jayboss / paystack
This is a paystack payment gateway integration with laravel
README
A Laravel Package for working with Paystack seamlessly
Installation
PHP 8.0.2+ and Composer are required.
To get the latest version, simply require it
composer require jayboss/paystack
Or add the following line to the require block of your composer.json file.
"jayboss/paystack": "1.0.2"
You'll then need to run composer install or composer update to download it and have the autoloader updated.
Once Laravel Paystack is installed, you need to register the service provider. Open up config/app.php and add the following to the providers key.
'providers' => [ ... Jayboss\Paystack\PaystackServiceProvider::class, ... ]
Configuration
You can publish the configuration file using this command:
php artisan vendor:publish --provider="Jayboss\Paystack\PaystackServiceProvider"
A configuration-file named paystack.php with some sensible defaults will be placed in your config directory:
<?php return [ /** * Public Key From Paystack Dashboard * */ 'publicKey' => getenv('PAYSTACK_PUBLIC_KEY'), /** * Secret Key From Paystack Dashboard * */ 'secretKey' => getenv('PAYSTACK_SECRET_KEY'), /** * Paystack Payment URL * */ 'paymentUrl' => getenv('PAYSTACK_PAYMENT_URL'), /** * Optional email address of the merchant * */ 'merchantEmail' => getenv('MERCHANT_EMAIL'), ];
General payment flow
1. The customer is redirected to the payment provider
After the customer has gone through the checkout process and is ready to pay, the customer must be redirected to the site of the payment provider.
The redirection is accomplished by submitting a form with some hidden fields. The form must send a POST request to the site of the payment provider. The hidden fields minimally specify the amount that must be paid, the order id and a hash.
The hash is calculated using the hidden form fields and a non-public secret. The hash used by the payment provider to verify if the request is valid.
2. The customer pays on the site of the payment provider
The customer arrives on the site of the payment provider and gets to choose a payment method. All steps necessary to pay the order are taken care of by the payment provider.
3. The customer gets redirected back to your site
After having paid the order the customer is redirected back. In the redirection request to the shop-site some values are returned. The values are usually the order id, a payment result and a hash.
The hash is calculated out of some of the fields returned and a secret non-public value. This hash is used to verify if the request is valid and comes from the payment provider. It is paramount that this hash is thoroughly checked.
Usage
Open your .env file and add your public key, secret key, merchant email and payment url like so:
PAYSTACK_PUBLIC_KEY=xxxxxxxxxxxxx PAYSTACK_SECRET_KEY=xxxxxxxxxxxxx PAYSTACK_PAYMENT_URL=https://api.paystack.co MERCHANT_EMAIL=mayeconcept@gmail.com
Set up routes and controller methods like so:
Note: Make sure you have /payment/callback registered in Paystack Dashboard https://dashboard.paystack.co/#/settings/developer like so:
// Laravel 10.x and above //import PaymentController class at the top Route::post('/pay', [PaymentController::class, 'redirectToGateway'])->name('pay'); Route::get('/payment/callback', [PaymentController::class, 'handleGatewayCallback']);
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Http\Requests; use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Redirect; use Jayboss\Paystack\Paystack; class PaymentController extends Controller { /** * Redirect the User to Paystack Payment Page * @return Url */ public function redirectToGateway() { try{ $paystack = new Paystack(); return $paystack->getAuthorizationUrl()->redirectNow(); }catch(\Exception $e) { return Redirect::back()->withMessage(['msg'=>'The paystack token has expired. Please refresh the page and try again.', 'type'=>'error']); } } /** * Obtain Paystack payment information * @return void */ public function handleGatewayCallback() { $paystack = new Paystack(); $paymentDetails = $paystack->getPaymentData(); dd($paymentDetails); // Now you have the payment details, // you can store the authorization_code in your db to allow for recurrent subscriptions // you can then redirect or do whatever you want } }
/** * In the case where you need to pass the data from your * controller instead of a form * Make sure to send: * required: email, amount, reference, orderID(probably) * optionally: currency, description, metadata * e.g: * */ $data = array( "amount" => 700 * 100, "reference" => '4g4g5485g8545jg8gj', "email" => 'user@mail.com', "currency" => "NGN", "orderID" => 23456, ); return $paystack->getAuthorizationUrl($data)->redirectNow();
Pass the payment reference from your controller to your view like so
public function test() { $paystack = new Paystack(); $ref = $paystack->genTranxRef(); return view('welcome',compact('ref')); }
A sample form will look like so:
<form method="POST" action="{{ route('pay') }}" accept-charset="UTF-8" class="form-horizontal" role="form"> <div class="row" style="margin-bottom:40px;"> <div class="col-md-8 col-md-offset-2"> <p> <div> Lagos Eyo Print Tee Shirt ₦ 2,950 </div> </p> <input type="hidden" name="email" value="otemuyiwa@gmail.com"> {{-- required --}} <input type="hidden" name="orderID" value="345"> <input type="hidden" name="amount" value="800"> {{-- required in kobo --}} <input type="hidden" name="quantity" value="3"> <input type="hidden" name="currency" value="NGN"> <input type="hidden" name="metadata" value="{{ json_encode($array = ['key_name' => 'value',]) }}" > {{-- For other necessary things you want to add to your payload. it is optional though --}} <input type="hidden" name="reference" value="{{ $ref }}"> {{-- required --}} <input type="hidden" name="split_code" value="SPL_EgunGUnBeCareful"> {{-- to support transaction split. more details https://paystack.com/docs/payments/multi-split-payments/#using-transaction-splits-with-payments --}} <input type="hidden" name="split" value="{{ json_encode($split) }}"> {{-- to support dynamic transaction split. More details https://paystack.com/docs/payments/multi-split-payments/#dynamic-splits --}} {{ csrf_field() }} {{-- works only when using laravel 5.1, 5.2 --}} <input type="hidden" name="_token" value="{{ csrf_token() }}"> {{-- employ this in place of csrf_field only in laravel 5.0 --}} <p> <button class="btn btn-success btn-lg btn-block" type="submit" value="Pay Now!"> <i class="fa fa-plus-circle fa-lg"></i> Pay Now! </button> </p> </div> </div> </form>
When clicking the submit button the customer gets redirected to the Paystack site.
So now we've redirected the customer to Paystack. The customer did some actions there (hopefully he or she paid the order) and now gets redirected back to our shop site.
Paystack will redirect the customer to the url of the route that is specified in the Callback URL of the Web Hooks section on Paystack dashboard.
We must validate if the redirect to our site is a valid request (we don't want imposters to wrongfully place non-paid order).
In the controller that handles the request coming from the payment provider, we have
$paystack->getPaymentData() - This function calls the verification methods and ensure it is a valid transaction else it throws an exception.
License
The MIT License (MIT).