Close #2047 implement JWT on email confirmation

channainfo · Dec 4, 2024 · e14f847 · e14f847
1 parent 366b66d
commit e14f847
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 0 deletions.
diff --git a/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb b/app/controllers/spree/api/v2/storefront/anonymous_order_controller.rb
@@ -0,0 +1,41 @@
+module Spree
+  module Api
+    module V2
+      module Storefront
+        class AnonymousOrderController < Spree::Api::V2::BaseController
+          def show_anonymous_order
+            token = params[:token]
+            order = order_jwt_token(token)
+
+            if order
+              render_serialized_payload { serialize_resource(order) }
+            else
+              render json: { error: 'Invalid or expired token' }, status: :unauthorized
+            end
+          end
+
+          def resource_serializer
+            Spree::V2::Storefront::OrderSerializer
+          end
+
+          private
+
+          def order_jwt_token(token)
+            decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token)
+
+            order_number = decoded_token['order_number']
+            return nil unless order_number
+
+            order = Spree::Order.find_by(number: order_number)
+            return nil unless order
+
+            decoded_token = SpreeCmCommissioner::OrderJwtToken.decode(token, order&.token)
+            return nil unless decoded_token
+
+            order
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/app/helpers/spree/base_helper_decorator.rb b/app/helpers/spree/base_helper_decorator.rb
@@ -19,6 +19,23 @@ def custom_product_storefront_resource_url(resource, options = {})
         spree_storefront_resource_url(resource)
       end
     end
+
+    def custom_product_line_item_url(line_item, jwt_token, options = {})
+      if defined?(locale_param) && locale_param.present?
+        options.merge!(locale: locale_param)
+      end
+
+      localize = if options[:locale].present?
+                   "/#{options[:locale]}"
+                 else
+                   ''
+                 end
+
+      order = Spree::Order.find(line_item.order_id)
+      return if order.number.blank? && jwt_token.blank?
+
+      "#{current_store.formatted_url + localize}/anonymous_orders/#{jwt_token}"
+    end
   end
 end
 

diff --git a/app/mailers/spree/order_mailer_decorator.rb b/app/mailers/spree/order_mailer_decorator.rb
@@ -19,6 +19,8 @@ def confirm_email(order, resend: false)
       subject = (resend ? "[#{Spree.t(:resend).upcase}] " : '')
       subject += "#{@current_store&.name} Booking Confirmation ##{@order.number}"
 
+      @jwt_token = SpreeCmCommissioner::OrderJwtToken.encode(@order)
+
       mail(to: @order.email, from: from_address, subject: subject, store_url: @current_store.url) do |format|
         format.html { render layout: 'spree_cm_commissioner/layouts/order_mailer' }
         format.text

diff --git a/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb b/app/views/spree_cm_commissioner/order_mailer/purchased_items/_items.html.erb
@@ -23,6 +23,7 @@
             <%= sanitize(line_item.variant.options_text) %>
           </div>
         <% end %>
+        <div> <%= link_to 'View Details', custom_product_line_item_url(line_item, @jwt_token) %></div>
       </td>
       <td class="align-right align-center-vertical" width="10%">
         <span>

diff --git a/config/routes.rb b/config/routes.rb
@@ -470,6 +470,7 @@
         resources :self_check_in, only: %i[index create]
         resources :guest_orders, only: %i[index show]
         post :user_order_transfer, to: 'user_order_transfer#create'
+        get 'anonymous_order/show_anonymous_order', to: 'anonymous_order#show_anonymous_order'
       end
 
       namespace :operator do

diff --git a/lib/spree_cm_commissioner.rb b/lib/spree_cm_commissioner.rb
@@ -11,6 +11,7 @@
 require 'spree_cm_commissioner/payment_method_group'
 require 'spree_cm_commissioner/calendar_event'
 require 'spree_cm_commissioner/s3_url_generator'
+require 'spree_cm_commissioner/order_jwt_token'
 
 require 'google/cloud/recaptcha_enterprise'
 require 'searchkick'

diff --git a/lib/spree_cm_commissioner/order_jwt_token.rb b/lib/spree_cm_commissioner/order_jwt_token.rb
@@ -0,0 +1,14 @@
+module SpreeCmCommissioner
+  class OrderJwtToken
+    def self.encode(order)
+      payload = { order_number: order.number, user_id: order.user_id, exp: 1.hour.from_now.to_i }
+      JWT.encode(payload, order.token, 'HS256')
+    end
+
+    def self.decode(token, secret = nil)
+      JWT.decode(token, secret, secret.present?, { algorithm: 'HS256' }).first
+    rescue JWT::DecodeError
+      nil
+    end
+  end
+end