Permalink
Browse files

Initial Paypal IPN handler endpoint

Accepts IPN notifications and verifies them against the appropriate endpoint
depending on development or production environment.

Persists PaypalNotification records from Webhook
  • Loading branch information...
patrickod committed Feb 20, 2017
1 parent 3089295 commit abb3348344e8e92629e57a37c4eabfba6070292b
@@ -2,6 +2,7 @@ source 'https://rubygems.org'
gem 'autoprefixer-rails'
gem 'dotenv-rails'
gem 'httparty'
gem 'jquery-rails'
gem 'pg'
gem 'rails', '~> 5.0.0'
@@ -87,6 +87,8 @@ GEM
rspec (>= 2.99.0, < 4.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
httparty (0.14.0)
multi_xml (>= 0.5.2)
i18n (0.8.0)
jquery-rails (4.2.2)
rails-dom-testing (>= 1, < 3)
@@ -107,6 +109,7 @@ GEM
mime-types-data (3.2016.0521)
mini_portile2 (2.1.0)
minitest (5.10.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
nenv (0.3.0)
netrc (0.11.0)
@@ -246,6 +249,7 @@ DEPENDENCIES
factory_girl_rails
foreman
guard-rspec
httparty
jquery-rails
pg
pry
@@ -264,4 +268,4 @@ DEPENDENCIES
web-console (~> 2.0)
BUNDLED WITH
1.12.5
1.14.1
@@ -0,0 +1,20 @@
class Api::PaypalNotificationsController < ApplicationController
skip_before_action :verify_authenticity_token
rescue_from ActiveRecord::RecordNotUnique, with: :duplicate_notification
def create
if PaypalNotification.verify_raw_payload(request.raw_post)
PaypalNotification.create_from_payload(params)
render plain: "VERIFIED", status: 200
else
render plain: "UNVERIFIED", status: 400
end
end
private def duplicate_notification
Rails.logger.info("Received duplicate notification: #{params["txn_id"]}")
render plain: "INVALID", status: 400
end
end
@@ -31,7 +31,7 @@ def create_subscription
redirect_to root_url
end
rescue Stripe::CardError => exc
flash[:danger] = [exc.message]
flash[:danger] = [exc.message]
redirect_to root_url
end
@@ -59,7 +59,7 @@ def update_credit_card(token)
@donor.create_payment_source(token)
true
rescue Stripe::CardError => exc
flash[:danger] = [exc.message]
flash[:danger] = [exc.message]
false
end
end
@@ -0,0 +1,19 @@
class PaypalNotification < ActiveRecord::Base
PRODUCTION_IPN_URL = "https://www.paypal.com/cgi-bin/webscr?cmd=_notify-validate".freeze
DEVELOPMENT_IPN_URL = "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_notify-validate".freeze
IPN_VERIFY_URL = Rails.env.production? ? PRODUCTION_IPN_URL : DEVELOPMENT_IPN_URL
def self.verify_raw_payload(raw_payload)
HTTParty.post(IPN_VERIFY_URL, body: raw_payload).body == "VERIFIED"
rescue
false
end
def self.create_from_payload(payload)
create!(
notification_id: payload["txn_id"],
payload: payload.to_json
)
end
end
@@ -12,5 +12,6 @@
namespace :api do
resource :stripe_events, only: [:create]
resource :paypal_notifications, only: [:create]
end
end

0 comments on commit abb3348

Please sign in to comment.