43,7 +42,6 @@ development:
|
|||||||
|
|
||||||
test:
|
test:
|
||||||
secret_key_base: 83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
|
secret_key_base: 83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
|
||||||
stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
|
|
||||||
stripe_currency: usd
|
stripe_currency: usd
|
||||||
fablab_without_wallet: false
|
fablab_without_wallet: false
|
||||||
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
||||||
@ -74,7 +72,6 @@ test:
|
|||||||
|
|
||||||
staging:
|
staging:
|
||||||
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
||||||
stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
|
|
||||||
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
||||||
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
||||||
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
||||||
@ -116,7 +113,6 @@ staging:
|
|||||||
# instead read values from the environment.
|
# instead read values from the environment.
|
||||||
production:
|
production:
|
||||||
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
||||||
stripe_api_key: <%= ENV["STRIPE_API_KEY"] %>
|
|
||||||
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
stripe_currency: <%= ENV["STRIPE_CURRENCY"] %>
|
||||||
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
fablab_without_wallet: <%= ENV["FABLAB_WITHOUT_WALLET"] %>
|
||||||
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
user_confirmation_needed_to_sign_in: <%= ENV["USER_CONFIRMATION_NEEDED_TO_SIGN_IN"] %>
|
||||||
|
@ -51,19 +51,6 @@ When using docker-compose, you should provide the name of the service in your [d
|
|||||||
Used by the authentication system to generate random tokens, eg. for resetting passwords.
|
Used by the authentication system to generate random tokens, eg. for resetting passwords.
|
||||||
Used by Rails to verify the integrity of signed cookies.
|
Used by Rails to verify the integrity of signed cookies.
|
||||||
You can generate such a random key by running `rails secret`.
|
You can generate such a random key by running `rails secret`.
|
||||||
<a name="STRIPE_API_KEY"></a>
|
|
||||||
|
|
||||||
STRIPE_API_KEY
|
|
||||||
|
|
||||||
Key and secret used to identify you Stripe account through the API.
|
|
||||||
Retrieve them from https://dashboard.stripe.com/account/apikeys.
|
|
||||||
|
|
||||||
**MANDATORY**: Even if you don't want to charge your customers, you must fill this settings.
|
|
||||||
For this purpose, you can use a stripe account in test mode, which will provide you test keys.
|
|
||||||
If you change these keys during the application lifecycle, you must run `rails fablab:stripe:sync_members`, otherwise your users won't be able to do card payments.
|
|
||||||
|
|
||||||
Please note that Stripe have changed the naming of their keys. Here's the matching:
|
|
||||||
`STRIPE_API_KEY` = secret key
|
|
||||||
<a name="STRIPE_CURRENCY"></a>
|
<a name="STRIPE_CURRENCY"></a>
|
||||||
|
|
||||||
STRIPE_CURRENCY
|
STRIPE_CURRENCY
|
||||||
|
@ -8,7 +8,6 @@ ELASTICSEARCH_HOST=fabmanager-elastic
|
|||||||
|
|
||||||
# Stripe
|
# Stripe
|
||||||
SECRET_KEY_BASE=83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
|
SECRET_KEY_BASE=83daf5e7b80d990f037407bab78dff9904aaf3c195a50f84fa8695a22287e707dfbd9524b403b1dcf116ae1d8c06844c3d7ed942564e5b46be6ae3ead93a9d30
|
||||||
STRIPE_API_KEY==
|
|
||||||
STRIPE_CURRENCY=eur
|
STRIPE_CURRENCY=eur
|
||||||
|
|
||||||
# Invoices
|
# Invoices
|
||||||
|
@ -39,7 +39,7 @@ namespace :fablab do
|
|||||||
task clean_cassettes_secrets: :environment do
|
task clean_cassettes_secrets: :environment do
|
||||||
Dir['test/vcr_cassettes/*.yml'].each do |cassette_file|
|
Dir['test/vcr_cassettes/*.yml'].each do |cassette_file|
|
||||||
cassette = File.read(cassette_file)
|
cassette = File.read(cassette_file)
|
||||||
cassette = cassette.gsub(Rails.application.secrets.stripe_api_key, 'sk_test_testfaketestfaketestfake')
|
