Laravel YouCanPay provides an easy experience, to generate the payment form, and process all the operations related to the payment.
You can install the package via composer:
composer require devinweb/laravel-youcan-pay
LaravelYouCanPay package provides its own database to manage the user transactions in different steps, the migrations will create a new transactions
table to hold all your user's transactions.
php artisan migrate
If you need to overwrite the migrations that ship with LaravelYouCanPay, you can publish them using the vendor:publish Artisan command:
php artisan vendor:publish --tag="youcanpay-migrations"
To publish the config file you can use the command
php artisan vendor:publish --tag="youcanpay-config"
then you can find the config file in config/youcanpay.php
If you want the package to manage the transactions based on the user model, add the Billable
trait to your user model.
This trait provides various methods to perform transaction tasks, such as creating a transaction, getting paid
, failed
and pending
transactions.
use Devinweb\LaravelYouCanPay\Traits\Billable;
class User extends Authenticatable
{
use Billable;
}
LaravelYouCanPay assumes your user model will be App\Models\User
, if you use a different user model namespace you should specify it using the method useCustomerModel
method.
This method should typically be called in the boot method of your AppServiceProvider
class
use App\Models\Core\User;
use Devinweb\LaravelYouCanPay\LaravelYouCanPay;;
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
LaravelYouCanPay::useCustomerModel(User::class);
}
If you need in each transaction the package uses the billing data for each user, make sure to include a getCustomerInfo()
method in your user model, which returns an array that contains all the data we need.
/**
* Get the customer info to send them when we generate the form token.
*
* @return array
*/
public function getCustomerInfo()
{
return [
'name' => $this->name,
'address' => '',
'zip_code' => '',
'city' => '',
'state' => '',
'country_code' => 'MA',
'phone' => $this->phone,
'email' => $this->email,
];
}
Next, you should configure your environment in your application's .env
# YouCanPay env keys
SANDBOX_MODE=
PRIVATE_KEY=
PUBLIC_KEY=
CURRENCY=MAD
SUCCCESS_REDIRECT_URI=
FAIL_REDIRECT_URI=
You can retrieve a customer by their YouCanPay ID using the findBillable
method. This method will return an instance of the billable model:
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
$user = LaravelYouCanPay::findBillable($order_id);
If you need to generate the token form the user model the cutomer info will be attached directly from getCustomerInfo
method
$data= [
'order_id' => '123',
'amount' => 2000 // amount=20*100
];
$token = $user->getPaymentToken($data, $request);
If you need to add the metadata you can use
$data= [
'order_id' => '123',
'amount' => 2000 // amount=20*100
];
$metadata = [
'key' => 'value'
];
$token = $user->getPaymentToken($data, $request, $metadata);
If you need to get the payment url as well from the user model you can use getPaymentURL
method with the same parameters below.
$payment_url = $user->getPaymentURL($data, $request, $metadata);
Before starting using the package make sure to update your config/youcanpay.php
with the correct values provided by YouCanPay.
The first step we need is to create a token based on the credentails get it from YouCanPay dashboard using getId()
method.
Note
The amount should be * 100, Exemple if your Product price=20$ you should send
amount = 20*100 = 200 with currency='USD'
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
use Illuminate\Support\Str;
public function tokenization(Request $request)
{
$order_data = [
'order_id' => (string) Str::uuid(),
'amount' => 200
];
$token= LaravelYouCanPay::createTokenization($order_data, $request)->getId();
$public_key = config('youcanpay.public_key');
$isSandbox = config('youcanpay.sandboxMode');
$language = config('app.locale');
// You can at this point share a lot of data with the front end,
// the idea behind this is making the backend manage the environment keys,
// we don't need to store the keys in many places.
return response()->json(compact('token', 'public_key', 'isSandbox', 'language'));
}
Standalone Integration, you can generate the payment url using the method getPaymentUrl()
$paymentUrl= LaravelYouCanPay::createTokenization($data, $request)->getPaymentURL();
Then you can put that url in your html page
<a href="{{ $paymentUrl }}">Pay Now</a>
If you need to add the customer data during the tokenization, Please keep these array keys(name
, address
, zip_code
, city
, state
, country_code
, phone
and email
). you can use
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
$customerInfo = [
'name' => '',
'address' => '',
'zip_code' => '',
'city' => '',
'state' => '',
'country_code' => '',
'phone' => '',
'email' => '',
];
$token= LaravelYouCanPay::setCustomerInfo($customerInfo)->createTokenization($data, $request)->getId();
You can use the metadata to send data that can be retrieved after the response or in the webhook.
