Answer the question
In order to leave comments, you need to log in
Y
Y
Yevhenii K2019-09-14 13:31:52
Yevhenii K, 2019-09-14 13:31:52
How to connect the payment gateway correctly?
There is a simple test CRUD project on node.js and express.js , I decided to try adding a payment gateway, it works like on the learn.javascript.ru website , redirects to the payment gateway page. But, I'm having a problem.
The API documentation states that you need to send a POST request with data or JSON data. The problem is that if you add a form in this form, you can correct the form data values through devtools.
Form example
<form action="https://www.portmone.com.ua/gateway/" method="post">
<input type="hidden" name="payee_id" value="1185" />
<input type="hidden" name="shop_order_number" value="76575j65465464161hhhh" />
<input type="hidden" name="bill_amount" value="1"/>
<input type="hidden" name="description" value="Опис замовлення"/>
<input type="hidden" name="success_url" value="http://example.com/success.html" />
<input type="hidden" name="failure_url" value="http://example.com/failure.html" />
<input type="hidden" name="lang" value="ru" />
<input type="hidden" name="encoding" value= "UTF-8" />
<input type="hidden" name="exp_time" value= "400" />
</form>Based on this, I assume that you need to send a request to the gateway from the server side. For this I tried to use the query
request({
url: 'https://www.portmone.com.ua/gateway/',
method: 'POST',
followAllRedirects: true,
jar: true,
form: formData
}, function (error, response, body) {
if (error) {
console.log(error);
} else {
res.send(body);
}
});This request is working. But, it does not redirect the user along with the data, but receives the page. I tried to look at the code on learn.javascript.ru but it is obfuscated.
Please, explain how to implement / how this functionality should work and what methods to use.
1 answer(s)
@Robur
There is no need to assume here, if the documentation says that it should be on the client, then on the client, if on the server, then on the server. As far as I can see, there are no secrets and codes there, so this is normal for the client.
If someone climbs in and changes the values in devtools, then he will either pay in the wrong place, or in the wrong amount, in any case, he simply creates a problem for himself, and you check the payment data on the server and if the payment is not valid, then do not confirm it and do not give him what he bought.
R
Robur, 2019-09-14 @Robur
Based on this, I assume that you need to send a request to the gateway from the server side.
There is no need to assume here, if the documentation says that it should be on the client, then on the client, if on the server, then on the server. As far as I can see, there are no secrets and codes there, so this is normal for the client.
If someone climbs in and changes the values in devtools, then he will either pay in the wrong place, or in the wrong amount, in any case, he simply creates a problem for himself, and you check the payment data on the server and if the payment is not valid, then do not confirm it and do not give him what he bought.
Similar questions
C
K
S
R
Z
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question