var tonicExpress = require("notebook")("tonic/express-endpoint/1.0.0")
// Just provide the exports object to the tonicExpress helper
var app = tonicExpress(module.exports)
var bodyParser = require('body-parser');
var jsonParser = bodyParser.json();
app.use(bodyParser.urlencoded({ extended: false }));
// Copy this notebook and set your own secret key
// https://tonicdev.com/settings/environment
var stripe = require("stripe")(process.env.STRIPE_SECRET_TEST_KEY);
app.all('/*', function(req, res, next) {
// Allow requests from my Github page and localhost
var allowedOrigins = ['http://localhost:8888', 'https://tschaeff.github.io', 'https://stripe-internal.github.io'];
var origin = req.headers.origin;
if(allowedOrigins.indexOf(origin) > -1){
res.setHeader('Access-Control-Allow-Origin', origin);
}
next();
});
// Creating sources
app.post("/sources", (req, res) => {
var postData = req.body;
// Switch to handle the different payment methods
switch(postData.type) {
case "sepa_debit":
stripe.sources.create({
type: 'sepa_debit',
amount: postData.amount,
token: postData.btok
}).then(function(source) {
return stripe.customers.create({
description: source.owner.name,
source: source.id
});
}).then(function(customer) {
return stripe.charges.create({
amount: customer.sources.data[0].amount,
currency: customer.sources.data[0].currency,
customer: customer.id
});
}).then(function(charge) {
res.json(charge);
}).catch(function(err) {
res.json(err)
});
break;
case "sofort":
stripe.sources.create({
type: 'sofort',
amount: postData.amount,
currency: 'eur',
redirect: { return_url: req.headers.referer },
sofort: { country: postData.sofort_country },
owner: { name: postData.owner_name }
}).then(function(source) {
res.json(source)
}).catch(function(err) {
res.json(err)
});
break;
case "ideal":
stripe.sources.create({
type: 'ideal',
amount: postData.amount,
currency: 'eur',
redirect: { return_url: req.headers.referer },
// ideal: { bank: null }, TODO add ideal bank pre select
owner: { name: postData.owner_name }
}).then(function(source) {
res.json(source)
}).catch(function(err) {
res.json(err)
});
break;
case "bancontact":
stripe.sources.create({
type: 'bancontact',
amount: postData.amount,
currency: 'eur',
redirect: { return_url: req.headers.referer },
owner: { name: postData.owner_name }
}).then(function(source) {
res.json(source)
}).catch(function(err) {
res.json(err)
});
break;
default:
res.json({
status: "payment_method_not_available",
error_message: postData.type + " is not available",
});
}
})
// Retrieving sources
app.get("/sources/:source", (req, res) => {
var sourceId = req.params.source;
stripe.sources.retrieve(sourceId).then(function(source) {
res.json(source);
}).catch(function(err) {
res.json(err);
});
})
// Handling Webhooks
app.post("/webhook", jsonParser, (req, res) => {
// Retrieve the request's body and parse it as JSON
try {
//res.send(JSON.stringify(req.body));
// Retrieve the request's body and parse it as JSON
var event_json = req.body;
// Verify the event by fetching it from Stripe
stripe.events.retrieve(event_json.id, function(err, event) {
event_json = event_json.data.object;
// Charge the source
stripe.charges.create({
amount: event_json.amount,
currency: event_json.currency,
source: event_json.id
}).then(function(charge) {
res.json(charge);
}).catch(function(err) {
res.json(err)
});
});
} catch(e) { console.log(e) }
});