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
$customerInfo = [
'name' => '',
'address' => '',
'zip_code' => '',
'city' => '',
'state' => '',
'country_code' => '',
'phone' => '',
'email' => '',
];
$metadata = [
// Can you insert what you want here...
'key' => 'value'
];
$token= LaravelYouCanPay::setMetadata($metadata)
->setCustomerInfo($customerInfo)
->createTokenization($data, $request)->getId();
At this point we receive the token from our backend, so in our blade or any other html page, you can put at the head
this script
<html>
...
<head>
<!--Add this line -->
<script src="https://pay.youcan.shop/js/ycpay.js"></script>
</head>
...
</html>
Then to display the form your logic it's will be looks like the code below
<script type="text/javascript">
// Create a YouCan Pay instance.
const ycPay = new YCPay(
// String public_key (required): Login to your account.
// Go to Settings and open API Keys and copy your key.
"public_key",
// Optional options object
{
formContainer: "#payment-card",
// Defines what language the form should be rendered in, supports EN, AR, FR.
locale: "en",
// Whether the integration should run in sandbox (test) mode or live mode.
isSandbox: false,
// A DOM selector representing which component errors should be injected into.
// If you omit this option, you may alternatively handle errors by chaining a .catch()
// On the pay method.
errorContainer: "#error-container",
}
);
// Select which gateways to render
ycPay.renderAvailableGateways(["CashPlus", "CreditCard"]);
// Alternatively, you may use gateway specific render methods if you only need one.
ycPay.renderCreditCardForm();
</script>
To start the payment you need an action, you can use a button
document.getElementById("pay").addEventListener("click", function () {
// execute the payment
ycPay.pay(tokenId).then(successCallback).catch(errorCallback);
});
function successCallback(response) {
//your code here
}
function errorCallback(response) {
//your code here
}
For more information please check this link.
YouCan Pay uses webhooks to notify your application when an event happens in your account. Webhooks are useful for handling reactions to asynchronous events on your backend, such as successful payments, failed payments, successful refunds, and many other real time events. A webhook enables YouCan Pay to push real-time notifications to your application by delivering JSON payloads over HTTPS.
YouCanPay webhooks need to reach your URI without any obstacle, so you need to disable CSRF protection for the webhook URI, to do that make sure to add your path to the exception array in your application's
App\Http\Middleware\VerifyCsrfToken
middleware.protected $except = [ 'youcanpay/*', ]
To ensure your application can handle YouCanPay webhooks, be sure to configure the webhook URL in the YouCanPay control panel. By default the package comes with a webhook build-in
using the URL youcanpay/webhook
you can find it by listing all the routes in your app using php artisan route:list
,
This webhook validates the signature related to the payload received, and dispatches an event.
If you need to attempt the webhook signature validation before processing any action, you can use the middleware verify-youcanpay-webhook-signature
, that validates the signature related to the payload received from YouCanPay.
use Illuminate\Http\Request;
use Illuminate\Routing\Controller;
class WebHookController extends Controller
{
/**
* Create a new WebhookController instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('verify-youcanpay-webhook-signature');
}
//...
}
LaravelYouCanPay handles the common YouCanPay webhook events, if you need to handle the webhook events that you need you can listen to the event that is dispatched by the package.
- Devinweb\LaravelYouCanPay\Events\WebhookReceived
You need to register a listener that can handle the event:
<?php
namespace App\Listeners;
use Devinweb\LaravelYouCanPay\Events\WebhookReceived;
class YouCanPayEventListener
{
/**
* Handle received Stripe webhooks.
