Permalink
Browse files

add encrypted paypal button

  • Loading branch information...
1 parent 45cd8df commit 6c9fdad690b9b8e416645b1bb3f81292120496ee @pfeffer committed May 21, 2012
View
@@ -13,3 +13,6 @@
# Ignore all logfiles and tempfiles.
/log/*.log
/tmp
+
+#Ignore config.yml with secret data
+/config/config.yml
@@ -15,7 +15,8 @@ bread.initOrderBackbone = function(){
delivery_type: 'pickup', //1 - pickup, 2 - delivery
delivery_address: '',
delivery_distance: 0, // in metres
- order_id: 0
+ order_id: 0,
+ paypal_encrypted: ''
},
initialize: function(obj){
},
@@ -75,7 +76,8 @@ bread.initOrderBackbone = function(){
success: function(data) {
alert("Success!");
model.setStep(3);
- model.setOrderId(data.id);
+ model.setOrderId(data.order_id);
+ model.setPaypalEncrypted(data.paypal_encrypted_str);
console.log(data);},
error: function (xhr, status) {alert ('Sorry, there was a problem!')}
})
@@ -130,6 +132,9 @@ bread.initOrderBackbone = function(){
},
setDeliveryDistance: function(dist){
this.set('delivery_distance', dist, {silent: true})
+ },
+ setPaypalEncrypted: function(s){
+ this.set('paypal_encrypted', s)
}
});
@@ -47,13 +47,10 @@ def create
@order = Order.create!( components_mask: components, is_delivery: is_delivery, delivery_address: delivery_address, quantity: quantity )
- render :json => @order
+ #render :json => {order_id: @order.id, paypal_encrypted_str: @order.encrypt_paypal(thank_you_url, payment_notifications_url)}
+ render :json => {order_id: @order.id, paypal_encrypted_str: @order.encrypt_paypal(thank_you_url, 'http://marakujja.zapto.org/payment_notifications')}
# respond_to do |format|
- # format.js {redirect_to "thank_you"}
- # end
-
- # respond_to do |format|
# if @order.save
# format.html { redirect_to @order, notice: 'Order was successfully created.' }
# format.json { render json: @order, status: :created, location: @order }
@@ -0,0 +1,10 @@
+class OrderMailer < ActionMailer::Base
+ default from: "masha.ku@gmail.com"
+
+ def email_order(user_name, user_email, order)
+ @user_name = user_name
+ @order = order
+
+ mail(to: user_email, subject: "Your order of banana bread").deliver
+ end
+end
View
@@ -1,3 +1,54 @@
class Order < ActiveRecord::Base
- #serialize :components
+
+ def paypal_form(return_url, notify_url)
+ values = {
+ #business: 'mkmk_1335799555_biz@mail.ru',
+ :cmd => '_xclick',
+ :business => '7UWLEGTUETVWL',
+ :item_name => 'Banana bread',
+ :quantity => self.quantity,
+ :lc => 'CA',
+ :amount => 20 * self.quantity, #APP_CONFIG[:price] * quantity,
+ :currency_code => 'USD',
+ :invoice => self.id,
+ :button_subtype => 'services',
+ :bn => "PP-BuyNowBF:btn_buynowCC_LG.gif:NonHosted",
+ :return => return_url,
+ :notify_url => notify_url,
+ :cert_id => 'Q676RQJ8RDHWY'
+ }
+
+ 'https://www.sandbox.paypal.com/cgi-bin/webscr?'+values.to_query
+ end
+
+ def encrypt_paypal(return_url, notify_url)
+ values = {
+ :business => 'mkmk_1335799555_biz@mail.ru',
+ :cmd => '_xclick',
+ #:business => '7UWLEGTUETVWL',
+ :item_name => 'Banana bread',
+ :quantity => self.quantity,
+ :amount => 20 * self.quantity, #APP_CONFIG[:price] * quantity,
+ :currency_code => 'USD',
+ :invoice => self.id,
+ :rm => 0,
+ #:button_subtype => 'services',
+ #:bn => "PP-BuyNowBF:btn_buynowCC_LG.gif:NonHosted",
+ :return => return_url,
+ :notify_url => notify_url,
+ :cert_id => 'Q676RQJ8RDHWY'
+ }
+ y values
+
+ encrypt_for_paypal(values)
+ end
+
+ PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
+ APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
+ APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
+
+ def encrypt_for_paypal(values)
+ signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM), OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
+ OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"), OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
+ end
end
@@ -7,6 +7,8 @@ class PaymentNotification < ActiveRecord::Base
def mark_order_as_purchased
if status == "Completed"
order.update_attribute(:purchased_at, Time.now)
+
+ OrderMailer.email_order("UserName", "masha.ku@gmail.com", order)
end
end
end
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
+ </head>
+ <body>
+ <h1>Welcome to bananabread.com, <%= @user_name %></h1>
+
+ <p>
+ Thank you for your purchase!
