UNPKG

storenest-commerce

Version:

Complete e-commerce SDK for Storenest platform with React components, multi-language support, secure checkout, and enterprise-grade security

147 lines (146 loc) 5.5 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.StorenestServerCheckout = void 0; const config_1 = require("./config"); // Server-side checkout class (for backend use only) class StorenestServerCheckout { constructor() { this.apiBaseUrl = (0, config_1.getApiBaseUrl)(); this.secretKey = (0, config_1.getSecretKey)() || ''; if (!this.secretKey) { throw new Error('Secret key required for server-side checkout operations'); } } // SECURITY: Calculate order total server-side (prevents client manipulation) async calculateOrderTotal(cartId, shippingMethodId) { const response = await fetch(`${this.apiBaseUrl}/checkout/calculate`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ cartId, shippingMethodId }) }); if (!response.ok) { throw new Error('Failed to calculate order total'); } return await response.json(); } // SECURITY: Validate order server-side (prevents invalid orders) async validateOrder(orderData) { const response = await fetch(`${this.apiBaseUrl}/checkout/validate`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify(orderData) }); if (!response.ok) { throw new Error('Failed to validate order'); } return await response.json(); } // SECURITY: Process payment server-side (keeps payment data secure) async processPayment(paymentData, orderId) { const response = await fetch(`${this.apiBaseUrl}/checkout/process-payment`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ paymentData, orderId }) }); if (!response.ok) { throw new Error('Failed to process payment'); } return await response.json(); } // SECURITY: Detect fraud server-side async detectFraud(orderData, clientIP) { const response = await fetch(`${this.apiBaseUrl}/checkout/fraud-detection`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ orderData, clientIP }) }); if (!response.ok) { throw new Error('Failed to detect fraud'); } return await response.json(); } // SECURITY: Apply discounts server-side (prevents discount abuse) async applyDiscounts(cartId, discountCode) { const response = await fetch(`${this.apiBaseUrl}/checkout/apply-discount`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ cartId, discountCode }) }); if (!response.ok) { throw new Error('Failed to apply discount'); } return await response.json(); } // SECURITY: Create order server-side (ensures data integrity) async createOrder(orderData) { const response = await fetch(`${this.apiBaseUrl}/checkout/create-order`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify(orderData) }); if (!response.ok) { throw new Error('Failed to create order'); } return await response.json(); } // SECURITY: Validate checkout session server-side async validateCheckoutSession(sessionId) { const response = await fetch(`${this.apiBaseUrl}/checkout/validate-session/${sessionId}`, { method: 'GET', headers: { 'x-secret-key': this.secretKey, } }); if (!response.ok) { throw new Error('Failed to validate checkout session'); } return await response.json(); } // SECURITY: Rate limiting and abuse prevention async checkRateLimit(clientIP, action) { const response = await fetch(`${this.apiBaseUrl}/checkout/rate-limit`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ clientIP, action }) }); if (!response.ok) { throw new Error('Failed to check rate limit'); } return await response.json(); } // SECURITY: Log security events async logSecurityEvent(event, data) { await fetch(`${this.apiBaseUrl}/checkout/security-log`, { method: 'POST', headers: { 'x-secret-key': this.secretKey, 'Content-Type': 'application/json', }, body: JSON.stringify({ event, data, timestamp: Date.now() }) }); } } exports.StorenestServerCheckout = StorenestServerCheckout; // Export the server-side checkout class exports.default = StorenestServerCheckout;