105 lines
3.0 KiB
TypeScript
105 lines
3.0 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import ZarinPal from 'zarinpal-node-sdk';
|
|
import { getDatabase } from '@/lib/db';
|
|
|
|
const zarinpal = new ZarinPal({
|
|
merchantId: process.env.ZARINPAL_MERCHANT_ID || 'test-merchant-id',
|
|
sandbox: process.env.NODE_ENV !== 'production',
|
|
});
|
|
|
|
export async function POST(request: NextRequest) {
|
|
try {
|
|
const body = await request.json();
|
|
const { authority } = body;
|
|
|
|
if (!authority) {
|
|
return NextResponse.json(
|
|
{ error: 'Authority code is required' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const db = getDatabase();
|
|
|
|
// Get payment details from database
|
|
const paymentRecord = db.prepare(`
|
|
SELECT * FROM payment_authorities WHERE authority = ?
|
|
`).get(authority) as any;
|
|
|
|
if (!paymentRecord) {
|
|
return NextResponse.json(
|
|
{ error: 'No matching transaction found for this authority code' },
|
|
{ status: 404 }
|
|
);
|
|
}
|
|
|
|
// Check if already verified
|
|
if (paymentRecord.status === 'verified') {
|
|
return NextResponse.json({
|
|
success: true,
|
|
refId: paymentRecord.refId,
|
|
message: 'Payment already verified',
|
|
});
|
|
}
|
|
|
|
// Verify payment with ZarinPal
|
|
const response = await zarinpal.verifications.verify({
|
|
amount: paymentRecord.amount,
|
|
authority: authority,
|
|
});
|
|
|
|
if (response.data.code === 100 || response.data.code === 101) {
|
|
const refId = response.data.ref_id;
|
|
const cardPan = response.data.card_pan;
|
|
const fee = response.data.fee;
|
|
|
|
// Update payment authority status
|
|
db.prepare(`
|
|
UPDATE payment_authorities
|
|
SET status = 'verified', refId = ?, cardPan = ?, fee = ?, verifiedAt = ?
|
|
WHERE authority = ?
|
|
`).run(refId, cardPan, fee, Date.now(), authority);
|
|
|
|
// Create purchase record (auto-approved for IPG payments)
|
|
db.prepare(`
|
|
INSERT INTO purchases (albumId, transactionId, customerName, email, phoneNumber, txReceipt, purchaseDate, approvalStatus, paymentMethod)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, 'approved', 'ipg')
|
|
`).run(
|
|
paymentRecord.albumId,
|
|
refId.toString(),
|
|
paymentRecord.customerName,
|
|
paymentRecord.email,
|
|
paymentRecord.phoneNumber,
|
|
`ZarinPal-${refId}`,
|
|
Date.now()
|
|
);
|
|
|
|
return NextResponse.json({
|
|
success: true,
|
|
refId: refId,
|
|
cardPan: cardPan,
|
|
fee: fee,
|
|
message: response.data.code === 101 ? 'Payment already verified' : 'Payment verified successfully',
|
|
});
|
|
} else {
|
|
// Update payment authority status to failed
|
|
db.prepare(`
|
|
UPDATE payment_authorities
|
|
SET status = 'failed'
|
|
WHERE authority = ?
|
|
`).run(authority);
|
|
|
|
return NextResponse.json(
|
|
{ error: `Transaction failed with code: ${response.data.code}` },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
} catch (error: any) {
|
|
console.error('Payment verification error:', error);
|
|
return NextResponse.json(
|
|
{ error: error.message || 'Failed to verify payment' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|