soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Checkout‑Registrierung validiert jetzt die E‑Mail‑Länge, und die Checkout‑Flows sind Paddle‑only: Stripe‑Endpoints/

Browse Source 
Services/Helpers sind entfernt, API/Frontend angepasst, Tests auf Paddle umgestellt. Außerdem wurde die CSP gestrafft
  und Stripe‑Texte in den Abandoned‑Checkout‑Mails ersetzt.
This commit is contained in:
Codex Agent
2025-12-18 11:14:42 +01:00
parent 7213aef108
commit 2e4226a838
33 changed files with 314 additions and 1219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
app/Http/Controllers/Api/PackageController.php
View File

@@ -47,8 +47,10 @@ class PackageController extends Controller
$request->validate([
'package_id' => 'required|exists:packages,id',
'type' => 'required|in:endcustomer,reseller',
'payment_method' => 'required|in:stripe,paddle',
'payment_method' => 'required|in:paddle',
'event_id' => 'nullable|exists:events,id', // For endcustomer
'success_url' => 'nullable|url',
'return_url' => 'nullable|url',
]);
$package = Package::findOrFail($request->package_id);
@@ -67,42 +69,11 @@ class PackageController extends Controller
return $this->handlePaidPurchase($request, $package, $tenant);
}
public function createPaymentIntent(Request $request): JsonResponse
{
$request->validate([
'package_id' => 'required|exists:packages,id',
]);
$package = Package::findOrFail($request->package_id);
$tenant = $request->attributes->get('tenant');
if (! $tenant) {
throw ValidationException::withMessages(['tenant' => 'Tenant not found.']);
}
\Stripe\Stripe::setApiKey(config('services.stripe.secret'));
$paymentIntent = \Stripe\PaymentIntent::create([
'amount' => $package->price * 100,
'currency' => 'eur',
'metadata' => [
'tenant_id' => $tenant->id,
'package_id' => $package->id,
'type' => 'endcustomer_event',
],
]);
return response()->json([
'client_secret' => $paymentIntent->client_secret,
]);
}
public function completePurchase(Request $request): JsonResponse
{
$request->validate([
'package_id' => 'required|exists:packages,id',
'payment_method_id' => 'required_without:paddle_transaction_id|string',
'paddle_transaction_id' => 'required_without:payment_method_id|string',
'paddle_transaction_id' => 'required|string',
]);
$package = Package::findOrFail($request->package_id);
@@ -112,14 +83,14 @@ class PackageController extends Controller
throw ValidationException::withMessages(['tenant' => 'Tenant not found.']);
}
$provider = $request->has('paddle_transaction_id') ? 'paddle' : 'stripe';
$provider = 'paddle';
DB::transaction(function () use ($request, $package, $tenant, $provider) {
PackagePurchase::create([
'tenant_id' => $tenant->id,
'package_id' => $package->id,
'provider' => $provider,
'provider_id' => $request->input($provider === 'paddle' ? 'paddle_transaction_id' : 'payment_method_id'),
'provider_id' => $request->input('paddle_transaction_id'),
'price' => $package->price,
'type' => 'endcustomer_event',
'purchased_at' => now(),
@@ -261,16 +232,19 @@ class PackageController extends Controller
private function handlePaidPurchase(Request $request, Package $package, $tenant): JsonResponse
{
$type = $request->type;
if ($type === 'reseller_subscription') {
$response = (new StripeController)->createSubscription($request);
return $response;
} else {
$response = (new StripeController)->createPaymentIntent($request);
return $response;
if (! $package->paddle_price_id) {
throw ValidationException::withMessages(['package_id' => 'Package is not linked to a Paddle price.']);
}
$checkout = $this->paddleCheckout->createCheckout($tenant, $package, [
'success_url' => $request->input('success_url'),
'return_url' => $request->input('return_url'),
'metadata' => array_filter([
'type' => $request->input('type'),
'event_id' => $request->input('event_id'),
]),
]);
return response()->json($checkout);
}
}