UNPKG

@unchainedshop/plugins

Version:

Official plugin collection for the Unchained Engine with payment, delivery, and pricing adapters

github.com/unchainedshop/unchained

unchainedshop/unchained

72 lines (71 loc) 3.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import { createLogger } from '@unchainedshop/logger'; import generateSignature, { Security } from "./generateSignature.js"; const { DATATRANS_SIGN_KEY, DATATRANS_SIGN2_KEY, DATATRANS_SECURITY = Security.DYNAMIC_SIGN, } = process.env; const logger = createLogger('unchained:datatrans:handler'); export const datatransHandler = async (req, res) => { const resolvedContext = req.unchainedContext; const { modules, services } = resolvedContext; const signature = req.headers['datatrans-signature']; if (!DATATRANS_SIGN_KEY && !DATATRANS_SIGN2_KEY) { logger.warn('No sign key configured'); res.status(404).end(); return; } if (req.method === 'POST' && signature) { const [rawTimestamp, rawHash] = signature.split(','); const [, hash] = rawHash.split('='); const [, timestamp] = rawTimestamp.split('='); const comparableSignature = await generateSignature({ security: DATATRANS_SECURITY, signKey: DATATRANS_SIGN2_KEY || DATATRANS_SIGN_KEY, })(timestamp, req.body); if (hash !== comparableSignature) { logger.error(`hash mismatch: ${signature} / ${comparableSignature}`); res.status(403).send('Hash mismatch'); return; } const transaction = JSON.parse(req.body); logger.info(`received request`, { type: transaction.type, }); if (transaction.status === 'authorized') { const userId = transaction.refno2; const referenceId = Buffer.from(transaction.refno, 'base64').toString('hex'); try { if (transaction.type === 'card_check') { const paymentProviderId = referenceId; const paymentCredentials = await services.orders.registerPaymentCredentials(paymentProviderId, { userId, transactionContext: { transactionId: transaction.transactionId } }); logger.info(`registered payment credentials for ${userId}`, { userId, }); res.status(200).send(paymentCredentials); return; } if (transaction.type === 'payment') { const orderPaymentId = referenceId; const orderPayment = await modules.orders.payments.findOrderPayment({ orderPaymentId, }); if (!orderPayment) throw new Error(`Order Payment with id ${orderPaymentId} not found`); const order = await services.orders.checkoutOrder(orderPayment.orderId, { paymentContext: { userId, transactionId: transaction.transactionId }, }); if (!order) throw new Error(`Order with id ${orderPayment.orderId} not found`); logger.info(`confirmed checkout for order ${order.orderNumber}`, { orderId: order._id, }); res.status(200).send(order); return; } } catch (e) { logger.error(`rejected to checkout: ${e.name} - ${e.message}`); res.status(500).send({ name: e.name, code: e.code, message: e.message }); return; } } } res.status(404).end(); };