diff --git a/app/controllers/spree/api/v2/storefront/anonymous_line_item_controller.rb b/app/controllers/spree/api/v2/storefront/anonymous_line_item_controller.rb
new file mode 100644
index 000000000..28f213a05
--- /dev/null
+++ b/app/controllers/spree/api/v2/storefront/anonymous_line_item_controller.rb
@@ -0,0 +1,39 @@
+module Spree
+ module Api
+ module V2
+ module Storefront
+ class AnonymousLineItemController < Spree::Api::V2::BaseController
+ def show_anonymous_line_item
+ token = params[:token]
+ line_item = line_item_jwt_token(token)
+ if line_item
+ render_serialized_payload { serialize_resource(line_item) }
+ else
+ render json: { error: 'Invalid or expired token' }, status: :unauthorized
+ end
+ end
+
+ def resource_serializer
+ Spree::V2::Storefront::LineItemSerializer
+ end
+
+ private
+
+ def line_item_jwt_token(token)
+ decoded_token = SpreeCmCommissioner::LineItemJwtToken.decode(token)
+
+ line_item_id = decoded_token['line_item_id']
+
+ line_item = Spree::LineItem.find(line_item_id)
+ return nil unless line_item
+
+ decoded_token = SpreeCmCommissioner::LineItemJwtToken.decode(token, line_item&.order&.token)
+ return nil unless decoded_token
+
+ line_item
+ end
+ end
+ end
+ end
+ end
+end
diff --git a/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb b/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb
deleted file mode 100644
index f8bd4ec9a..000000000
--- a/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb
+++ /dev/null
@@ -1,41 +0,0 @@
-module Spree
- module Api
- module V2
- module Storefront
- class AnonymousOrderController < Spree::Api::V2::BaseController
- def show_anonymous_order
- token = params[:token]
- order = order_jwt_token(token)
-
- if order
- render_serialized_payload { serialize_resource(order) }
- else
- render json: { error: 'Invalid or expired token' }, status: :unauthorized
- end
- end
-
- def resource_serializer
- Spree::V2::Storefront::OrderSerializer
- end
-
- private
-
- def order_jwt_token(token)
- decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token)
-
- order_number = decoded_token['order_number']
- return nil unless order_number
-
- order = Spree::Order.find_by(number: order_number)
- return nil unless order
-
- decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token, order&.token)
- return nil unless decoded_token
-
- order
- end
- end
- end
- end
- end
-end
diff --git a/app/helpers/spree/base_helper_decorator.rb b/app/helpers/spree/base_helper_decorator.rb
index 289252d36..aefd3e1a8 100644
--- a/app/helpers/spree/base_helper_decorator.rb
+++ b/app/helpers/spree/base_helper_decorator.rb
@@ -20,7 +20,7 @@ def custom_product_storefront_resource_url(resource, options = {})
end
end
- def custom_product_line_item_url(line_item, jwt_token, options = {})
+ def custom_product_line_item_url(line_item, options = {})
if defined?(locale_param) && locale_param.present?
options.merge!(locale: locale_param)
end
@@ -31,10 +31,12 @@ def custom_product_line_item_url(line_item, jwt_token, options = {})
''
end
- order = Spree::Order.find(line_item.order_id)
- return if order.number.blank? && jwt_token.blank?
+ line_item = Spree::LineItem.find(line_item.id)
+ jwt_token = SpreeCmCommissioner::LineItemJwtToken.encode(line_item)
- "#{current_store.formatted_url + localize}/anonymous_orders/#{jwt_token}"
+ return if line_item.number.blank? && jwt_token.blank?
