warlock/cbd420
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
67646c75a4b71996262ae9c6a01e0ffb2b2b6a84
cbd420/app/api/payments/cancel-pending/route.ts
root 67646c75a4 race condition fixed, payment inside
2025-12-21 09:56:59 +01:00

82 lines
2.3 KiB
TypeScript
Raw Blame History

import { NextRequest, NextResponse } from 'next/server'
import { cookies } from 'next/headers'
import pool from '@/lib/db'
// DELETE /api/payments/cancel-pending - Cancel a pending order (frees up inventory)
export async function DELETE(request: NextRequest) {
try {
// Get buyer_id from session cookie
const cookieStore = await cookies()
const buyerIdCookie = cookieStore.get('buyer_id')?.value
if (!buyerIdCookie) {
return NextResponse.json(
{ error: 'Authentication required' },
{ status: 401 }
)
}
const buyer_id = parseInt(buyerIdCookie, 10)
const body = await request.json()
const { payment_id } = body
// Validate required fields
if (!payment_id) {
return NextResponse.json(
{ error: 'Missing required field: payment_id' },
{ status: 400 }
)
}
// Find the pending order
const [pendingRows] = await pool.execute(
'SELECT * FROM pending_orders WHERE payment_id = ? AND buyer_id = ?',
[payment_id, buyer_id]
)
const pendingOrders = pendingRows as any[]
if (pendingOrders.length === 0) {
return NextResponse.json(
{ error: 'Pending order not found or already cancelled' },
{ status: 404 }
)
}
const pendingOrder = pendingOrders[0]
// Check if payment has already been confirmed (sale exists)
const [salesRows] = await pool.execute(
'SELECT * FROM sales WHERE payment_id = ?',
[payment_id]
)
const sales = salesRows as any[]
if (sales.length > 0) {
// Payment already confirmed, don't delete pending order
// The IPN handler should have already deleted it, but if not, leave it
return NextResponse.json(
{ error: 'Payment already confirmed. Cannot cancel.' },
{ status: 400 }
)
}
// Delete the pending order (frees up inventory)
await pool.execute(
'DELETE FROM pending_orders WHERE payment_id = ? AND buyer_id = ?',
[payment_id, buyer_id]
)
return NextResponse.json({
message: 'Pending order cancelled successfully',
payment_id: payment_id,
})
} catch (error) {
console.error('Error cancelling pending order:', error)
return NextResponse.json(
{ error: 'Failed to cancel pending order' },
{ status: 500 }
)
}
}
Reference in New Issue View Git Blame Copy Permalink