Merge pull request #398 from PromptPlace/refactor/#384

Refactor/#384

Author: minij02

package.json

@@ -20,13 +20,15 @@
   "dependencies": {
     "@aws-sdk/client-s3": "^3.848.0",
     "@aws-sdk/s3-request-presigner": "^3.848.0",
+    "@portone/server-sdk": "^0.19.0",
     "@prisma/client": "^6.14.0",
     "@types/express-session": "^1.18.2",
     "@types/passport-google-oauth20": "^2.0.16",
     "@types/passport-kakao": "^1.0.3",
     "axios": "^1.11.0",
     "bcrypt": "^6.0.0",
     "bcryptjs": "^3.0.2",
+    "body-parser": "^2.2.2",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.2",
     "cors": "^2.8.5",
@@ -58,6 +60,7 @@
     "@types/axios": "^0.14.4",
     "@types/bcrypt": "^6.0.0",
     "@types/bcryptjs": "^3.0.0",
+    "@types/body-parser": "^1.19.6",
     "@types/cors": "^2.8.19",
     "@types/express": "^5.0.3",
     "@types/jsonwebtoken": "^9.0.10",

pnpm-lock.yaml

@@ -5,16 +5,13 @@ import { PurchaseCompleteService } from '../services/purchase.complete.service';
 export const PurchaseCompleteController = {
   async completePurchase(req: Request, res: Response, next: NextFunction) {
     try {
-       console.log('🔥 요청 바디 확인:', req.body); // ← 여기에 로그 찍기
-      console.log('🔥 Content-Type:', req.headers['content-type']); // ← 헤더도 확인
-      
       const userId = (req.user as any).user_id;
       const dto = req.body as Partial<PromptPurchaseCompleteRequestDTO>;
 
-      if (!dto || typeof dto.imp_uid !== 'string' || typeof dto.merchant_uid !== 'string') {
+      if (!dto || typeof dto.paymentId !== 'string') {
         return res.status(400).json({
           error: 'BadRequest',
-          message: 'imp_uid와 merchant_uid는 필수입니다.',
+          message: 'paymentId는 필수입니다.',
           statusCode: 400,
         });
       }

src/purchases/controller/purchase.complete.controller.ts

@@ -0,0 +1,38 @@
+import { Request, Response, NextFunction } from 'express';
+import * as PortOne from '@portone/server-sdk';
+import { WebhookService } from '../services/purchase.webhook.service';
+
+export const WebhookController = {
+  async handleWebhook(req: Request, res: Response, next: NextFunction) {
+    try {
+      const webhookSecret = process.env.PORTONE_WEBHOOK_SECRET;
+      if (!webhookSecret) {
+        console.error('PORTONE_WEBHOOK_SECRET is not set');
+        return res.status(500).send('Server Config Error');
+      }
+
+      // 1. 웹훅 서명 검증
+      const webhook = await PortOne.Webhook.verify(
+        webhookSecret,
+        req.body,
+        req.headers as Record<string, string | string[] | undefined>
+      );
+
+      // 2. 이벤트 타입별 처리 -> 현재는 결제 완료(Paid)만 처리
+      if (webhook.type === 'Transaction.Paid') {
+        const { paymentId, storeId } = webhook.data;
+        await WebhookService.handleTransactionPaid(paymentId, storeId);
+      } else if (webhook.type === 'Transaction.Cancelled') {
+        console.log('[Webhook] Transaction Cancelled:', webhook.data.paymentId);
+      }
+      res.status(200).send('OK');
+    } catch (err) {
+      if (err instanceof PortOne.Webhook.WebhookVerificationError) {
+        console.error('[Webhook] Signature Verification Failed');
+        return res.status(400).send('Verification Failed');
+      }
+      console.error('[Webhook] Error:', err);
+      res.status(500).send('Internal Server Error');
+    }
+  }
+};

src/purchases/controller/purchase.webhook.controller.ts

@@ -1,6 +1,5 @@
 export interface PromptPurchaseCompleteRequestDTO {
-  imp_uid: string;        // 포트원 결제 UID
-  merchant_uid: string;   // 주문번호
+  paymentId: string;
 }
 
 export interface PromptPurchaseCompleteResponseDTO {

src/purchases/dtos/purchase.complete.dto.ts

@@ -7,5 +7,6 @@ export interface PromptPurchaseRequestDTO {
   redirect_url: string;
    custom_data: {
     prompt_id: number;
+    user_id: number;
   };
 }

src/purchases/dtos/purchase.request.dto.ts

@@ -0,0 +1,57 @@
+import { Prisma } from '@prisma/client';
+
+type Tx = Prisma.TransactionClient;
+
+export const PurchaseCompleteRepository = {
+   createPurchaseTx(tx: Tx, data: {
+    user_id: number;
+    prompt_id: number;
+    seller_id?: number;
+    amount: number;
+    is_free: false;
+  }) {
+    return tx.purchase.create({ data });
+  },
+
+  createPaymentTx(tx: Tx, data: {
+    purchase_id: number;
+    merchant_uid: string;
+    pg: 'kakaopay' | 'tosspay';
+    status: 'Succeed' | 'Failed' | 'Pending';
+    paymentId: string;
+  }) {
+    return tx.payment.create({
+      data: {
+        purchase: { connect: { purchase_id: data.purchase_id } },
+        merchant_uid: data.merchant_uid,
+        provider: data.pg,
+        status: data.status,
+        imp_uid: data.paymentId,
+      },
+    });
+  },
+
+  upsertSettlementForPaymentTx(tx: Tx, input: {
+    sellerId: number;
+    paymentId: number;
+    amount: number;
+    fee: number;
+    status: 'Succeed' | 'Failed' | 'Pending';
+  }) {
+    return tx.settlement.upsert({
+      where: { payment_id: input.paymentId },
+      create: {
+        user_id: input.sellerId,
+        payment_id: input.paymentId,
+        amount: input.amount,
+        fee: input.fee,
+        status: input.status,
+      },
+      update: {
+        amount: input.amount,
+        fee: input.fee,
+        status: input.status,
+      },
+    });
+  }
+};

src/purchases/repositories/purchase.complete.repository.ts

@@ -0,0 +1,27 @@
+import prisma from '../../config/prisma';
+
+export const PurchaseRepository = {
+  findSucceededByUser(userId: number) {
+    return prisma.purchase.findMany({
+      where: {
+        user_id: userId,
+        payment: { is: { status: 'Succeed'}},
+      },
+      include: {
+        prompt: {
+          select: {
+            prompt_id: true,
+            title: true,
+            user: { select: { nickname: true}},
+          },
+        },
+        payment: {
+          select: {
+            provider: true,
+          },
+        },
+      },
+      orderBy: { created_at: 'desc'},
+    })
+  }
+};