payment-backoffice-api
This project acts like an authentication proxy. Each route will call the desired API.
For payload and params validation, please refer to specific API documentation.
versions
v0.5.0
requirements
- node.js
- postgres
Developers will probably need to run docker
environment variables
The project needs some environment variables to run properly.
In development mode, you can use a .env
file to define them.
ACCOUNTING_API_URL
: accounting api urlACCOUNTING_API_SHARED_KEY
: accounting api shared key without ending slashAUTH_HEADER_KEY
=oyst-authorizationAUTH_HEADER_PREFIX
=OystBO_PAY_FRONT_URL
: url of payment-backoffice-frontDATABASE_URL
: Databse connection stringMAIL_FROM_ADDR
="no-reply@oyst.com"MAIL_FROM_ALIAS
="OYST Validator"MAIL_SUPPORT_TO
: email address to which the support message will be sentMAIL_VALIDATION_TO
: email address to which the validation email will be sentMERCHANT_API_SHARED_KEY
: Shared key for merchant-apiMERCHANT_API_URL
: Merchant's API endpointPAYMENT_API_URL
: Payment's API endpointPAYMENT_API_SHARED_KEY
: Shared key for payment-apiSENDGRID_API_KEY
: API key for sendgridSHARED_KEY
: Shared encryption key used to sign and verify JsonWebTokenSWAGGER_HOST
(optional): define the URL used by Swagger to test APIs. eg:localhost:8080
USER_API_URL
: User API endpoint
install
$ npm install
run the project
In development mode, be sure docker is running postgres
:
$ docker-compose up -d
Then, in development mode:
$ $(npm bin)/gulp serve
Or, in production mode:
$ $(npm bin)/npm run start
routes
Auth protected routes
If a route needs authentication, you have to provide an auth header
AUTH_HEADER_KEY: AUTH_HEADER_PREFIX jwt_token
Signup
-
POST /users
-
needs auth:
FALSE
-
payload
Joiobjectemail: Joipassword: Joipassword_confirmation: Joioptionslanguage: any: allowOnly: 'must match password'phone: phoneValidator- return
-
Signin
-
POST /sessions
-
needs auth:
FALSE
-
payload
Joiobjectemail: Joipassword: Joi- return
-
Check if user is authenticated
-
GET /sessions/{token}
-
needs auth:
TRUE
-
return
404
Bad token401
Not authenticated200
authenticated
-
Update user infos
-
PUT /users/{id}
- needs auth:
TRUE
- payload:
Joiobject- return
- needs auth:
Support
-
POST /support/mail
- needs auth:
FALSE
- payload:
Joiobjectemail: Joimessage: Joisubject: Joi- return
- needs auth:
Change password
-
PATCH /users/password
- needs auth:
TRUE
- payload:
Joiobjectcurrent: Joipassword: Joipassword_confirmation: Joioptionslanguage: any: allowOnly: 'must match password'- return
- needs auth:
Forgot password
Step 1
-
POST /users/password/forgot
- needs auth:
FALSE
- payload:
Joiobjectemail: Joi- return
- needs auth:
Step 2
-
GET /users/password/checkToken
- needs auth:
FALSE
- querystring:
Joiobjectid: Joitoken: jwt- return
- needs auth:
Step 3
-
PATCH /users/password/new
- needs auth:
FALSE
- payload:
Joiobjectpassword: Joipassword_confirmation: Joioptionslanguage: any: allowOnly: 'must match password'- querystring:
Joiobjectid: Joitoken: jwt- return
- needs auth:
Merchant-API calls
GET /merchants/{id}/activate/{token}
Activate a merchant using link provided by email (OYST side)
-
needs auth:
FALSE
-
params
id: Joi token: jwt
- remote endpoint:
PATCH /merchants/{id}/activate
GET /merchants/{id}/deactivate/{token}
Deactivate a merchant using link provided by email (OYST side)
-
needs auth:
FALSE
-
params
id: Joi token: jwt
- remote endpoint:
PATCH /merchants/{id}/deactivate
POST /merchants
Create a merchant
- needs auth:
TRUE
GET /merchants
Get merchant's informations based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
GET /merchants/{id}
PUT /merchants
Update merchant's informations based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
PUT /merchants/{id}
PUT /merchants/upload/{type}
Upload merchant's CGV/logo based on logged in user's merchantID
-
needs auth:
TRUE
-
params
type: Joi
- remote endpoint:
PUT /merchants/{id}/upload/{type}
Payment-API calls
GET /payments
Get all transactions with pagination based on logged in user's merchantID
-
needs auth:
TRUE
-
query params
page: Joi per_page: Joi
- remote endpoint:
GET /merchants/{merchant_id}/payments
POST /payments/{id}/cancel
Cancel desired transaction based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
POST /merchants/{merchant_id}/payments/{id}/cancel
POST /payments/{id}/refund
Refund desired transaction based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
POST /merchants/{merchant_id}/payments/{id}/refund
GET /payments/{id}
Get desired transaction based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint: */!\ Not yet implemented /!*
GET /payments/overview
Get overview for transactions based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
/merchants/{merchant_id}/payments/overview
Accounting-API calls
GET /accounting/overview
Get merchant's account's overview based on logged in user's merchantID
-
needs auth:
TRUE
-
remote endpoint:
/merchants/${merchant_id}/payments/overview
Payout calls
POST /payouts
Create new payout
-
needs auth:
TRUE
-
remote endpoint:
POST /merchants/{merchant_id}/payouts/submit
GET /payouts
Get all payouts from current logged in merchant
-
needs auth:
TRUE
-
remote endpoint:
GET /merchants/{merchant_id}/payouts
Changelog
-
v0.8.0
- Feature get all payouts from merchant
- New route
- GET /payouts
- Update README
- New tests
- Update to v0.8.0
-
v0.7.0
- Feature change result from merchant's activation
- Return
Validated
orRefused
-
v0.6.0
- Feature create payout
- New class Payout
- New route POST /payouts
- New tests
- Update README
- Update to v0.6.0
- Feature create payout
-
v0.5.0
- Return also merchant infos on check token
- GET /sessions/token
- Return also merchant infos on check token
-
v0.4.1
- Fix bug on login when no merchant created
-
v0.4.0
- Returns merchant's infos on login
- Force https on activate/deactivate routes