feature/fitlien-add-cors (#14)

Reviewed-on: #14 Co-authored-by: DhanshCOSQ <dhanshas@cosq.net> Co-committed-by: DhanshCOSQ <dhanshas@cosq.net>
2025-04-11 15:14:01 +00:00 · 2025-04-11 15:14:01 +00:00 · 0055896229
commit 0055896229
parent ada17a85d9
1 changed files with 104 additions and 66 deletions
--- a/functions/src/index.ts
+++ b/functions/src/index.ts
@ -372,87 +372,125 @@ export const createCashfreeOrder = onRequest({
      }

      const idToken = authHeader.split('Bearer ')[1];
-      const decodedToken = await admin.auth().verifyIdToken(idToken);
-      const uid = decodedToken.uid;
+      try {
+        const decodedToken = await admin.auth().verifyIdToken(idToken);
+        const uid = decodedToken.uid;

-      const {
-        amount,
-        customerName,
-        customerEmail,
-        customerPhone,
-        productInfo
-      } = request.body;
+        const {
+          amount,
+          customerName,
+          customerEmail,
+          customerPhone,
+          productInfo,
+          userId,
+          gymId,
+          orderId
+        } = request.body;

-      if (!amount || !customerEmail || !customerPhone) {
-        response.status(400).json({ error: 'Missing required fields' });
-        return;
-      }
-
-      const clientId = process.env.CASHFREE_CLIENT_ID;
-      const clientSecret = process.env.CASHFREE_CLIENT_SECRET;
-      const isTest = true;
-
-      const apiUrl = isTest
-        ? 'https://sandbox.cashfree.com/pg/orders'
-        : 'https://api.cashfree.com/pg/orders';
-
-      const orderId = `order_${Date.now()}_${uid.substring(0, 6)}`;
-
-      const cashfreeResponse = await axios.post(
-        apiUrl,
-        {
-          order_id: orderId,
-          order_amount: amount,
-          order_currency: 'INR',
-          customer_details: {
-            customer_id: uid,
-            customer_name: customerName || 'Fitlien User',
-            customer_email: customerEmail,
-            customer_phone: customerPhone
-          },
-          order_meta: {
-            return_url: `https://fitlien.com/payment/status?order_id={order_id}`,
-            // notify_url: `https://$filien.web.app/verifyCashfreePayment`
-          },
-          order_note: productInfo || 'Fitlien Membership'
-        },
-        {
-          headers: {
-            'x-api-version': '2022-09-01',
-            'x-client-id': clientId,
-            'x-client-secret': clientSecret,
-            'Content-Type': 'application/json'
-          }
+        if (!amount || !customerEmail || !customerPhone) {
+          response.status(400).json({ error: 'Missing required fields' });
+          return;
        }
-      );

-      await admin.firestore().collection('payment_orders').doc(orderId).set({
-        userId: uid,
-        amount: amount,
-        customerEmail: customerEmail,
-        customerPhone: customerPhone,
-        orderStatus: 'CREATED',
-        paymentGateway: 'Cashfree',
-        createdAt: new Date(),
-        ...cashfreeResponse.data
-      });
+        const clientId = process.env.CASHFREE_CLIENT_ID;
+        const clientSecret = process.env.CASHFREE_CLIENT_SECRET;

-      response.json({
-        order_id: cashfreeResponse.data.order_id,
-        payment_session_id: cashfreeResponse.data.payment_session_id
-      });
+        if (!clientId || !clientSecret) {
+          logger.error('Cashfree credentials not configured');
+          response.status(500).json({ error: 'Payment gateway configuration error' });
+          return;
+        }

-      logger.info(`Cashfree order created: ${orderId}`);
+        const isTest = true;
+        const hashKey = `hash_${Date.now()}_${uid.substring(0, 1)}_${orderId}`;
+        const apiUrl = isTest
+          ? 'https://sandbox.cashfree.com/pg/orders'
+          : 'https://api.cashfree.com/pg/orders';
+
+        try {
+          const cashfreeResponse = await axios.post(
+            apiUrl,
+            {
+              order_id: orderId,
+              hash_key: hashKey,
+              order_amount: amount,
+              order_currency: 'INR',
+              customer_details: {
+                customer_id: uid,
+                customer_name: customerName || 'Fitlien User',
+                customer_email: customerEmail,
+                customer_phone: customerPhone
+              },
+              order_meta: {
+                return_url: `https://fitlien.com/payment-bridge?order_id=${orderId}&hash_key=${hashKey}&user_id=${userId}&gym_id=${gymId}`,
+                // notify_url: `https://$filien.web.app/verifyCashfreePayment`
+              },
+              order_note: productInfo || 'Fitlien Membership'
+            },
+            {
+              headers: {
+                'x-api-version': '2022-09-01',
+                'x-client-id': clientId,
+                'x-client-secret': clientSecret,
+                'Content-Type': 'application/json'
+              }
+            }
+          );
+
+          try {
+            await admin.firestore().collection('payment_orders').doc(orderId).set({
+              userId: uid,
+              amount: amount,
+              customerEmail: customerEmail,
+              customerPhone: customerPhone,
+              orderStatus: 'CREATED',
+              paymentGateway: 'Cashfree',
+              createdAt: new Date(),
+              hashKey: hashKey,
+              clientId: userId,
+              gymId: gymId,
+              orderId: orderId,
+              ...cashfreeResponse.data
+            });
+          } catch (firestoreError) {
+            logger.error('Error storing order in Firestore:', firestoreError);
+          }
+
+          response.json({
+            success: true,
+            order_id: cashfreeResponse.data.order_id,
+            payment_session_id: cashfreeResponse.data.payment_session_id
+          });
+
+          logger.info(`Cashfree order created: ${orderId}`);
+        } catch (axiosError: any) {
+          logger.error('Cashfree API error:', axiosError);
+          response.status(axiosError.response?.status || 500).json({
+            success: false,
+            error: 'Payment gateway error',
+            details: axiosError.response?.data || axiosError.message,
+            code: axiosError.code
+          });
+        }
+      } catch (authError) {
+        logger.error('Authentication error:', authError);
+        response.status(401).json({
+          success: false,
+          error: 'Invalid authentication token'
+        });
+      }
    } catch (error: any) {
      logger.error('Cashfree order creation error:', error);
      response.status(500).json({
+        success: false,
        error: 'Failed to create payment order',
-        details: error.response?.data || error.message
+        details: error.message
      });
    }
  });
 });

+
 export const verifyCashfreePayment = onRequest({
  region: '#{SERVICES_RGN}#'
 }, async (request: Request, response: express.Response) => {