Skip to content

v0.1.0-beta Released

Latest

Choose a tag to compare

@fattain-naime fattain-naime released this 30 Jun 11:04
748a61b

OwnPay v0.1.0 - Initial Public Release 🚀

We are proud to announce the initial public release of OwnPay, a self-hosted, enterprise-grade, open-source payment gateway platform built on PHP 8.3+ and designed to put businesses in full control of their payment stack.

Unlike multi-tenant SaaS platforms, OwnPay is operated by a single owner, serving multiple isolated brands (stores) under their own custom domains. Each brand enjoys distinct gateways, custom ledger configurations, and a unique customer checkout identity.


🏛️ Major Highlights & Features

1. Multi-Brand Architecture & Custom Domains

  • Scoped Brand Context: Isolation at the database query layer via the TenantScope trait. A single super-administrator manages multiple brands (op_merchants) with zero cross-contamination.
  • White-Label Custom Domains: DomainMiddleware resolves custom domains for checkouts, automatically routing payments to the appropriate brand while keeping /admin/* interfaces restricted to the master domain.
  • Cascading Settings: Settings dynamically resolve from a brand-specific override, falling back to global system-wide defaults.

2. 123 Bundled Payment Gateways 💳

We include 123 built-in payment gateway integrations out of the box, categorized for global reach:

  • Southeast Asia: bKash API, Nagad Merchant API, SSLCommerz, Rocket, GCash, Maya, Touch 'n Go, GrabPay, PromptPay, QRIS, and more.
  • South Asia: Razorpay, Cashfree, Instamojo, PayTM, EasyPaisa, JazzCash.
  • Latin America: MercadoPago, Pix, PagSeguro, EBANX, dLocal.
  • Africa: M-Pesa, MTN MoMo, Flutterwave, Paystack, Orange Money.
  • Europe & Global: Stripe, PayPal Checkout, Adyen, Braintree, Klarna, Mollie, Authorize.Net, Square.
  • Cryptocurrency: Binance Pay, BitPay, BTCPay Server, Coinbase Commerce, OpenNode, NowPayments.
  • Plus a robust Manual (Offline) Gateway System allowing brands to display customized bank transfer instructions, manual payment details, and QR codes.

3. GAAP-Compliant Double-Entry Ledger Engine 📈

  • Double-Entry Accounting: Full bookkeeping journal (op_ledger_accounts, op_ledger_transactions, op_ledger_entries) that validates and maintains balance constraints at the database level.
  • Atomic Refunds & Multi-Currency Processing: Safe transaction posting secured by mutexes, enabling seamless conversions and ledger entries across different base currencies.

4. Companion Mobile App & SMS Verification Engine 📱

  • SMS-to-Payment Confirmation: Connects securely with the OwnPay Console Android app.
  • Automated Offline Matching: An SMS verification job parses incoming bank/MFS text messages, matching transaction IDs or amounts/timeframes to pending invoices for instant checkout confirmation.
  • Secure Device Auth: JWT-based API access for companion devices, featuring automatic key rotation and instant device revocation.

5. Guided Web Installer Wizard 🧙‍♂️

  • Step-by-Step Installation: Automatic check for directory permissions, database connectivity, table schema creation, default brand generation, and .env configuration.
  • Fail-Safe Design: Completely database-independent setup wizard ensuring a smooth first-time deployment.

6. Enterprise-Grade Security

  • Argon2id & TOTP 2FA: Industry-standard password hashing and built-in two-factor authentication.
  • Advanced Middleware Stack: Injects CSRF tokens, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and dynamic Content Security Policies (CSP) tailored only to the active payment gateways.
  • Parameterized SQL Queries: 100% protection against SQL injections.
  • Plugin Sandbox: Scans third-party plugin scripts on load to block dangerous PHP calls (eval, exec, system, etc.).

7. Developer APIs & Webhooks

  • API Integration: Full OpenAPI 3.1.1 specification (docs/v2/api/openapi.yaml) with public interactive API documentation.
  • Merchant & Inbound Webhooks: Webhook delivery retry queue to notify external platforms (like WHMCS, WooCommerce, or custom platforms) of payment states.

🚀 Getting Started

To install OwnPay on your server, ensure you meet the following requirements:

Prerequisites

  • PHP: 8.3 or higher with extensions (pdo_mysql, openssl, bcmath, mbstring, curl, gd, zip).
  • Database: MySQL 8.0+ or MariaDB 10.5+.
  • Web Server: Nginx or Apache with URL rewriting enabled.

Installation

  1. Clone the repository to your server's web root:
    git clone https://github.com/own-pay/ownpay.git .