feat(payment): implement secure payment cancellation page with session tracking

- Create PaymentCancelController with authentication and subscription detection - Design responsive cancellation view with red/orange gradient theme - Add session token logging and recent subscription lookup functionality - Update payment cancel route to use new controller with auth middleware - Include security assurances and proper navigation to checkout/dashboard - Remove broken route references and ensure all buttons link to valid pages
2025-12-05 06:59:08 -08:00
parent 34183dc3cb
commit ebb041c0cc
3 changed files with 209 additions and 1 deletions
--- a/app/Http/Controllers/PaymentCancelController.php
+++ b/app/Http/Controllers/PaymentCancelController.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Subscription;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+
+class PaymentCancelController extends Controller
+{
+    /**
+     * Show the payment cancellation page
+     */
+    public function show(Request $request)
+    {
+        // Get the session token from Polar if available
+        $sessionToken = $request->get('customer_session_token');
+
+        Log::info('PaymentCancelController: Cancellation page accessed', [
+            'user_id' => auth()->id(),
+            'session_token' => $sessionToken ? substr($sessionToken, 0, 20) . '...' : 'none',
+            'ip_address' => $request->ip(),
+            'user_agent' => $request->userAgent(),
+        ]);
+
+        // Look for any recent subscriptions for this user
+        $recentSubscription = null;
+        if (auth()->check()) {
+            $recentMinutes = 15; // Look for subscriptions in last 15 minutes
+            $recentSubscription = Subscription::where('user_id', auth()->id())
+                ->where('created_at', '>=', now()->subMinutes($recentMinutes))
+                ->whereIn('status', ['pending_payment', 'incomplete', 'cancelled'])
+                ->orderBy('created_at', 'desc')
+                ->first();
+
+            if ($recentSubscription) {
+                Log::info('PaymentCancelController: Found recent subscription', [
+                    'user_id' => auth()->id(),
+                    'subscription_id' => $recentSubscription->id,
+                    'status' => $recentSubscription->status,
+                    'provider' => $recentSubscription->provider,
+                ]);
+            }
+        }
+
+        return view('payment.cancel', [
+            'sessionToken' => $sessionToken,
+            'recentSubscription' => $recentSubscription,
+        ]);
+    }
+}