refactor: extract cart storage to dedicated API controller with dynamic frontend URLs
All checks were successful
Ruby on Rails Test / rails-test (push) Successful in 1m7s
All checks were successful
Ruby on Rails Test / rails-test (push) Successful in 1m7s
- Added dedicated CartsController for session-based cart storage - Refactored routes to use POST /api/v1/carts/store - Updated ticket selection JS to use dynamic data attributes for URLs - Fixed CSRF protection in API and checkout payment increment - Made checkout button URLs dynamic via data attributes - Updated tests for new cart storage endpoint - Removed obsolete store_cart from EventsController
This commit is contained in:
kbe
@@ -139,10 +139,13 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<button
|
||||
id="checkout-button"
|
||||
class="w-full btn btn-primary py-4 px-6 rounded-xl transition-all duration-200 transform hover:scale-105 active:scale-95 shadow-lg hover:shadow-xl"
|
||||
>
|
||||
<button
|
||||
id="checkout-button"
|
||||
data-order-id="<%= @order.id %>"
|
||||
data-increment-url="/api/v1/orders/<%= @order.id %>/increment_payment_attempt"
|
||||
data-session-id="<%= @checkout_session.id if @checkout_session.present? %>"
|
||||
class="w-full btn btn-primary py-4 px-6 rounded-xl transition-all duration-200 transform hover:scale-105 active:scale-95 shadow-lg hover:shadow-xl"
|
||||
>
|
||||
<div class="flex items-center justify-center">
|
||||
<i data-lucide="credit-card" class="w-5 h-5 mr-2"></i>
|
||||
Payer <%= @order.total_amount_euros %>€
|
||||
@@ -199,13 +202,16 @@
|
||||
|
||||
try {
|
||||
// Increment payment attempt counter
|
||||
console.log('Incrementing payment attempt for order:', '<%= @order.id %>');
|
||||
const response = await fetch('/api/v1/orders/<%= @order.id %>/increment_payment_attempt', {
|
||||
method: 'PATCH',
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
}
|
||||
});
|
||||
const orderId = checkoutButton.dataset.orderId;
|
||||
const incrementUrl = checkoutButton.dataset.incrementUrl;
|
||||
console.log('Incrementing payment attempt for order:', orderId);
|
||||
const response = await fetch(incrementUrl, {
|
||||
method: 'PATCH',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
'X-CSRF-Token': document.querySelector('[name=csrf-token]').content
|
||||
}
|
||||
});
|
||||
|
||||
if (!response.ok) {
|
||||
console.error('Payment attempt increment failed:', response.status, response.statusText);
|
||||
@@ -226,10 +232,11 @@
|
||||
`;
|
||||
|
||||
// Redirect to Stripe
|
||||
console.log('Redirecting to Stripe with session ID:', '<%= @checkout_session&.id %>');
|
||||
const stripeResult = await stripe.redirectToCheckout({
|
||||
sessionId: '<%= @checkout_session.id %>'
|
||||
});
|
||||
const sessionId = checkoutButton.dataset.sessionId;
|
||||
console.log('Redirecting to Stripe with session ID:', sessionId);
|
||||
const stripeResult = await stripe.redirectToCheckout({
|
||||
sessionId: sessionId
|
||||
});
|
||||
|
||||
if (stripeResult.error) {
|
||||
throw new Error(stripeResult.error.message);
|
||||
|
||||
Reference in New Issue
Block a user