npm - node-paytmpg - Versions diffs - 4.0.2 → 4.1.0 - Mend

node-paytmpg 4.0.2 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/.github/workflows/npm-publish.yml +2 -1
package/README.MD +19 -0
package/app/controllers/payment_controller.js +96 -32
package/app/routes/payment_route.js +7 -2
package/package.json +1 -1

package/.github/workflows/npm-publish.yml CHANGED Viewed

@@ -6,7 +6,8 @@ name: Node.js Package
 on:
   release:
     types: [created]
+  push:
+    branches: [ master ]
 jobs:
   publish:
     runs-on: ubuntu-latest

package/README.MD CHANGED Viewed

@@ -202,6 +202,25 @@ var User=PayTMPG.User;
 ```
+### Webhooks
+Webhooks can issued at at `/_pay/api/webhook` and are useful for payments captured late.
+If you are using `bodyparser` , make sure to remove these from your express app since the body parsers will be already added with the library .
+```
+    Comment these if present in your app
+    app.use(bodyParser.json());
+    app.use(bodyParser.urlencoded({ extended: true }));
+```
+#### For razorpay webhook
+Make sure to use the same secret in your webhook as the merchant secret.
+https://razorpay.com/docs/webhooks/
+#### For paytm
+Nothing extra needed
+https://developer.paytm.com/docs/callback-and-webhook/?ref=callbackWebhook
 License : GPL

package/app/controllers/payment_controller.js CHANGED Viewed

@@ -6,6 +6,7 @@ var IDLEN = 10;
 var nodeBase64 = require('nodejs-base64-converter');
 var RazorPay = require('razorpay');
 const PaytmChecksum = require('./checksum/PaytmChecksum.js');
+const { stat } = require('fs');
 function sanitizeRequest(body) {
@@ -108,7 +109,7 @@ module.exports = function (app, callbacks) {
             params['ORDER_ID'] = req.body.ORDER_ID;
             params['CUST_ID'] = req.body.CUST_ID;
             params['TXN_AMOUNT'] = req.body.TXN_AMOUNT;
-            params['CALLBACK_URL'] = req.body.CALLBACK_URL + "?order_id="+req.body.ORDER_ID;
+            params['CALLBACK_URL'] = req.body.CALLBACK_URL + "?order_id=" + req.body.ORDER_ID;
             params['EMAIL'] = req.body.EMAIL;
             params['MOBILE_NO'] = req.body.MOBILE_NO;
             params['PRODUCT_NAME'] = req.body.PRODUCT_NAME;
@@ -574,6 +575,44 @@ module.exports = function (app, callbacks) {
     }
+    function updateTransaction(req, res) {
+        var myquery = { orderId: req.body.ORDERID };
+        Transaction.findOne(myquery, function (err, objForUpdate) {
+            if (err) {
+                res.send({ message: "Transaction Not Found !", ORDERID: req.body.ORDERID, TXNID: req.body.TXNID })
+                return;
+            }
+            if (objForUpdate.status != ("INITIATED") && objForUpdate.status != ("TXN_PENDING")) {
+                res.send({ message: "Transaction already processed", status: objForUpdate.status, ORDERID: objForUpdate.orderId, TXNID: objForUpdate.TXNID, TXNID: req.body.TXNID })
+                return;
+            }
+            if (req.body.status == "paid" && !req.body.STATUS) {
+                req.body.STATUS = "TXN_SUCCESS"
+            }
+            objForUpdate.status = req.body.STATUS;
+            objForUpdate.TXNID = req.body.TXNID;
+            objForUpdate.extra = JSON.stringify(req.body);
+            var newvalues = { $set: objForUpdate };
+            Transaction.updateOne(myquery, newvalues, function (err, saveRes) {
+                if (err) {
+                    res.send({ message: "Error Occured !", ORDERID: req.body.ORDERID, TXNID: req.body.TXNID })
+                }
+                else {
+                    if (callbacks !== undefined)
+                        callbacks.onFinish(req.body.ORDERID, req.body);
+                    objForUpdate.readonly = "readonly"
+                    objForUpdate.action = config.homepage
+                    res.render(vp + "result.hbs", objForUpdate);
+                }
+            });
+        }, usingMultiDbOrm ? Transaction : undefined)
+    }
     module.callback = (req, res) => {
@@ -617,37 +656,7 @@ module.exports = function (app, callbacks) {
         if (result || isCancelled) {
-            var myquery = { orderId: req.body.ORDERID };
-            Transaction.findOne(myquery, function (err, objForUpdate) {
-                if (err) {
-                    res.send({ message: "Transaction Not Found !", ORDERID: req.body.ORDERID, TXNID: req.body.TXNID })
-                    return;
-                }
-                if (req.body.status == "paid" && !req.body.STATUS) {
-                    req.body.STATUS = "TXN_SUCCESS"
-                }
-                objForUpdate.status = req.body.STATUS;
