| 1 |
30 |
defmodule DaProductAppWeb.Router do |
| 2 |
1 |
use DaProductAppWeb, :router |
| 3 |
|
|
| 4 |
9 |
pipeline :browser do |
| 5 |
|
plug :accepts, ["html"] |
| 6 |
|
plug :fetch_session |
| 7 |
|
plug :fetch_live_flash |
| 8 |
|
plug :put_root_layout, html: {DaProductAppWeb.Layouts, :root} |
| 9 |
|
plug :protect_from_forgery |
| 10 |
|
plug :put_secure_browser_headers |
| 11 |
|
end |
| 12 |
|
|
| 13 |
1 |
pipeline :api do |
| 14 |
|
plug :accepts, ["json", "xml"] |
| 15 |
|
end |
| 16 |
|
|
| 17 |
:-( |
pipeline :npci_upi do |
| 18 |
|
plug :accepts, ["xml"] |
| 19 |
|
# plug DaProductAppWeb.Plugs.RawBody |
| 20 |
|
# Add any NPCI-specific plugs here (auth, rate limiting, etc.) |
| 21 |
|
end |
| 22 |
|
|
| 23 |
:-( |
pipeline :webhook do |
| 24 |
|
plug :accepts, ["json"] |
| 25 |
|
plug DaProductAppWeb.Plugs.RawBody |
| 26 |
|
end |
| 27 |
|
|
| 28 |
|
scope "/", DaProductAppWeb do |
| 29 |
|
pipe_through :browser |
| 30 |
|
|
| 31 |
9 |
get "/", PageController, :home |
| 32 |
|
|
| 33 |
|
# Admin dashboard - LiveView |
| 34 |
:-( |
live "/dashboard", DashboardLive, :index |
| 35 |
|
|
| 36 |
|
# Authentication and management |
| 37 |
:-( |
get "/login", SessionController, :new |
| 38 |
:-( |
post "/login", SessionController, :create |
| 39 |
:-( |
delete "/logout", SessionController, :delete |
| 40 |
|
# Legacy logout routes (handle GET requests when JS data-method doesn't work) |
| 41 |
:-( |
get "/logout", SessionController, :delete |
| 42 |
:-( |
get "/users/log_out", SessionController, :delete |
| 43 |
|
|
| 44 |
|
# Core Administration - LiveView |
| 45 |
:-( |
live "/users", UsersLive, :index |
| 46 |
:-( |
live "/users/new", UsersLive, :new |
| 47 |
:-( |
live "/users/:id/edit", UsersLive, :edit |
| 48 |
|
|
| 49 |
:-( |
live "/organizations", OrganizationsLive, :index |
| 50 |
:-( |
live "/organizations/new", OrganizationsLive, :new |
| 51 |
:-( |
live "/organizations/:id/edit", OrganizationsLive, :edit |
| 52 |
:-( |
live "/organizations/:id/users", OrganizationsLive, :users |
| 53 |
|
|
| 54 |
|
# Phase 2: Monitoring & Analytics - LiveView |
| 55 |
:-( |
live "/transactions", TransactionsLive, :index |
| 56 |
:-( |
live "/transactions/:id", TransactionsLive, :show |
| 57 |
|
|
| 58 |
:-( |
live "/qr-validations", QRValidationsLive, :index |
| 59 |
:-( |
live "/qr-validations/:id", QRValidationsLive, :show |
| 60 |
|
|
| 61 |
:-( |
live "/req-chk-txn", ReqChkTxnLive, :index |
| 62 |
:-( |
live "/req-chk-txn/:id", ReqChkTxnLive, :show |
| 63 |
|
|
| 64 |
:-( |
live "/req-pay", ReqPayLive, :index |
| 65 |
:-( |
live "/req-pay/:id", ReqPayLive, :show |
| 66 |
|
|
| 67 |
:-( |
live "/analytics", AnalyticsLive, :index |
| 68 |
|
|
| 69 |
|
# Phase 3: Platform Management - LiveView |
| 70 |
:-( |
live "/international-payments", InternationalPaymentsLive, :index |
| 71 |
:-( |
live "/international-payments/:id", InternationalPaymentsLive, :show |
| 72 |
|
|
| 73 |
:-( |
live "/settlements", SettlementsLive, :index |
| 74 |
:-( |
live "/settlements/:id", SettlementsLive, :show |
| 75 |
|
|
| 76 |
:-( |
live "/api-docs", ApiDocsLive, :index |
| 77 |
:-( |
live "/api-docs/:group", ApiDocsLive, :group |
| 78 |
