Node JS / Express JS: PayUmoney Payment Integration

Well, We have to build a Web app in Node JS/Express JS, Mongo as DBMS and Ejs as template engine. In the app, We have to integrate Payment gateway so we choose payumoney but struggled in implementing it as the docs were not up to the mark and weren’t clear, so by researching and referring hectic docs it was successfully implemented , So I thought why not get hands dirty on my first medium article and not let others struggle.

To start with integration, first, you need to have an active payumoney acccount and you will be provided with Merchant Key and Salt once successfully created account and verified all the details required.

Note: Your account may take 2–3 working days for verification.

Payumoney has two types of checkout One is Bolt and another one is Redirect, but we will gonna focus on Redirect Checkout. Below is a screenshot of how it works.

Here, The most important part where mostly developers face problems is generating hash.

Generating Hash:

#Hash Sequence
hashSequence =
key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||salt

Above shown is the way of generating a hash. Here the parameters are to be hashed in the following sequence by using “|” after each parameter and provide all the details mentioned above. Here udf1, udf2 … are user-defined fields and these are optional and if you don’t use them you must replace it with empty spaces and use the above exact sequence.

hashString = 'YOUR_MERCHANT_KEY' 
 + '|' + txnid 
 + '|' + amount 
 + '|' + productinfo 
 + '|' + firstname 
 + '|' + email 
 + '|' + '||||||||||' 
 + 'YOUR_MERCHANT_SALT';

Once hashstring is generated in proper sequence, now we need to hash it Using ‘SHA-512’ to generate final hashed value. Here, we will be using ‘jssha’ npm module for hashing it.

Install Module(jssha):

npm install jssha --save
const sha = new jsSHA('SHA-512', "TEXT");

Then pass hashstring in sha update function.

sha.update(hashString);

Now store hashed value:

const hash = sha.getHash("HEX");

After generating hashString, its time to use it in API. Here We will create POST route. Here express router is used to make a call to API. Payumoney provides testing credentials for implementing and testing purpose.

Testing URL:

https://sandboxsecure.payu.in/_payment

After switching to a production environment, remember to change it to a production URL

Production URL:

https://secure.payu.in/_payment

API:

const router = express.Router();
//We are using request for making an HTTP/HTTPS call to payumoney server

const request = require('request');

router.post('/payment_gateway/payumoney', (req, res) => {

req.body.txnid = //Here pass txnid and it should be different 
 on every call

req.body.email = req.user.email;

req.body.firstname = req.user.firstname;

//Here save all the details in pay object 
 const pay = req.body;

const hashString = 'YOUR_MERCHANT_KEY' //store in in different file
 + '|' + pay.txnid
 + '|' + pay.amount 
 + '|' + pay.productinfo 
 + '|' + pay.firstname 
 + '|' + pay.email 
 + '|' + '||||||||||'
 + 'YOUR_MERCHANT_SALT' //store in in different file

const sha = new jsSHA('SHA-512', "TEXT");

sha.update(hashString);

//Getting hashed value from sha module
 const hash = sha.getHash("HEX");
 
 //We have to additionally pass merchant key to API
 so remember to include it.

 pay.key = 'YOUR_MERCHANT_KEY' //store in in different file;
 pay.surl = 'PROVIDE SUCCESS URL ROUTE';
 pay.furl = 'PROVIDE FAILRE URL ROUTE';
 pay.hash = hash;

//Making an HTTP/HTTPS call with request
request.post({
 headers: {
 'Accept': 'application/json',
 'Content-Type': 'application/json'
 },
 url: 'https://sandboxsecure.payu.in/_payment', //Testing url
 form: pay
 }, function (error, httpRes, body) {
    
    if (error) 
     res.send(
     {
         status: false, 
         message:error.toString()
     }
     );

    if (httpRes.statusCode === 200) {
        res.send(body);
     } else if (httpRes.statusCode >= 300 && 
         httpRes.statusCode <= 400) {
         res.redirect(httpRes.headers.location.toString());
     }
})
});

After calling an API to above route Payumoney will return transaction data. There will be two transaction status fail and transaction success, as we had already provided [surl, furl] which means success URL and failure URL. If it fails it will redirect and send the transaction status to failure URL and if it’s a success then it will redirect and send the status to success URL, So remember to include SURL and FURL.

Now implement POST API for success and fail URL

Payment Success URL:

route.post('/payment/success', (req, res) => {

//Payumoney will send Success Transaction data to req body. 
 Based on the response Implement UI as per you want
 res.send(req.body);
 
})

Payment Failure URL:

route.post('/payment/fail', (req, res) => {

//Payumoney will send Fail Transaction data to req body. 
 Based on the response Implement UI as per you want
 res.send(req.body);
 
})

For Client-Side, EJS is used as a Template Engine

Simply install EJS with npm command and set it as default engine for rendering.

npm i ejs --save
const app = express() //I guess you know the remaining process
app.set('view engine', 'ejs');

Now we will call API from front-end, so let’s start

Do remember you don’t need to send KEY, SALT & txnid from Client-side for security reasons.

Make an EJS file e.g (payment.ejs) and make sure to include a service provider

<form action="payment_gateway/payumoney" method="POST">

<input class="amount" type="hidden" name="amount" value=""/>

<input class="con" type="hidden" name="phone" value="" />

<input type="hidden" name="service_provider" 
 value="payu_paisa"/>

<input type="hidden" class="product" name="productinfo" 
 value="educational purpose"/>
 
 <input type="submit" value="Pay"/>

</form>


Provide all the details mentioned above from client-side to API based on the response implement UI as per yourself.

Boom, you have successfully implemented a payment gateway in your application.