feat(helcim): accept signup-bridge cookie in verify-payment
Membership signup verifies the card before email verification, so the signup-bridge cookie set by /api/helcim/customer now satisfies auth in verify-payment when no session exists. Adds a cloudflared tunnel script for testing the Helcim flow locally against a production build.
This commit is contained in:
parent
151481f1ec
commit
10a28ac5ef
3 changed files with 107 additions and 4 deletions
|
|
@ -1,12 +1,17 @@
|
|||
// Verify payment token from HelcimPay.js
|
||||
import { requireAuth } from '../../utils/auth.js'
|
||||
import { requireAuth, getSignupBridgeMember } from '../../utils/auth.js'
|
||||
import { validateBody } from '../../utils/validateBody.js'
|
||||
import { paymentVerifySchema } from '../../utils/schemas.js'
|
||||
import { listHelcimCustomerCards } from '../../utils/helcim.js'
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
try {
|
||||
await requireAuth(event)
|
||||
// Membership signup verifies the card before email verify; allow the
|
||||
// signup-bridge cookie set by /api/helcim/customer to satisfy auth here.
|
||||
const bridgeMember = await getSignupBridgeMember(event)
|
||||
if (!bridgeMember) {
|
||||
await requireAuth(event)
|
||||
}
|
||||
const body = await validateBody(event, paymentVerifySchema)
|
||||
|
||||
// Verify the card token by fetching the customer's cards from Helcim
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue