adminnistrateur
/
paymentservice
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix csrf token while get payment status

This commit is contained in:
Djery-Tom 2022-12-15 05:36:34 +01:00
parent 6366c22e0f
commit 51b26f9027
4 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/YoomeeV2Controller.php
View File

@ -355,15 +355,15 @@ class YoomeeV2Controller extends Controller
} }
if($verify_btn){
return redirect()->route('checkout',['payment_token' => $transaction->payment_token]);
}else {
if ($transaction->state == PaymentTransactionState::ACCEPTED) { if ($transaction->state == PaymentTransactionState::ACCEPTED) {
return [ return [
'message' => "Payment accepted", 'message' => "Payment accepted",
'status' => 1, 'status' => 1,
'refresh' => 1, 'refresh' => 1,
]; ];
} else {
if($verify_btn){
return redirect()->route('checkout',['payment_token' => $transaction->payment_token]);
} else { } else {
return [ return [
'message' => "Payment failed", 'message' => "Payment failed",

4
app/Http/Middleware/VerifyCsrfToken.php
View File

@ -3,6 +3,7 @@
namespace App\Http\Middleware; namespace App\Http\Middleware;
use Closure; use Closure;
use Illuminate\Support\Facades\Log;
use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpFoundation\Cookie;
use Illuminate\Contracts\Encryption\Encrypter; use Illuminate\Contracts\Encryption\Encrypter;
use Illuminate\Session\TokenMismatchException; use Illuminate\Session\TokenMismatchException;
@ -53,6 +54,9 @@ class VerifyCsrfToken {
protected function tokensMatch($request) { protected function tokensMatch($request) {
$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN'); $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
Log::info($token);
Log::error($request->session()->token());
if (!$token && $header = $request->header('X-XSRF-TOKEN')) { if (!$token && $header = $request->header('X-XSRF-TOKEN')) {
$token = $this->encrypter->decrypt($header); $token = $this->encrypter->decrypt($header);
} }

3
resources/views/verify-payment.blade.php
View File

@ -53,7 +53,7 @@
@keyframes ldio-5owbnf6l9j7-r { @keyframes ldio-5owbnf6l9j7-r {
0% { 0% {
transform: translate(148px, 80px) scale(1): transform: translate(148px, 80px) scale(1);
} }
100% { 100% {
transform: translate(148px, 80px) scale(0); transform: translate(148px, 80px) scale(0);
@ -269,6 +269,7 @@
var myHeaders = new Headers(); var myHeaders = new Headers();
var url = "{{route('yoomee.v2.verify')}}"; var url = "{{route('yoomee.v2.verify')}}";
var raw = JSON.stringify({ var raw = JSON.stringify({
"_token" : "{{ app('request')->session()->get('_token') }}",
"transaction_id": "{{$transaction_id}}" "transaction_id": "{{$transaction_id}}"
}); });

2
routes/web.php
View File

@ -21,7 +21,7 @@ $router->group(['middleware' => 'session'], function () use ($router) {
// }); // });
$router->get('checkout/{payment_token}', ['as' => 'checkout', 'uses' => 'PaymentController@checkout']); $router->get('checkout/{payment_token}', ['as' => 'checkout', 'uses' => 'PaymentController@checkout']);
$router->post('checkoutPay', ['as' => 'yoomee.v2.checkoutPay', 'uses' => 'YoomeeV2Controller@checkoutPay','middleware' => 'csrf']); $router->post('checkoutPay', ['as' => 'yoomee.v2.checkoutPay', 'uses' => 'YoomeeV2Controller@checkoutPay','middleware' => 'csrf']);
$router->post('status', ['as' => 'yoomee.v2.verify', 'uses' => 'YoomeeV2Controller@getPaymentStatus', 'middleware' => 'csrf']); $router->post('status', ['as' => 'yoomee.v2.verify', 'uses' => 'YoomeeV2Controller@getPaymentStatus']);
$router->get('merchantRedirect', ['as' => 'yoomee.v2.merchantRedirect', 'uses' => 'YoomeeV2Controller@merchantRedirect']); $router->get('merchantRedirect', ['as' => 'yoomee.v2.merchantRedirect', 'uses' => 'YoomeeV2Controller@merchantRedirect']);
}); });