cassette = cassette.gsub(Setting.get('stripe_secret_key'), 'sk_test_testfaketestfaketestfake')
|
||||||
cassette = cassette.gsub(Setting.get('stripe_public_key'), 'pk_test_faketestfaketestfaketest')
|
cassette = cassette.gsub(Setting.get('stripe_public_key'), 'pk_test_faketestfaketestfaketest')
|
||||||
puts cassette
|
puts cassette
|
||||||
File.write(cassette_file, cassette)
|
File.write(cassette_file, cassette)
|
||||||
|
@ -4,7 +4,6 @@ ELASTICSEARCH_HOST=elasticsearch
|
|||||||
|
|
||||||
SECRET_KEY_BASE=
|
SECRET_KEY_BASE=
|
||||||
|
|
||||||
STRIPE_API_KEY=
|
|
||||||
STRIPE_CURRENCY=eur
|
STRIPE_CURRENCY=eur
|
||||||
|
|
||||||
INVOICE_PREFIX=Demo-FabLab_facture
|
INVOICE_PREFIX=Demo-FabLab_facture
|
||||||
|
@ -234,7 +234,7 @@ configure_env_file()
|
|||||||
|
|
||||||
local doc variables secret
|
local doc variables secret
|
||||||
doc=$(\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/doc/environment.md)
|
doc=$(\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/doc/environment.md)
|
||||||
variables=(STRIPE_API_KEY STRIPE_CURRENCY INVOICE_PREFIX FABLAB_WITHOUT_ONLINE_PAYMENT FABLAB_WITHOUT_WALLET \
|
variables=(STRIPE_CURRENCY INVOICE_PREFIX FABLAB_WITHOUT_ONLINE_PAYMENT FABLAB_WITHOUT_WALLET \
|
||||||
USER_CONFIRMATION_NEEDED_TO_SIGN_IN DEFAULT_HOST DEFAULT_PROTOCOL DELIVERY_METHOD SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \
|
USER_CONFIRMATION_NEEDED_TO_SIGN_IN DEFAULT_HOST DEFAULT_PROTOCOL DELIVERY_METHOD SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \
|
||||||
SMTP_ENABLE_STARTTLS_AUTO SMTP_OPENSSL_VERIFY_MODE SMTP_TLS \
|
SMTP_ENABLE_STARTTLS_AUTO SMTP_OPENSSL_VERIFY_MODE SMTP_TLS \
|
||||||
LOG_LEVEL MAX_IMAGE_SIZE MAX_CAO_SIZE MAX_IMPORT_SIZE DISK_SPACE_MB_ALERT \
|
LOG_LEVEL MAX_IMAGE_SIZE MAX_CAO_SIZE MAX_IMPORT_SIZE DISK_SPACE_MB_ALERT \
|
||||||
|
@ -94,7 +94,7 @@ module Events
|
|||||||
assert_invoice_pdf invoice
|
assert_invoice_pdf invoice
|
||||||
|
|
||||||
VCR.use_cassette('reserve_event_with_many_prices_and_payment_means_retrieve_invoice_from_stripe') do
|
VCR.use_cassette('reserve_event_with_many_prices_and_payment_means_retrieve_invoice_from_stripe') do
|
||||||
stp_intent = Stripe::PaymentIntent.retrieve(invoice.stp_payment_intent_id)
|
stp_intent = Stripe::PaymentIntent.retrieve(invoice.stp_payment_intent_id, api_key: Setting.get('stripe_secret_key'))
|
||||||
assert_equal stp_intent.amount, (invoice.total - invoice.wallet_amount) # total minus coupon minus wallet = amount really payed by the user
|
assert_equal stp_intent.amount, (invoice.total - invoice.wallet_amount) # total minus coupon minus wallet = amount really payed by the user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -596,7 +596,7 @@ module Reservations
|
|||||||
assert_invoice_pdf invoice
|
assert_invoice_pdf invoice
|
||||||
|
|
||||||
VCR.use_cassette('reservations_machine_and_plan_using_coupon_retrieve_invoice_from_stripe') do
|
VCR.use_cassette('reservations_machine_and_plan_using_coupon_retrieve_invoice_from_stripe') do
|
||||||
stp_intent = Stripe::PaymentIntent.retrieve(invoice.stp_payment_intent_id)
|
stp_intent = Stripe::PaymentIntent.retrieve(invoice.stp_payment_intent_id, api_key: Setting.get('stripe_secret_key'))
|
||||||
assert_equal stp_intent.amount, invoice.total
|
assert_equal stp_intent.amount, invoice.total
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -54,13 +54,16 @@ class ActiveSupport::TestCase
|
|||||||
end
|
end
|
||||||
|
|
||||||
Stripe::PaymentMethod.create(
|
Stripe::PaymentMethod.create(
|
||||||
type: 'card',
|
{
|
||||||
card: {
|
type: 'card',
|
||||||
number: number,
|
card: {
|
||||||
exp_month: exp_month,
|
number: number,
|
||||||
exp_year: exp_year,
|
exp_month: exp_month,
|
||||||
cvc: cvc
|
exp_year: exp_year,
|
||||||
}
|
cvc: cvc
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{ api_key: Setting.get('stripe_secret_key') }
|
||||||
).id
|
).id
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user