+
+ "#{current_store.formatted_url + localize}/anonymous_line_item/#{line_item.number}?token=#{jwt_token}"
end
end
end
diff --git a/app/mailers/spree/order_mailer_decorator.rb b/app/mailers/spree/order_mailer_decorator.rb
index 6dc35695d..d4fa66778 100644
--- a/app/mailers/spree/order_mailer_decorator.rb
+++ b/app/mailers/spree/order_mailer_decorator.rb
@@ -18,8 +18,6 @@ def confirm_email(order, resend: false)
subject = (resend ? "[#{Spree.t(:resend).upcase}] " : '')
subject += "#{@current_store&.name} Booking Confirmation ##{@order.number}"
- @jwt_token = SpreeCmCommissioner::OrderJwtToken.encode(@order)
-
mail(to: @order.email, from: from_address, subject: subject, store_url: @current_store.url) do |format|
format.html { render layout: 'spree_cm_commissioner/layouts/order_mailer' }
format.text
diff --git a/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb b/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb
index accba60ec..3a3e2dc93 100644
--- a/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb
+++ b/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb
@@ -23,7 +23,7 @@
<%= sanitize(line_item.variant.options_text) %>
<% end %>
- <%= link_to 'View Details', custom_product_line_item_url(line_item, @jwt_token) %>
+ <%= link_to 'View Details', custom_product_line_item_url(line_item) %>
diff --git a/config/routes.rb b/config/routes.rb
index d4d008b83..b898c0cce 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -474,7 +474,7 @@
resources :self_check_in, only: %i[index create]
resources :guest_orders, only: %i[index show]
post :user_order_transfer, to: 'user_order_transfer#create'
- get 'anonymous_order/show_anonymous_order', to: 'anonymous_order#show_anonymous_order'
+ get 'anonymous_line_item/:line_item_id', to: 'anonymous_line_item#show_anonymous_line_item'
end
namespace :operator do
diff --git a/lib/spree_cm_commissioner.rb b/lib/spree_cm_commissioner.rb
index 9388fdb04..780ccdc09 100644
--- a/lib/spree_cm_commissioner.rb
+++ b/lib/spree_cm_commissioner.rb
@@ -11,7 +11,7 @@
require 'spree_cm_commissioner/payment_method_group'
require 'spree_cm_commissioner/calendar_event'
require 'spree_cm_commissioner/s3_url_generator'
-require 'spree_cm_commissioner/order_jwt_token'
+require 'spree_cm_commissioner/line_item_jwt_token'
require 'google/cloud/recaptcha_enterprise'
require 'searchkick'
diff --git a/lib/spree_cm_commissioner/line_item_jwt_token.rb b/lib/spree_cm_commissioner/line_item_jwt_token.rb
new file mode 100644
index 000000000..72a8f53f7
--- /dev/null
+++ b/lib/spree_cm_commissioner/line_item_jwt_token.rb
@@ -0,0 +1,14 @@
+module SpreeCmCommissioner
+ class LineItemJwtToken
+ def self.encode(line_item)
+ payload = { order_number: line_item.order.number, line_item_id: line_item.id, exp: 1.hour.from_now.to_i }
+ JWT.encode(payload, line_item.order.token, 'HS256')
+ end
+
+ def self.decode(token, secret = nil)
+ JWT.decode(token, secret, secret.present?, { algorithm: 'HS256' }).first
+ rescue JWT::DecodeError
+ nil
+ end
+ end
+end
diff --git a/lib/spree_cm_commissioner/order_jwt_token.rb b/lib/spree_cm_commissioner/order_jwt_token.rb
deleted file mode 100644
index e4e9bcde8..000000000
--- a/lib/spree_cm_commissioner/order_jwt_token.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-module SpreeCmCommissioner
- class OrderJwtToken
- def self.encode(order)
- payload = { order_number: order.number, user_id: order.user_id, exp: 1.hour.from_now.to_i }
- JWT.encode(payload, order.token, 'HS256')
- end
-
- def self.decode(token, secret = nil)
- JWT.decode(token, secret, secret.present?, { algorithm: 'HS256' }).first
- rescue JWT::DecodeError
- nil
- end
- end
-end
|