-                objForUpdate.TXNID = req.body.TXNID;
-                objForUpdate.extra = JSON.stringify(req.body);
-                var newvalues = { $set: objForUpdate };
-                Transaction.updateOne(myquery, newvalues, function (err, saveRes) {
-                    if (err) {
-                        res.send({ message: "Error Occured !", ORDERID: req.body.ORDERID, TXNID: req.body.TXNID })
-                    }
-                    else {
-                        if (callbacks !== undefined)
-                            callbacks.onFinish(req.body.ORDERID, req.body);
-                        objForUpdate.readonly = "readonly"
-                        objForUpdate.action = config.homepage
-                        res.render(vp + "result.hbs", objForUpdate);
-                    }
-                });
-            }, usingMultiDbOrm ? Transaction : undefined)
+            updateTransaction(req, res);
         }
         else {
@@ -658,6 +667,61 @@ module.exports = function (app, callbacks) {
     }
+    module.webhook = (req, res) => {
+        if (config.paytm_url) {
+            module.callback(req, res)
+        }
+        else if (config.razor_url) {
+            let events = ["payment.captured", "payment.pending", "payment.failed"]
+            if (req.body.event && events.indexOf(req.body.event) > -1) {
+                if (req.body.payload &&
+                    req.body.payload.payment &&
+                    req.body.payload.payment.entity) {
+                    let entity = req.body.payload.payment.entity;
+                    let razorpay_order_id = entity.order_id;
+                    let razorpay_payment_id = entity.id;
+                    let status = entity.status;
+                    let event = req.body.event;
+                    console.log(`Razorpay webhook payment order=${razorpay_order_id} payid=${razorpay_payment_id} status=${status}`)
+                    let reqBody = req.rawBody, signature = req.headers["x-razorpay-signature"];
+                    result = RazorPay.validateWebhookSignature(reqBody, req.headers['x-razorpay-signature'], config.SECRET)
+                    req.signatureVerified = result;
+                    if (true) {
+                        if (event == events[0]) {
+                            req.body.STATUS = "TXN_SUCCESS";
+                        }
+                        else if (event == events[1]) { //pending
+                            req.body.STATUS = "TXN_PENDING";
+                        }
+                        else { // failed
+                            req.body.STATUS = "TXN_FAILURE";
+                        }
+                        req.body.ORDERID = razorpay_order_id;
+                        req.body.TXNID = razorpay_payment_id;
+                        setTimeout(() => {
+                            updateTransaction(req, res)
+                        }, 3000)
+                    }
+                    else {
+                        res.status(401)
+                        res.send({ message: "Invalid Rzpay signature" })
+                    }
+                }
+                else {
+                    res.status(400)
+                    res.send({ message: "Invalid Payload" })
+                }
+            }
+            else {
+                res.status(400)
+                res.send({ message: "Unsupported event : " + req.body.event })
+            }
+        }
+    }
     module.createTxn = (req, res) => {

package/app/routes/payment_route.js CHANGED Viewed

@@ -49,16 +49,21 @@ module.exports = (app, express, callbacks) => {
     app.set('view engine', 'handlebars');
+    let saveRawBody = function (req, res, buf, encoding) {
+        req.rawBody = buf.toString();
+    }
     app.use(bodyParser.urlencoded({ extended: true }))
-    app.use(bodyParser.json())
+    app.use(bodyParser.json({ verify: saveRawBody }))
     app.use("/" + config.path_prefix, express.static(path.join(__dirname, '../../public')));
     app.use('/' + config.path_prefix, router);
     router.all('/', pc.init);
     router.all('/init', pc.init);
-    router.all('/home', pc.home)
+    // router.all('/home', pc.home)
     router.all('/callback', pc.callback)
+    router.all('/api/webhook', pc.webhook)
     router.all('/api/status', pc.status)
     router.all('/api/createTxn', pc.createTxn)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "node-paytmpg",
-  "version": "4.0.2",
+  "version": "4.1.0",
   "description": "Payment Gateway Integration using NodeJS",
   "main": "index.js",
   "scripts": {