Skip to content

Commit f600cc5

Browse files
committed
Changes
- Fixes for webhook signature validation - Update Laravel.md
1 parent fbf424c commit f600cc5

File tree

2 files changed

+10
-24
lines changed

2 files changed

+10
-24
lines changed

docs/frameworks/Laravel.md

Lines changed: 7 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ Route::post('chargilypay/webhook', [ChargilyPayController::class, "webhook"])->n
8585
### 4. Create controler
8686

8787
```bash
88-
php artisan make:controler ChargilyPayController
88+
php artisan make:controller ChargilyPayController
8989
```
9090

9191
- Attach the following methods to the controller
@@ -137,32 +137,17 @@ class ChargilyPayController extends Controller
137137
$user = auth()->user();
138138
$checkout_id = $request->input("checkout_id");
139139
$checkout = $this->chargilyPayInstance()->checkouts()->get($checkout_id);
140+
$payment = null;
140141

141142
if ($checkout) {
142143
$metadata = $checkout->getMetadata();
143144
$payment = \App\Models\ChargilyPayment::find($metadata['payment_id']);
144-
145-
if ($payment) {
146-
if ($checkout->getStatus() === "paid") {
147-
//update payment status in database
148-
$payment->status = "paid";
149-
$payment->update();
150-
/////
151-
///// Confirm your order
152-
/////
153-
154-
} else if ($checkout->getStatus() === "failed" or $checkout->getStatus() === "canceled") {
155-
//update payment status in database
156-
$payment->status = "failed";
157-
$payment->update();
158-
/////
159-
///// Cancel your order
160-
/////
161-
162-
}
163-
}
145+
////
146+
//// Is not recomended to process payment in back page / success or fail page
147+
//// Doing payment processing in webhook for best practices
148+
////
164149
}
165-
return redirect("redirect to your order page");
150+
dd($checkout,$payment);
166151
}
167152
/**
168153
* This action will be processed in the background

src/Api/Webhook.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,12 +21,13 @@ public function get(): ?WebhookElement
2121
{
2222
$headers = getallheaders();
2323
$signature = isset($headers['signature']) ? $headers['signature'] : "";
24+
$signature = (empty($signature) and isset($headers['Signature'])) ? $headers['Signature'] : "";
25+
2426
$payload = file_get_contents('php://input');
2527
$computed = hash_hmac('sha256', $payload, $this->credentials->secret);
26-
2728
if (hash_equals($signature, $computed)) {
28-
$event = json_decode($payload, true);
2929

30+
$event = json_decode($payload, true);
3031
return $this->newElement($event);
3132
}
3233
return null;

0 commit comments

Comments
 (0)