diff --git a/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb b/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb new file mode 100644 index 000000000..f8bd4ec9a --- /dev/null +++ b/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb @@ -0,0 +1,41 @@ +module Spree + module Api + module V2 + module Storefront + class AnonymousOrderController < Spree::Api::V2::BaseController + def show_anonymous_order + token = params[:token] + order = order_jwt_token(token) + + if order + render_serialized_payload { serialize_resource(order) } + else + render json: { error: 'Invalid or expired token' }, status: :unauthorized + end + end + + def resource_serializer + Spree::V2::Storefront::OrderSerializer + end + + private + + def order_jwt_token(token) + decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token) + + order_number = decoded_token['order_number'] + return nil unless order_number + + order = Spree::Order.find_by(number: order_number) + return nil unless order + + decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token, order&.token) + return nil unless decoded_token + + order + end + end + end + end + end +end diff --git a/app/helpers/spree/base_helper_decorator.rb b/app/helpers/spree/base_helper_decorator.rb index aeef13cca..289252d36 100644 --- a/app/helpers/spree/base_helper_decorator.rb +++ b/app/helpers/spree/base_helper_decorator.rb @@ -19,6 +19,23 @@ def custom_product_storefront_resource_url(resource, options = {}) spree_storefront_resource_url(resource) end end + + def custom_product_line_item_url(line_item, jwt_token, options = {}) + if defined?(locale_param) && locale_param.present? + options.merge!(locale: locale_param) + end + + localize = if options[:locale].present? + "/#{options[:locale]}" + else + '' + end + + order = Spree::Order.find(line_item.order_id) + return if order.number.blank? && jwt_token.blank? + + "#{current_store.formatted_url + localize}/anonymous_orders/#{jwt_token}" + end end end diff --git a/app/mailers/spree/order_mailer_decorator.rb b/app/mailers/spree/order_mailer_decorator.rb index 71ee7e177..cc9f361f6 100644 --- a/app/mailers/spree/order_mailer_decorator.rb +++ b/app/mailers/spree/order_mailer_decorator.rb @@ -19,6 +19,8 @@ def confirm_email(order, resend: false) subject = (resend ? "[#{Spree.t(:resend).upcase}] " : '') subject += "#{@current_store&.name} Booking Confirmation ##{@order.number}" + @jwt_token = SpreeCmCommissioner::OrderJwtToken.encode(@order) + mail(to: @order.email, from: from_address, subject: subject, store_url: @current_store.url) do |format| format.html { render layout: 'spree_cm_commissioner/layouts/order_mailer' } format.text diff --git a/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb b/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb index 284910549..accba60ec 100644 --- a/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb +++ b/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb @@ -23,6 +23,7 @@ <%= sanitize(line_item.variant.options_text) %> <% end %> +
<%= link_to 'View Details', custom_product_line_item_url(line_item, @jwt_token) %>
diff --git a/config/routes.rb b/config/routes.rb index ecd380a49..1c05fb28b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -470,6 +470,7 @@ resources :self_check_in, only: %i[index create] resources :guest_orders, only: %i[index show] post :user_order_transfer, to: 'user_order_transfer#create' + get 'anonymous_order/show_anonymous_order', to: 'anonymous_order#show_anonymous_order' end namespace :operator do diff --git a/lib/spree_cm_commissioner.rb b/lib/spree_cm_commissioner.rb index d1cbf9948..9388fdb04 100644 --- a/lib/spree_cm_commissioner.rb +++ b/lib/spree_cm_commissioner.rb @@ -11,6 +11,7 @@ require 'spree_cm_commissioner/payment_method_group' require 'spree_cm_commissioner/calendar_event' require 'spree_cm_commissioner/s3_url_generator' +require 'spree_cm_commissioner/order_jwt_token' require 'google/cloud/recaptcha_enterprise' require 'searchkick' diff --git a/lib/spree_cm_commissioner/order_jwt_token.rb b/lib/spree_cm_commissioner/order_jwt_token.rb new file mode 100644 index 000000000..db5b8b268 --- /dev/null +++ b/lib/spree_cm_commissioner/order_jwt_token.rb @@ -0,0 +1,14 @@ +module SpreeCmCommissioner + class OrderJwtToken + def self.encode(order) + payload = { order_number: order.number, user_id: order.user.id, exp: 1.hour.from_now.to_i } + JWT.encode(payload, order.token, 'HS256') + end + + def self.decode(token, secret = nil) + JWT.decode(token, secret, secret.present?, { algorithm: 'HS256' }).first + rescue JWT::DecodeError + nil + end + end +end