kbe/aperonight
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Move increment_payment_attempt to API namespace and update JavaScript

Browse Source 
- Add API route for increment_payment_attempt in config/routes.rb
- Update API OrdersController to handle increment_payment_attempt and skip API key authentication
- Update JavaScript code in checkout view to use API endpoint without CSRF tokens
- Remove CSRF token from API requests as it's not required for API endpoints
- Maintain backward compatibility by keeping original method in OrdersController
This commit is contained in:
kbe
2025-09-10 16:27:05 +02:00
parent 31009560c2
commit 48ec78197b
3 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/api/v1/orders_controller.rb
View File

@@ -8,6 +8,9 @@ module Api
before_action :set_order, only: [ :show, :checkout, :retry_payment, :increment_payment_attempt ]
before_action :set_event, only: [ :new, :create ]
# Skip API key authentication for increment_payment_attempt action (used by frontend forms)
skip_before_action :authenticate_api_key, only: [ :increment_payment_attempt ]
# GET /api/v1/orders/new
# Returns data needed for new order form
def new