+ Your order # <%= @order.id %> is going to be delivered soon.
+ </p>
+ </body>
+</html>
@@ -103,21 +103,13 @@
<td class='right-column'>
<span id="order-text">You are about to order <span id="order-quantity"><%%= quantity %></span> Banana bread <span id="order-loaf"><%%= loaf %></span><span id="order-components"><%%= order_text %></span>.</span>
<div id="order-step">
+
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<div id="payment">
- <input type="hidden" name="cmd" value="_xclick">
- <input type="hidden" name="business" value="7UWLEGTUETVWL">
- <input type="hidden" name="item_name" value="banana bread">
- <input type="hidden" name="quantity" value="<%%= quantity%>">
- <input type="hidden" name="lc" value="CA">
- <input type="hidden" name="amount" value="20.00">
- <input type="hidden" name="currency_code" value="USD">
- <input type="hidden" name="invoice" value="<%%= order_id%>">
- <input type="hidden" name="button_subtype" value="services">
- <input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHosted">
- <input type="hidden" name="return" value="http://localhost:3000/thank_you/">
- <input type="hidden" name="notify_url" value='http://marakujja.zapto.org/payment_notifications'>
+ <input type="hidden" name="cmd" value="_s-xclick">
+ <input type="hidden" name="encrypted" value="<%%= paypal_encrypted %>">
<input type="submit" class="button" value="Pay">
+
<div>You will be redirected to PayPal</div>
</div>
</form>
@@ -1,4 +1,12 @@
+<div style="text-align: center;">
+ THANK YOU!
+
+ <p>
+ <a href=<%= root_url %>> Home </a>
+ </p>
+</div>
+<!--
<table id="table">
<tr>
@@ -11,4 +19,4 @@
</td>
</tr>
-</table>
+</table> -->
View
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+git filter-branch --env-filter '
+
+an="$GIT_AUTHOR_NAME"
+am="$GIT_AUTHOR_EMAIL"
+cn="$GIT_COMMITTER_NAME"
+cm="$GIT_COMMITTER_EMAIL"
+
+if [ "$GIT_COMMITTER_EMAIL" = "pfeffer@mail.ru" ]
+then
+ cn="Masha"
+ cm="pfeffer@mail.ru"
+fi
+if [ "$GIT_AUTHOR_EMAIL" = "pfeffer@mail.ru" ]
+then
+ an="Masha"
+ am="pfeffer@mail.ru"
+fi
+
+export GIT_AUTHOR_NAME="$an"
+export GIT_AUTHOR_EMAIL="$am"
+export GIT_COMMITTER_NAME="$cn"
+export GIT_COMMITTER_EMAIL="$cm"
+'
View
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSTCCArKgAwIBAgIJAOjgXCty6BVrMA0GCSqGSIb3DQEBBQUAMHcxCzAJBgNV
+BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQHEwdUb3RvbnJvMRQwEgYD
+VQQKEwtCYW5hbmFCcmVhZDEOMAwGA1UEAxMFTWFzaGExHjAcBgkqhkiG9w0BCQEW
+D3BmZWZmZXJAbWFpbC5ydTAeFw0xMjA1MTgyMzI1MzFaFw0xMzA1MTgyMzI1MzFa
+MHcxCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYDVQQHEwdUb3Rv
+bnJvMRQwEgYDVQQKEwtCYW5hbmFCcmVhZDEOMAwGA1UEAxMFTWFzaGExHjAcBgkq
+hkiG9w0BCQEWD3BmZWZmZXJAbWFpbC5ydTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEAqYNmrC8fF39jV3NmC408NPBfU5JEzCOzgnxgH4+mV1YGOTId9cmWQ56p
+5RbICquluIJxzF6QtFh4oIMM82d2odB8hrauotqlNZjmVpjHnTUtFt6adctC0cA/
+KbM5sk+xRng40C8WyZCsPSJ58uA79u6pHPNZnmGlWz53i0DOSTsCAwEAAaOB3DCB
+2TAdBgNVHQ4EFgQUKcQyhXN8uUwAEhSapYHptPMT/RgwgakGA1UdIwSBoTCBnoAU
+KcQyhXN8uUwAEhSapYHptPMT/Rihe6R5MHcxCzAJBgNVBAYTAkNBMRAwDgYDVQQI
+EwdPbnRhcmlvMRAwDgYDVQQHEwdUb3RvbnJvMRQwEgYDVQQKEwtCYW5hbmFCcmVh