:-( |
live "/api-docs/:group/:endpoint", ApiDocsLive, :endpoint |
| 79 |
|
|
| 80 |
:-( |
live "/settings", SettingsLive, :index |
| 81 |
:-( |
live "/settings/:tab", SettingsLive, :tab |
| 82 |
|
|
| 83 |
|
# Legacy controller routes (keeping for backward compatibility) |
| 84 |
|
resources "/organizations_old", OrganizationController |
| 85 |
|
resources "/users_old", UserController |
| 86 |
|
end |
| 87 |
|
|
| 88 |
|
# SaaS Kit webhook endpoint |
| 89 |
|
scope "/webhooks", DaProductAppWeb do |
| 90 |
|
pipe_through :webhook |
| 91 |
|
|
| 92 |
:-( |
post "/saas-kit", SaasKitWebhookController, :webhook |
| 93 |
|
end |
| 94 |
|
|
| 95 |
|
# Other scopes may use custom stacks. |
| 96 |
|
scope "/api/v1", DaProductAppWeb.Api.V1 do |
| 97 |
|
pipe_through :api |
| 98 |
|
|
| 99 |
|
# ================================ |
| 100 |
|
# NPCI → PSP Interface (UpiController) |
| 101 |
|
# These handle all official UPI APIs from NPCI |
| 102 |
|
# No authentication required - NPCI authenticated via other means |
| 103 |
|
# ================================ |
| 104 |
|
|
| 105 |
|
# Core UPI APIs (as per NPCI specification) |
| 106 |
:-( |
post "/upi/validate-qr", UpiController, :validate_qr # ReqValQR from NPCI |
| 107 |
:-( |
post "/upi/process-payment", UpiController, :process_payment # ReqPay from NPCI |
| 108 |
:-( |
post "/upi/check-transaction", UpiController, :check_transaction # ReqChkTxn from NPCI |
| 109 |
:-( |
post "/upi/process-credit", UpiController, :process_credit_payment # ReqPay CREDIT from NPCI |
| 110 |
:-( |
post "/upi/heartbeat", UpiController, :heartbeat # ReqHbt from NPCI |
| 111 |
|
|
| 112 |
|
# Enhanced UPI APIs (extensions) |
| 113 |
:-( |
post "/upi/batch-check", UpiController, :batch_check_transactions |
| 114 |
:-( |
post "/upi/reconciliation", UpiController, :reconciliation |
| 115 |
:-( |
post "/upi/mandate-request", UpiController, :mandate_request |
| 116 |
|
|
| 117 |
|
# International UPI queries (PSP internal) |
| 118 |
:-( |
get "/upi/international-qr", UpiController, :get_international_qr |
| 119 |
:-( |
get "/upi/fx-rate/:from/:to", UpiController, :get_fx_rate |
| 120 |
|
end |
| 121 |
|
|
| 122 |
|
# Partner APIs - Require Authentication |
| 123 |
|
scope "/api/v1", DaProductAppWeb.Api.V1 do |
| 124 |
|
pipe_through [:api, DaProductAppWeb.Plugs.PartnerAuth, DaProductAppWeb.Plugs.RateLimiter] |
| 125 |
|
|
| 126 |
|
# ================================ |
| 127 |
|
# Partner → PSP Interface (QRValidationController) |
| 128 |
|
# These handle partner-facing QR generation APIs |
| 129 |
|
# ================================ |
| 130 |
|
|
| 131 |
|
# Clear, descriptive naming for partner APIs |
| 132 |
:-( |
post "/qr-generate", QRValidationController, :generate_qr # Partner requests QR generation |
| 133 |
:-( |
post "/generate-static-qr", QRValidationController, :generate_static_qr # Partner requests static QR generation |
| 134 |
:-( |
get "/qr-status/:id", QRValidationController, :get_qr_status # Partner checks QR status |
| 135 |
|
|
| 136 |
|
# ================================ |
| 137 |
|
# Partner Merchant Management APIs |
| 138 |
|
# Partners can enroll and manage their merchants |
| 139 |
