ayrisdev/Pay2Gateway
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement merchant dashboard, secure auth, and short_id system

Browse Source 
- Added dedicated merchant dashboard with analytics and transactions
- Implemented API Key based authentication for merchants
- Introduced 8-character Short IDs for merchants to use in URLs
- Refactored checkout and payment intent APIs to support multi-gateway
- Enhanced Landing Page with Merchant Portal access and marketing copy
- Fixed Next.js 15 async params build issues
- Updated internal branding to P2CGateway
- Added AyrisTech credits to footer
This commit is contained in:
mstfyldz
2026-01-20 21:58:41 +03:00
parent af09543374
commit 3562e10713
46 changed files with 3505 additions and 414 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
app/api/merchants/[id]/route.ts Normal file
View File

@@ -0,0 +1,91 @@
import { NextRequest, NextResponse } from 'next/server';
import { supabaseAdmin } from '@/lib/supabase-admin';
export async function GET(
req: NextRequest,
context: { params: Promise<{ id: string }> }
) {
try {
const { id } = await context.params;
const { data, error } = await supabaseAdmin
.from('merchants')
.select('*')
.eq('id', id)
.single();
if (error) {
return NextResponse.json({ error: error.message }, { status: 404 });
}
return NextResponse.json(data);
} catch (err: any) {
return NextResponse.json(
{ error: `Internal Server Error: ${err.message}` },
{ status: 500 }
);
}
}
export async function PATCH(
req: NextRequest,
context: { params: Promise<{ id: string }> }
) {
try {
const { id } = await context.params;
const { name, webhook_url, payment_provider, provider_config } = await req.json();
if (!name) {
return NextResponse.json(
{ error: 'Firma adı zorunludur.' },
{ status: 400 }
);
}
const { data, error } = await supabaseAdmin
.from('merchants')
.update({
name,
webhook_url,
payment_provider,
provider_config
})
.eq('id', id)
.select()
.single();
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
}
return NextResponse.json(data);
} catch (err: any) {
return NextResponse.json(
{ error: `Internal Server Error: ${err.message}` },
{ status: 500 }
);
}
}
export async function DELETE(
req: NextRequest,
context: { params: Promise<{ id: string }> }
) {
try {
const { id } = await context.params;
const { error } = await supabaseAdmin
.from('merchants')
.delete()
.eq('id', id);
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
}
return NextResponse.json({ success: true });
} catch (err: any) {
return NextResponse.json(
{ error: `Internal Server Error: ${err.message}` },
{ status: 500 }
);
}
}

60
app/api/merchants/auth/route.ts Normal file
View File

@@ -0,0 +1,60 @@
import { NextRequest, NextResponse } from 'next/server';
import { supabaseAdmin } from '@/lib/supabase-admin';
import { cookies } from 'next/headers';
export async function POST(req: NextRequest) {
try {
const { identifier, apiKey } = await req.json();
if (!identifier || !apiKey) {
return NextResponse.json({ error: 'Eksik bilgi.' }, { status: 400 });
}
// 1. Resolve merchant by ID or short_id
const isUUID = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(identifier);
const query = supabaseAdmin
.from('merchants')
.select('*');
if (isUUID) {
query.eq('id', identifier);
} else {
query.eq('short_id', identifier);
}
const { data: merchant, error } = await query.single();
if (error || !merchant) {
return NextResponse.json({ error: 'Firma bulunamadı.' }, { status: 404 });
}
// 2. Verify API Key
if (merchant.api_key !== apiKey) {
return NextResponse.json({ error: 'Geçersiz anahtar.' }, { status: 401 });
}
// 3. Set Auth Cookie (simplified for now)
// Store the merchant ID in a cookie
const cookieStore = await cookies();
cookieStore.set(`merchant_auth_${merchant.id}`, 'true', {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
maxAge: 60 * 60 * 24, // 24 hours
path: '/',
});
// Also set a temporary short_id link if needed
if (merchant.short_id) {
cookieStore.set(`merchant_auth_${merchant.short_id}`, 'true', {
httpOnly: true,
maxAge: 60 * 60 * 24,
path: '/',
});
}
return NextResponse.json({ success: true });
} catch (err: any) {
return NextResponse.json({ error: err.message }, { status: 500 });
}
}

23
app/api/merchants/logout/route.ts Normal file
View File

@@ -0,0 +1,23 @@
import { NextRequest, NextResponse } from 'next/server';
import { cookies } from 'next/headers';
export async function POST(req: NextRequest) {
try {
const { identifier } = await req.json();
const cookieStore = await cookies();
// We don't know the exact UUID easily if they provide a short_id,
// but we can try to clear both or just clear the one we know.
// Actually, since we set it for both in the auth route, let's clear common ones.
// A better way: clear all cookies starting with merchant_auth_
// But Next.js cookies API doesn't support listing/clearing by pattern easily.
// So we'll just clear the one for the provided identifier.
cookieStore.delete(`merchant_auth_${identifier}`);
return NextResponse.json({ success: true });
} catch (err: any) {
return NextResponse.json({ error: err.message }, { status: 500 });
}
}

70
app/api/merchants/route.ts Normal file
View File

@@ -0,0 +1,70 @@
import { NextRequest, NextResponse } from 'next/server';
import { supabaseAdmin } from '@/lib/supabase-admin';
export async function POST(req: NextRequest) {
try {
const { name, webhook_url, payment_provider, provider_config } = await req.json();
if (!name) {
return NextResponse.json(
{ error: 'Firma adı zorunludur.' },
{ status: 400 }
);
}
// Generate a 8-character short ID (e.g., P2C-A1B2C3)
const generateShortId = () => {
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
let result = '';
for (let i = 0; i < 8; i++) {
result += chars.charAt(Math.floor(Math.random() * chars.length));
}
return result;
};
const { data, error } = await supabaseAdmin
.from('merchants')
.insert([{
name,
webhook_url,
short_id: generateShortId(),
payment_provider: payment_provider || 'stripe',
provider_config: provider_config || {}
}])
.select()
.single();
if (error) {
console.error('Merchant creation error:', error);
return NextResponse.json({ error: error.message }, { status: 500 });
}
return NextResponse.json(data);
} catch (err: any) {
console.error('Internal Error:', err);
return NextResponse.json(
{ error: `Internal Server Error: ${err.message}` },
{ status: 500 }
);
}
}
export async function GET() {
try {
const { data, error } = await supabaseAdmin
.from('merchants')
.select('*')
.order('created_at', { ascending: false });
if (error) {
return NextResponse.json({ error: error.message }, { status: 500 });
}
return NextResponse.json(data);
} catch (err: any) {
return NextResponse.json(
{ error: `Internal Server Error: ${err.message}` },
{ status: 500 }
);
}
}