*
* @param \Devinweb\LaravelYouCanPay\Events\WebhookReceived $event
* @return void
*/
public function handle(WebhookReceived $event)
{
if ($event->payload['event_name'] === 'transaction.paid') {
// Handle the incoming event...
}
}
}
Once your listener has been defined, you may register it within your application's EventServiceProvider
<?php
namespace App\Providers;
use App\Listeners\YouCanPayEventListener;
use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
use Devinweb\LaravelYouCanPay\Events\WebhookReceived;
class EventServiceProvider extends ServiceProvider
{
protected $listen = [
WebhookReceived::class => [
YouCanPayEventListener::class,
],
];
}
The webhook data received from YouCanPay looks like
[
'id' => 'bbbb832c-dd13-4ce7-a642-6059885d9a7e',
'event_name' => 'transaction.paid',
'sandbox' => true,
'payload' => [
'transaction' => [
'id' => 'fdd795ab-9f8a-4cf7-886c-dca9ce3ab6c0',
'status' => 1,
'order_id' => 'cc984e79-0de1-4e84-a654-74c102c3ba66',
'amount' => '2000',
'currency' => 'MAD',
'base_currency' => NULL,
'base_amount' => NULL,
'created_at' => '2022-11-22T13:20:52.000000Z',
],
'payment_method' => [
'id' => 1,
'name' => 'credit_card',
'card' => [
'id' => '2e42d52d-ab0a-4440-b1e2-9a41fb843dad',
'country_code' => NULL,
'brand' => NULL,
'last_digits' => '4242',
'fingerprint' => 'df276a45f62277bd43775616827f0718',
'is_3d_secure' => false,
],
],
'token' => [
'id' => '811dd60e-4655-41da-b576-a1a537cda071',
],
'event' => [
'name' => 'transaction.paid',
],
'customer' => [
'id' => 'edc6fb6f-415f-4ac3-8b86-c70bead4770e',
'email' => NULL,
'name' => NULL,
'address' => NULL,
'phone' => NULL,
'country_code' => NULL,
'city' => NULL,
'state' => NULL,
'zip_code' => NULL,
],
'metadata' => [],
],
]
But the interesting part is in the header request you can find the signature value using the key x-youcanpay-signature
.
To verify the webhook signature before processing any logic or action.
<?php
namespace App\Http\Controllers;
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
use Illuminate\Http\Request;
class YouCanPayWebhooksController extends Controller
{
public function handle(Request $request)
{
$signature = $request->header('x-youcanpay-signature');
$payload = json_decode($request->getContent(), true);
if (LaravelYouCanPay::verifyWebhookSignature($signature, $payload)) {
// you code here
}
}
}
The validation has the same impact as the verification, but the validation throws an exception that you can inspect it in the log file.
<?php
namespace App\Http\Controllers;
use Devinweb\LaravelYouCanPay\Facades\LaravelYouCanPay;
use Illuminate\Http\Request;
class YouCanPayWebhooksController extends Controller
{
public function handle(Request $request)
{
LaravelYouCanPay::validateWebhookSignature($signature, $payload)
// you code here
}
}
If you need to clean the pending transactions, there's a command
php artisan youcanpay:clean-pending-transactions
You can add it to the scheduler that can run the command every single time, so the clean will be automatic and depend on the tolerance
value that is defined in the youcanpay
config file.
CARD | CVV | DATE | BEHAVIOUR |
---|---|---|---|
4242 4242 4242 4242 |
112 | 10/24 | No 3DS - Success |
4000 0000 0000 3220 |
112 | 10/24 | 3DS - Success |
4000 0084 0000 1629 |
112 | 10/24 | 3DS - Card Rejected |
4000 0000 0000 0077 |
112 | 10/24 | No 3DS - No Funds |
composer test
Please see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.
This package was generated using the Laravel YouCanPay Boilerplate.