From 00558962295299084471a162e196bc1314a39253 Mon Sep 17 00:00:00 2001 From: DhanshCOSQ Date: Fri, 11 Apr 2025 15:14:01 +0000 Subject: [PATCH] feature/fitlien-add-cors (#14) Reviewed-on: https://git.cosqnet.com/cosqnet/fitlien-services/pulls/14 Co-authored-by: DhanshCOSQ Co-committed-by: DhanshCOSQ --- functions/src/index.ts | 170 +++++++++++++++++++++++++---------------- 1 file changed, 104 insertions(+), 66 deletions(-) diff --git a/functions/src/index.ts b/functions/src/index.ts index eb4913a..d13051d 100644 --- a/functions/src/index.ts +++ b/functions/src/index.ts @@ -372,87 +372,125 @@ export const createCashfreeOrder = onRequest({ } const idToken = authHeader.split('Bearer ')[1]; - const decodedToken = await admin.auth().verifyIdToken(idToken); - const uid = decodedToken.uid; + try { + const decodedToken = await admin.auth().verifyIdToken(idToken); + const uid = decodedToken.uid; - const { - amount, - customerName, - customerEmail, - customerPhone, - productInfo - } = request.body; + const { + amount, + customerName, + customerEmail, + customerPhone, + productInfo, + userId, + gymId, + orderId + } = request.body; - if (!amount || !customerEmail || !customerPhone) { - response.status(400).json({ error: 'Missing required fields' }); - return; - } - - const clientId = process.env.CASHFREE_CLIENT_ID; - const clientSecret = process.env.CASHFREE_CLIENT_SECRET; - const isTest = true; - - const apiUrl = isTest - ? 'https://sandbox.cashfree.com/pg/orders' - : 'https://api.cashfree.com/pg/orders'; - - const orderId = `order_${Date.now()}_${uid.substring(0, 6)}`; - - const cashfreeResponse = await axios.post( - apiUrl, - { - order_id: orderId, - order_amount: amount, - order_currency: 'INR', - customer_details: { - customer_id: uid, - customer_name: customerName || 'Fitlien User', - customer_email: customerEmail, - customer_phone: customerPhone - }, - order_meta: { - return_url: `https://fitlien.com/payment/status?order_id={order_id}`, - // notify_url: `https://$filien.web.app/verifyCashfreePayment` - }, - order_note: productInfo || 'Fitlien Membership' - }, - { - headers: { - 'x-api-version': '2022-09-01', - 'x-client-id': clientId, - 'x-client-secret': clientSecret, - 'Content-Type': 'application/json' - } + if (!amount || !customerEmail || !customerPhone) { + response.status(400).json({ error: 'Missing required fields' }); + return; } - ); - await admin.firestore().collection('payment_orders').doc(orderId).set({ - userId: uid, - amount: amount, - customerEmail: customerEmail, - customerPhone: customerPhone, - orderStatus: 'CREATED', - paymentGateway: 'Cashfree', - createdAt: new Date(), - ...cashfreeResponse.data - }); + const clientId = process.env.CASHFREE_CLIENT_ID; + const clientSecret = process.env.CASHFREE_CLIENT_SECRET; - response.json({ - order_id: cashfreeResponse.data.order_id, - payment_session_id: cashfreeResponse.data.payment_session_id - }); + if (!clientId || !clientSecret) { + logger.error('Cashfree credentials not configured'); + response.status(500).json({ error: 'Payment gateway configuration error' }); + return; + } - logger.info(`Cashfree order created: ${orderId}`); + const isTest = true; + const hashKey = `hash_${Date.now()}_${uid.substring(0, 1)}_${orderId}`; + const apiUrl = isTest + ? 'https://sandbox.cashfree.com/pg/orders' + : 'https://api.cashfree.com/pg/orders'; + + try { + const cashfreeResponse = await axios.post( + apiUrl, + { + order_id: orderId, + hash_key: hashKey, + order_amount: amount, + order_currency: 'INR', + customer_details: { + customer_id: uid, + customer_name: customerName || 'Fitlien User', + customer_email: customerEmail, + customer_phone: customerPhone + }, + order_meta: { + return_url: `https://fitlien.com/payment-bridge?order_id=${orderId}&hash_key=${hashKey}&user_id=${userId}&gym_id=${gymId}`, + // notify_url: `https://$filien.web.app/verifyCashfreePayment` + }, + order_note: productInfo || 'Fitlien Membership' + }, + { + headers: { + 'x-api-version': '2022-09-01', + 'x-client-id': clientId, + 'x-client-secret': clientSecret, + 'Content-Type': 'application/json' + } + } + ); + + try { + await admin.firestore().collection('payment_orders').doc(orderId).set({ + userId: uid, + amount: amount, + customerEmail: customerEmail, + customerPhone: customerPhone, + orderStatus: 'CREATED', + paymentGateway: 'Cashfree', + createdAt: new Date(), + hashKey: hashKey, + clientId: userId, + gymId: gymId, + orderId: orderId, + ...cashfreeResponse.data + }); + } catch (firestoreError) { + logger.error('Error storing order in Firestore:', firestoreError); + } + + response.json({ + success: true, + order_id: cashfreeResponse.data.order_id, + payment_session_id: cashfreeResponse.data.payment_session_id + }); + + logger.info(`Cashfree order created: ${orderId}`); + } catch (axiosError: any) { + logger.error('Cashfree API error:', axiosError); + response.status(axiosError.response?.status || 500).json({ + success: false, + error: 'Payment gateway error', + details: axiosError.response?.data || axiosError.message, + code: axiosError.code + }); + } + } catch (authError) { + logger.error('Authentication error:', authError); + response.status(401).json({ + success: false, + error: 'Invalid authentication token' + }); + } } catch (error: any) { logger.error('Cashfree order creation error:', error); response.status(500).json({ + success: false, error: 'Failed to create payment order', - details: error.response?.data || error.message + details: error.message }); } }); }); + export const verifyCashfreePayment = onRequest({ region: '#{SERVICES_RGN}#' }, async (request: Request, response: express.Response) => {