Original Author: Jon Adams (http://github.com/pointlessjon)
WARNING: This plugin is still under development and may not work as expected. Please use with caution and test your implementation thoroughly before putting into production. I do intend to release a v0.1 soon that will include tests and a few more minor tweaks. ~Rick
This plugin provides an API to the Authorize.net AIM connection method. It can be used to accept payments by credit card or e-check.
Download the plugin and place it in app/plugins/authnet.
Setup the Authnet datasource by defining it in your database configuration.
class DATABASE_CONFIG {
var $authnet = array(
'datasource' => 'Authnet.AuthnetSource',
'server' => 'test', // 'test' or 'live'
'test_request' => false,
'login' => 'API_LOGIN_ID',
'key' => 'API_TRANSACTION_KEY'
);
}
This plugin contains a behavior, a model, and a datasource that can all be used together or used separately. It also contains a controller and example views if you want a complete solution.
For a complete solution, you can access some of the plugin's built-in functional examples at:
app/authnet/authnet_transactions/add
app/authnet/authnet_transactions/update
app/authnet/authnet_transactions/delete
No database is required if you use this method.
If you need to store the transaction details to a database after processing the Authorize.net transaction there is a behavior to make things easier. It can be attached using the $actsAs array in your existing model.
var $actsAs = array('Authnet.Authnet');
With your database configuration in place, it will automatically authorize payment during validation, and capture payment during save.
To bypass auth during validation set the authDuringValidation field to false.
var $actsAs = array(
'Authnet.Authnet' => array(
'authDuringValidation' => true,
),
);
Your model field names can be different than the field names the authnet plugin uses. Simply setup a fields array like the example below for the fields you need to change.
var $actsAs = array(
'Authnet.Authnet' => array(
'fields' => array(
'card_num' => 'number',
'exp_date' => 'expiration',
),
),
);
There are a few security considerations that need to be thought about before implementing this plugin.
-
Accepting credit card or e-check payments should only be done over HTTPS.
-
In most cases it is against processor terms to store full credit card data. Only store the information you need. It may be enough to store only the transaction id, and/or the last 4 digits of the customer's credit card. If you need the ability to periodically charge the customer's card, consider a solution like ARB or CIM.
Read more about AIM Implementation from Authorize.net at http://developer.authorize.net/api/aim/.
booya!