soroush.asadi
ec51e87d2d
A generic multi-client payment gateway so FlatRender, meezi.ir and bargevasat.ir can all pay through ZarinPal's single verified callback domain (pay.flatrender.ir). New Go service services/payment (clones the notification skeleton + vendored deps): - migration 31_payment_broker.sql — `payment` schema: client_apps, transactions, webhook_deliveries. - ZarinPal v4 client ported from the proven identity PaymentService (request.json -> StartPay -> verify.json; codes 100/101). - client API: POST /v1/pay/request + /v1/pay/inquiry, authed by X-Api-Key + HMAC body signature; GET /callback/zarinpal (the single verified endpoint) verifies, then 302s the user back to the site's return_url (signed) and fires a signed, retried webhook. - per-client ZarinPal merchant override (default = shared merchant); amount stored canonically in Rial, unit to ZarinPal env-configurable. - admin API /v1/admin/* (FlatRender admin JWT): client-app CRUD + key issue/rotate + transactions list. Deploy wiring: payment-svc in docker-compose.v2.yml (host port 1607), pay.flatrender.ir server block in mirror-nginx conf, ENV_FILE + README updates (cert SAN + manual migration note). Admin UI: src/components/admin/PaymentsAdmin.tsx (client apps with one-time key reveal + rotate, transactions table) + /admin/payments page + nav link + fa/en strings; pay-admin proxy route to payment-svc. Docs/SDK: deploy/PAYMENTS.md (integration contract) + deploy/sdk/flatpay.js (zero-dep Node client + webhook verifier) for meezi/any site. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
77 lines
2.0 KiB
Go
77 lines
2.0 KiB
Go
// Copyright 2016 Google Inc. All rights reserved.
|
||
// Use of this source code is governed by a BSD-style
|
||
// license that can be found in the LICENSE file.
|
||
|
||
package uuid
|
||
|
||
import "io"
|
||
|
||
// New creates a new random UUID or panics. New is equivalent to
|
||
// the expression
|
||
//
|
||
// uuid.Must(uuid.NewRandom())
|
||
func New() UUID {
|
||
return Must(NewRandom())
|
||
}
|
||
|
||
// NewString creates a new random UUID and returns it as a string or panics.
|
||
// NewString is equivalent to the expression
|
||
//
|
||
// uuid.New().String()
|
||
func NewString() string {
|
||
return Must(NewRandom()).String()
|
||
}
|
||
|
||
// NewRandom returns a Random (Version 4) UUID.
|
||
//
|
||
// The strength of the UUIDs is based on the strength of the crypto/rand
|
||
// package.
|
||
//
|
||
// Uses the randomness pool if it was enabled with EnableRandPool.
|
||
//
|
||
// A note about uniqueness derived from the UUID Wikipedia entry:
|
||
//
|
||
// Randomly generated UUIDs have 122 random bits. One's annual risk of being
|
||
// hit by a meteorite is estimated to be one chance in 17 billion, that
|
||
// means the probability is about 0.00000000006 (6 × 10−11),
|
||
// equivalent to the odds of creating a few tens of trillions of UUIDs in a
|
||
// year and having one duplicate.
|
||
func NewRandom() (UUID, error) {
|
||
if !poolEnabled {
|
||
return NewRandomFromReader(rander)
|
||
}
|
||
return newRandomFromPool()
|
||
}
|
||
|
||
// NewRandomFromReader returns a UUID based on bytes read from a given io.Reader.
|
||
func NewRandomFromReader(r io.Reader) (UUID, error) {
|
||
var uuid UUID
|
||
_, err := io.ReadFull(r, uuid[:])
|
||
if err != nil {
|
||
return Nil, err
|
||
}
|
||
uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
|
||
uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
|
||
return uuid, nil
|
||
}
|
||
|
||
func newRandomFromPool() (UUID, error) {
|
||
var uuid UUID
|
||
poolMu.Lock()
|
||
if poolPos == randPoolSize {
|
||
_, err := io.ReadFull(rander, pool[:])
|
||
if err != nil {
|
||
poolMu.Unlock()
|
||
return Nil, err
|
||
}
|
||
poolPos = 0
|
||
}
|
||
copy(uuid[:], pool[poolPos:(poolPos+16)])
|
||
poolPos += 16
|
||
poolMu.Unlock()
|
||
|
||
uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
|
||
uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
|
||
return uuid, nil
|
||
}
|