+ZDEOMAwGA1UEAxMFTWFzaGExHjAcBgkqhkiG9w0BCQEWD3BmZWZmZXJAbWFpbC5y
+dYIJAOjgXCty6BVrMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYleG
+utSNGFul/Fsde9lSk7f9HKVP8S2uKVvbUUmKISHEr0wxnJcIDOioKLCm3O/tm21x
+BiUdNb0BOyrmGBlA7hRrKwekcDOFjIWy9u11rc+qrlOJfPrh11H+QbSzJDOrc11U
++1mgm5pQqxZc0yDO+nbSZk65yYQQEmP2wMwWY60=
+-----END CERTIFICATE-----
View
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCpg2asLx8Xf2NXc2YLjTw08F9TkkTMI7OCfGAfj6ZXVgY5Mh31
+yZZDnqnlFsgKq6W4gnHMXpC0WHiggwzzZ3ah0HyGtq6i2qU1mOZWmMedNS0W3pp1
+y0LRwD8pszmyT7FGeDjQLxbJkKw9Inny4Dv27qkc81meYaVbPneLQM5JOwIDAQAB
+AoGANgBkXwoL76JndV6P7bIqsfq5g5gfTqE4+KLCxIswxLXk+aebn8d+lUAgg5jE
+VZHlE2iK9D5T/wAIPapCH/Cf+9v3cOK/hHvVXrb2QbmiCfXbnSRjPOYt57L8tol5
+chy43yQ5Ci2QAPyAfRWxI1o6JMwtO9Z7ALWKf9xq0P0BxFECQQDVz0e+9NjBDLlG
+GMh5lICDJPP240ad143RnblxLVQkiHC4vHqm2mwhBcTSF0v6SnkUmiW28iViDS0q
+dRlsMlPVAkEAyvZ2Y2c0OIV/bxEJApVudTHDzaR7TiXdlcCv6yM0R9C5ViF+k7Xl
+dhs7Jn8iprQfFuBMKgBWSoXxIE/fVGqAzwJAbo91+S+hWgpbT/0GxZ/d6HLWWOdj
+n8FUC3204+pdpVqMd2q3PcqauWTDRyRW3IFgJSAkunpyjEZmAZt13vYTVQJAN7tt
+zuXsBQlDcPAwlTELX8sGhVWBNnhXXGPI6ryEAqRiADC6XT05gTEBERUgIr6bOuDk
+iTQGffhBuim0na2RKQJABopVVPp0lhRPLZK2Mo4F+Q2aCFFafzx/j7stI+HNBJZ+
+5Bdf/tQlH859VdEnGvpcBBd/Pi4+SfhwlEPsDFYn5w==
+-----END RSA PRIVATE KEY-----
View
@@ -0,0 +1,23 @@
+sandbox_web_api
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAwqgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFNhbiBKb3NlMRUwEwYDVQQK
+EwxQYXlQYWwsIEluYy4xFjAUBgNVBAsUDXNhbmRib3hfY2VydHMxFDASBgNVBAMU
+C3NhbmRib3hfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0
+MDQxOTA3MDI1NFoXDTM1MDQxOTA3MDI1NFowgZgxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEVMBMGA1UEChMMUGF5
+UGFsLCBJbmMuMRYwFAYDVQQLFA1zYW5kYm94X2NlcnRzMRQwEgYDVQQDFAtzYW5k
+Ym94X2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAt5bjv/0N0qN3TiBL+1+L/EjpO1jeqPaJC1fDi+cC
+6t6tTbQ55Od4poT8xjSzNH5S48iHdZh0C7EqfE1MPCc2coJqCSpDqxmOrO+9QXsj
+HWAnx6sb6foHHpsPm7WgQyUmDsNwTWT3OGR398ERmBzzcoL5owf3zBSpRP0NlTWo
+nPMCAwEAAaOB+DCB9TAdBgNVHQ4EFgQUgy4i2asqiC1rp5Ms81Dx8nfVqdIwgcUG
+A1UdIwSBvTCBuoAUgy4i2asqiC1rp5Ms81Dx8nfVqdKhgZ6kgZswgZgxCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEV
+MBMGA1UEChMMUGF5UGFsLCBJbmMuMRYwFAYDVQQLFA1zYW5kYm94X2NlcnRzMRQw
+EgYDVQQDFAtzYW5kYm94X2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNv
+bYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFc288DYGX+GX2+W
+P/dwdXwficf+rlG+0V9GBPJZYKZJQ069W/ZRkUuWFQ+Opd2yhPpneGezmw3aU222
+CGrdKhOrBJRRcpoO3FjHHmXWkqgbQqDWdG7S+/l8n1QfDPp+jpULOrcnGEUY41Im
+jZJTylbJQ1b5PBBjGiP0PpK48cdF
+-----END CERTIFICATE-----
@@ -0,0 +1,9 @@
+APP_CONFIG = YAML.load_file("#{Rails.root}/config/config.yml")
+
+ActionMailer::Base.smtp_settings = {
+ :address => "smtp.gmail.com",
+ :port => 587,
+ :user_name => APP_CONFIG['email_username'],
+ :password => APP_CONFIG['email_password'],
+ :authentication => 'plain',
+ :enable_starttls_auto => true }
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class OrderMailerTest < ActionMailer::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end

0 comments on commit 6c9fdad

Please sign in to comment.