|
# ================================ |
| 140 |
|
|
| 141 |
|
# Merchant enrollment and management |
| 142 |
|
resources "/partners/:partner_id/merchants", PartnerMerchantController, except: [:delete] do |
| 143 |
|
# Merchant validation and status management |
| 144 |
:-( |
get "/validate", PartnerMerchantController, :validate_merchant, as: :validate |
| 145 |
:-( |
patch "/status", PartnerMerchantController, :update_status, as: :status |
| 146 |
:-( |
post "/check-limits", PartnerMerchantController, :check_limits, as: :limits |
| 147 |
|
end |
| 148 |
|
|
| 149 |
|
# Merchant search and analytics |
| 150 |
:-( |
get "/partners/:partner_id/merchants-search", PartnerMerchantController, :search |
| 151 |
:-( |
get "/partners/:partner_id/merchants-stats", PartnerMerchantController, :stats |
| 152 |
|
|
| 153 |
|
# ================================ |
| 154 |
|
# Legacy Transaction APIs (if needed) |
| 155 |
|
# ================================ |
| 156 |
|
resources "/transactions", TransactionController, only: [:index, :show] |
| 157 |
|
end |
| 158 |
|
|
| 159 |
|
# ================================ |
| 160 |
|
# NPCI UPI Direct API Endpoints (No /api/v1 prefix) |
| 161 |
|
# These match NPCI's direct calling patterns like /ReqHbt/2.0/urn:txnid:... |
| 162 |
|
# ================================ |
| 163 |
|
scope "/", DaProductAppWeb.Api.V1 do |
| 164 |
|
pipe_through :npci_upi |
| 165 |
|
|
| 166 |
|
# UPI Core APIs - NPCI Direct Format |
| 167 |
:-( |
post "/ReqValQr/*path", UpiController, :validate_qr # QR Validation |
| 168 |
:-( |
post "/ReqPay/*path", UpiController, :process_payment # Payment Processing |
| 169 |
:-( |
post "/ReqChkTxn/*path", UpiController, :check_transaction # Transaction Status |
| 170 |
:-( |
post "/ReqHbt/*path", UpiController, :heartbeat # Heartbeat |
| 171 |
:-( |
post "/ReqRegMob/*path", UpiController, :register_mobile # Mobile Registration |
| 172 |
:-( |
post "/ReqOtp/*path", UpiController, :otp_request # OTP Request |
| 173 |
:-( |
post "/ReqSetCre/*path", UpiController, :set_credentials # Set Credentials |
| 174 |
:-( |
post "/ReqMandateConf/*path", UpiController, :mandate_confirmation # Mandate Confirmation |
| 175 |
|
|
| 176 |
|
# Alternative patterns without path params (if NPCI uses simpler format) |
| 177 |
:-( |
post "/ReqValQr", UpiController, :validate_qr |
| 178 |
:-( |
post "/ReqPay", UpiController, :process_payment |
| 179 |
:-( |
post "/ReqChkTxn", UpiController, :check_transaction |
| 180 |
:-( |
post "/ReqHbt", UpiController, :heartbeat |
| 181 |
:-( |
post "/ReqRegMob", UpiController, :register_mobile |
| 182 |
:-( |
post "/ReqOtp", UpiController, :otp_request |
| 183 |
:-( |
post "/ReqSetCre", UpiController, :set_credentials |
| 184 |
:-( |
post "/ReqMandateConf", UpiController, :mandate_confirmation |
| 185 |
|
end |
| 186 |
|
|
| 187 |
|
# Development routes |
| 188 |
|
if Mix.env() in [:dev, :test] do |
| 189 |
|
import Phoenix.LiveDashboard.Router |
| 190 |
|
|
| 191 |
|
scope "/" do |
| 192 |
|
pipe_through [:fetch_session, :protect_from_forgery] |
| 193 |
:-( |
live_dashboard "/dashboard", metrics: DaProductAppWeb.Telemetry |
| 194 |
|
end |
| 195 |
|
end |
| 196 |
|
end |