WebToPay
It is a gem which could be very useful on working with https://www.webtopay.com/ (https://www.mokejimai.lt/) billing system. The main function of this gem is protection against forgeries that could be done by sending required parameters to the application and getting services without paying for free. This gem could be integrated with both billing types - MACRO (VISA, MasterCard, banks etc.) and MICRO (SMS, phone calls etc.).
*It works with OpenSSL so be sure that you have installed all necessary libs or modules on your system.
Installation
Add to your gemfile:
gem "webtopay", '1.6.1'
Configuration
Create initializer config/initializers/webtopay.rb
WebToPay.configure do |config|
config.project_id = 00000
config.sign_password = 'your sign password'
end
Basic usage
Add this to your controller:
webtopay :confirm_order, ...
def confirm_order
# do some ordering stuff here...
render text: "ok" # response with value "ok" is necessary
end
Add this in your view: Or if need only order confirmation button (no action in controller needed:
<%= webtopay_confirm_button("Buy", {amount: 2000, p_name: "Jonas", callback_url: confirm_order_url, ... })
Advanced usage
If you want more control you can use this:
before_filter :webtopay, only:[:controller_method1, :controller_method2] ...
instead of:
webtopay :controller_method1, :controller_method2 ...
Response validation
By default only projectid and sign fields are validated. It is highly recommended to check that order specific params (like paid money amount) also matches params in response. To specify which fields you want to validate add this method in controller:
def webtopay_expected_params(webtopay_params) # webtopay_params is a hash returned from mokejimai.lt
order = Order.find(webtopay_params[:orderid])
{ # hash keys should be the same as in mokejimai.lt specification
p_email: order.user_email,
amount: order.price_in_cents,
# ... and any other fields that we save in database
}
end
On invalid response
If response is invalid then exception will be raised. To change this behavior add this to controller:
def webtopay_failed_validation_response(api_response) # api_response is instance of WebToPay::Response
render json: api_response.errors # default behavior: raise api_response.errors.first
end
Payment form
You can generate payment form like this
<%= form_for WebToPay::Payment.new, url: order_products_path do |f| %>
<%= f.text_field :p_name %>
<%= f.text_field :p_surname %>
<%= f.text_field :p_email %>
... any other fields you like (for complete field list please read mokejimai.lt api specification) ...
<%= f.submit "test paying" %>
<% end %>
Then in your controller
class ProductsController < ApplicationController
def order
# do some order stuff here ...
@payment = WebToPay::Payment.new(params[:web_to_pay_payment])
redirect_to @payment.url
end
end
Or if need only order confirmation button (no action in controller needed:
<%= webtopay_confirm_button("Buy", {amount: 2000, p_name: "Jonas"})
Examples
These code slices will protect your controller actions, which work with webtopay.com billing, against forgeries.
Usage for MICRO and MACRO billing on controller.
webtopay :activate_user, :confirm_cart # You can add here as many actions as you want
def activate_user
# write here code which do some stuff
render :text => "Your user has been successfully activated. Thank you!" # it sends SMS answer
end
def confirm_cart
# write here code which do some stuff
render :text => "ok" # it sends successful answer to webtopay.com crawler
end
TODO
- Write more clear documentation with real examples
- Write unit tests for each billing method (requires some testing data from https://www.webtopay.com/)
- Validate Api request by ss2 param
- Check if mikro payments works well
=========== Copyright (c) 2009 Kristijonas Urbaitis, released under the MIT license