Skip to content

Latest commit

 

History

History
161 lines (129 loc) · 6.26 KB

README.md

File metadata and controls

161 lines (129 loc) · 6.26 KB

Handle Paystack Webhooks in a Laravel application

tests Build Status Scrutinizer Code Quality Code Intelligence Status License: MIT

Paystack can notify your application about various events via webhooks. This package can help you handle those webhooks. It will automatically verify all incoming requests and ensure they are coming from Paystack. By default, a route that points to this package's webhook controller is configured through the service provider.

Please note that this package will NOT handle what should be done after the request has been validated. You should still write the code for that.

Find out more details about Paystack's Event here

Installation

You can install the package via composer:

composer require digikraaft/laravel-paystack-webhooks

Configuration File

The Laravel Paystack Webhooks package comes with a configuration file, here is the content of the file:

return [

    /*
    |--------------------------------------------------------------------------
    | Paystack Keys
    |--------------------------------------------------------------------------
    |
    | The Paystack publishable key and secret key. You can get these from your Paystack dashboard.
    |
    */

    'public_key' => env('PAYSTACK_PUBLIC_KEY'),

    'secret' => env('PAYSTACK_SECRET'),

    /*
   |--------------------------------------------------------------------------
   | Webhooks Path
   |--------------------------------------------------------------------------
   |
   | This is the base URI path where webhooks will be handled from.
   |
   | This should correspond to the webhooks URL set in your Paystack dashboard:
   | https://dashboard.paystack.com/#/settings/developer.
   |
   | If your webhook URL is https://domain.com/paystack/webhook/ then you should simply enter paystack here.
   |
   | Remember to also add this as an exception in your VerifyCsrfToken middleware.
   |
   | See the demo application linked on github to help you get started.
   |
   */
    'webhook_path' => env('PAYSTACK_WEBHOOK_PATH', 'paystack'),

];

You can publish this config file with the following commands:

php artisan vendor:publish --provider="Digikraaft\PaystackWebhooks\PaystackWebhooksServiceProvider" --tag="config"

API Keys

You should configure your Paystack keys in your .env file. You can get your Paystack API keys from the Paystack dashboard.

PAYSTACK_PUBLIC_KEY=your-paystack-public-key
PAYSTACK_SECRET=your-paystack-secret

Handling Paystack Webhooks

Paystack can notify your application about various events via webhooks. This package can help you handle those webhooks. It will automatically verify all incoming requests and ensure they are coming from Paystack. By default, a route that points to this package's webhook controller is configured through the service provider.

Please note that this package will NOT handle what should be done after the request has been validated. You should still write the code for that. All you need do is to extend the controller in order to handle any webhook event you like. For example, if you wish to handle the charge.success event, you should add a handleChargeSuccess method to the controller:

<?php

namespace App\Http\Controllers;

use Digikraaft\PaystackWebhooks\Http\Controllers\WebhooksController as PaystackWebhooksController;

class WebhookController extends PaystackWebhooksController
{
    /**
     * Handle charge success.
     *
     * @param  array  $payload
     * @return \Symfony\Component\HttpFoundation\Response
     */
    public function handleChargeSuccess($payload)
    {
        // Handle The Event
    }
}

To ensure your application can handle Paystack webhooks, be sure to configure the webhook URL in the Paystack dashboard. By default, this package's webhook controller listens to the /paystack/webhook.

Next, define a route to your controller within your routes/web.php file.

Route::post(
    'paystack/webhook',
    '\App\Http\Controllers\WebhookController@handleWebhook'
);

Webhooks & CSRF Protection

Since Paystack webhooks need to bypass Laravel's CSRF protection, be sure to list the URI as an exception in your VerifyCsrfToken middleware or list the route outside of the web middleware group:

protected $except = [
    'paystack/*',
];

This package emits a Digikraaft\PaystackWebhooks\Events\WebhookReceived event when a webhook is received, and a Digikraaft\PaystackWebhooks\Events\WebhookHandled event when a webhook was handled by you. Both events contain the full payload of the Paystack webhook.

You can find details about Paystack events here

Verifying Webhook Signatures

For convenience, this package automatically includes a middleware which validates that the incoming Paystack webhook request is valid.

Testing

Use the command below to run your tests:

composer test

More Good Stuff

Check here for more awesome free stuff!

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email dev@digitalkraaft.com instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.