feat(payments): direct-rail order + intake handlers, config and reaper

Wire the Robokassa direct rail into the backend transport. POST
/api/v1/user/wallet/order (walletGate + a D36 confirmed-email gate for the
direct rail) opens a pending order and returns the signed Robokassa payment
URL. The internal, gateway-only /payments/robokassa/result endpoint verifies
the Result signature, credits the matched order exactly once via Fund (honoured
even if expired), records a succeeded payment event, and answers Robokassa's
"OK<InvId>". Add the Robokassa env config, an account HasConfirmedEmail check
(D36), the payment_events writer, and a periodic pending-order reaper. The
routes register only when a Robokassa merchant login is configured.
This commit is contained in:
Ilia Denisov
2026-07-09 16:59:34 +02:00
parent 7860efce48
commit 36a5730e52
8 changed files with 221 additions and 0 deletions
+8
View File
@@ -73,6 +73,12 @@ func (s *Server) registerRoutes() {
u.GET("/wallet/catalog", s.handleWalletCatalog)
u.POST("/wallet/buy", s.handleWalletBuy)
}
if s.payments != nil && s.robokassa.MerchantLogin != "" {
// Direct-rail (Robokassa): open a pending order (user group), and receive the verified
// Result callback the gateway forwards (internal group, gateway-only — the single writer).
u.POST("/wallet/order", s.handleWalletOrder)
s.internal.POST("/payments/robokassa/result", s.handleRobokassaResult)
}
if s.links != nil {
// Account linking & merge. The request step always mails a code;
// a required merge is revealed only after the code is verified, and the
@@ -266,6 +272,8 @@ func statusForError(err error) (int, string) {
return http.StatusNotFound, "product_not_found"
case errors.Is(err, payments.ErrNotAValue):
return http.StatusBadRequest, "not_a_value"
case errors.Is(err, payments.ErrNotAPack):
return http.StatusBadRequest, "not_a_pack"
case errors.Is(err, account.ErrInvalidEmail):
return http.StatusBadRequest, "invalid_email"
case errors.Is(err, account.ErrCodeMismatch), errors.Is(err, account.ErrCodeExpired),