refactor: extract cart storage to dedicated API controller with dynamic frontend URLs
All checks were successful
Ruby on Rails Test / rails-test (push) Successful in 1m7s
All checks were successful
Ruby on Rails Test / rails-test (push) Successful in 1m7s
- Added dedicated CartsController for session-based cart storage - Refactored routes to use POST /api/v1/carts/store - Updated ticket selection JS to use dynamic data attributes for URLs - Fixed CSRF protection in API and checkout payment increment - Made checkout button URLs dynamic via data attributes - Updated tests for new cart storage endpoint - Removed obsolete store_cart from EventsController
This commit is contained in:
kbe
25
app/controllers/api/v1/carts_controller.rb
Normal file
25
app/controllers/api/v1/carts_controller.rb
Normal file
@@ -0,0 +1,25 @@
|
||||
module Api
|
||||
module V1
|
||||
class CartsController < ApiController
|
||||
# Skip API key authentication for store_cart action (used by frontend forms)
|
||||
skip_before_action :authenticate_api_key, only: [ :store ]
|
||||
|
||||
def store
|
||||
event_id = params[:event_id]
|
||||
@event = Event.find(event_id)
|
||||
|
||||
cart_data = params[:cart] || {}
|
||||
session[:pending_cart] = cart_data
|
||||
session[:event_id] = @event.id
|
||||
|
||||
render json: { status: "success", message: "Cart stored successfully" }
|
||||
rescue ActiveRecord::RecordNotFound
|
||||
render json: { status: "error", message: "Event not found" }, status: :not_found
|
||||
rescue => e
|
||||
error_message = e.message.present? ? e.message : "Unknown error"
|
||||
Rails.logger.error "Error storing cart: #{error_message}"
|
||||
render json: { status: "error", message: "Failed to store cart" }, status: 500
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user