From 11e8ad0cf5676f8f6d5e42c58a38a531f7c5991d Mon Sep 17 00:00:00 2001
From: Amirhesam Adibinia <hesamadibi80@gmail.com>
Date: Tue, 28 Nov 2023 00:42:57 +0330
Subject: [PATCH] refactor: get callback_url in request on payment API (#25)

* feat: call back

* feat: apply call back in api view

* feat: verify payment rework

* fix: resolve comments

---------

Co-authored-by: Alireza Zare <azare242@gmail.com>
---
 backend/backend_api/urls.py      |  2 +-
 backend/backend_api/views.py     | 11 ++++++-----
 backend/payment_backends/zify.py |  5 ++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/backend/backend_api/urls.py b/backend/backend_api/urls.py
index 846f664..3b7b362 100644
--- a/backend/backend_api/urls.py
+++ b/backend/backend_api/urls.py
@@ -90,5 +90,5 @@ def __init__(self, *args, **kwargs):
     path('', include(committee_routes)),
     path('', include(user_route)),
     path('payment/', views.PaymentViewSet.as_view({'post': 'payment'})),
-    path('payment/verify/', views.PaymentViewSet.as_view({'get': 'verify'})),
+    path('payment/verify/', views.PaymentViewSet.as_view({'post': 'verify'})),
 ]
diff --git a/backend/backend_api/views.py b/backend/backend_api/views.py
index e2a12f9..9cee2d8 100644
--- a/backend/backend_api/views.py
+++ b/backend/backend_api/views.py
@@ -215,6 +215,7 @@ class PaymentViewSet(viewsets.GenericViewSet):
     @action(methods=['POST'], detail=False, permission_classes=[IsAuthenticated])
     def payment(self, request):
         account = request.user
+        call_back = request.data.get('call_back')
         try:
             user = User.objects.get(account=account)
         except ObjectDoesNotExist:
@@ -223,7 +224,7 @@ def payment(self, request):
 
         payment = Payment.create_payment_for_user(user)
         response = ZIFYRequest().create_payment(str(payment.pk), payment.amount, user.name, user.phone_number,
-                                                user.account.email)
+                                                user.account.email, call_back)
         if response['status'] == ZIFY_STATUS_OK:
             payment.track_id = response['data']['order']
             payment.save()
@@ -233,9 +234,9 @@ def payment(self, request):
             return Response(
                 new_detailed_response(response['status'], response["message"]))
 
-    @action(methods=['GET'], detail=False)
+    @action(methods=['POST'], detail=False)
     def verify(self, request):
-        pid = request.GET.get('clientrefid')
+        pid = request.data.get('clientrefid')
         if pid is None:
             return Response(new_detailed_response(
                 status.HTTP_400_BAD_REQUEST, "clientrefid is required"))
@@ -248,11 +249,11 @@ def verify(self, request):
         if response['status'] == ZIFY_STATUS_OK:
             payment.update_payment_status(Payment.PaymentStatus.PAYMENT_CONFIRMED)
             # FIXME: redirect to payment success page
-            return Response(new_detailed_response(status.HTTP_200_OK, "Payment verified successfully"))
+            return Response(new_detailed_response(status.HTTP_200_OK, "Payment verified successfully",  payment.pk))
         else:
             payment.update_payment_status(Payment.PaymentStatus.PAYMENT_REJECTED)
             return Response(
-                new_detailed_response(response['status'], response["message"]))
+                new_detailed_response(response['status'], response["message"], payment.pk))
 
 
 class StaffViewSet(viewsets.GenericViewSet,
diff --git a/backend/payment_backends/zify.py b/backend/payment_backends/zify.py
index 0290c78..486d68f 100644
--- a/backend/payment_backends/zify.py
+++ b/backend/payment_backends/zify.py
@@ -13,7 +13,6 @@
 ZIFY_STATUS_BAN = 403
 ZIFY_STATUS_NOT_FOUND = 404
 ZIFY_PAYMENT_DESCRIPTION = 'register workshops or talks'
-ZIFY_CALL_BACK = 'https://aaiss.ir/api/payment/verify/'
 ZIFY_URL = "https://zify.ir/api/order/v2/create"
 ZIFY_URL_VERIFY = "https://zify.ir/api/order/v2/verify"
 ZIFY_PAYMENT_LINK = 'https://zify.ir/order/accept/{track_id}'
@@ -30,7 +29,7 @@ def __init__(self):
     def get_order_url(track_id: str):
         return ZIFY_PAYMENT_LINK.format(track_id=track_id)
 
-    def create_payment(self, order_id, amount, user_name, user_phone, user_email):
+    def create_payment(self, order_id, amount, user_name, user_phone, user_email, call_back):
         body = {
             "payer": {
                 "first_name": "",
@@ -54,7 +53,7 @@ def create_payment(self, order_id, amount, user_name, user_phone, user_email):
                     "description": ZIFY_PAYMENT_DESCRIPTION
                 }
             ],
-            "returnUrl": ZIFY_CALL_BACK,
+            "returnUrl": call_back,
             "clientRefId": order_id,
             "shipping_total": 0,
             "off_total": 0,