diff --git a/src/app/api/verify-order/route.ts b/src/app/api/verify-order/route.ts index ef8cd5d..22075f4 100644 --- a/src/app/api/verify-order/route.ts +++ b/src/app/api/verify-order/route.ts @@ -9,7 +9,14 @@ export async function POST(request: NextRequest) { if (!session) { return NextResponse.json({ message: "No session", isOk: false }, { status: 400 }); } - const { orderId, razorpayPaymentId, razorpaySignature, amount } = await request.json(); + const { email, orderId, razorpayPaymentId, razorpaySignature, amount } = await request.json(); + if (!email || !orderId || !razorpayPaymentId || !razorpaySignature || !amount) { + return NextResponse.json({ message: "Invalid data", isOk: false }, { status : 400 }); + } + const userEmail = session.user?.role === "ADMIN" || session.user?.email !== email + ? email + : session.user?.email!; + const signature = generatedSignature(orderId, razorpayPaymentId); if (signature !== razorpaySignature) { @@ -18,13 +25,13 @@ export async function POST(request: NextRequest) { if (signature === razorpaySignature) { const user = await prisma.user.findUnique({ where: { - email: session.user?.email!, + email: userEmail, }, }); try { await sendRegistrationEmail({ - email: session.user?.email!, + email: userEmail, name: session.user?.name!, registrationLink: `${process.env.NEXT_PUBLIC_SITE_URL}/admin/verify/${razorpayPaymentId}`, }); diff --git a/src/components/common/registration-form.tsx b/src/components/common/registration-form.tsx index df0328b..fbcc573 100644 --- a/src/components/common/registration-form.tsx +++ b/src/components/common/registration-form.tsx @@ -151,6 +151,7 @@ export default function RegistrationForm() { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ + email: form.getValues("email"), orderId: response.razorpay_order_id, razorpayPaymentId: response.razorpay_payment_id, razorpaySignature: response.razorpay_signature, @@ -218,7 +219,7 @@ export default function RegistrationForm() { }, notes: { name: form.getValues("name"), - email: session?.user?.email, + email: form.getValues("email"), contact: form.getValues("phone"), designation: form.getValues("designation"), foodPreference: form.getValues("foodPreference"), @@ -233,7 +234,7 @@ export default function RegistrationForm() { }, prefill: { name: form.getValues("name"), - email: session?.user?.email, + email: form.getValues("email"), contact: form.getValues("phone"), }, theme: { @@ -299,7 +300,7 @@ export default function RegistrationForm() { const handleNext = async () => { let isValid = false; if (step === 1) { - isValid = await form.trigger(["designation", "foodPreference", "name"]); + isValid = await form.trigger(["designation", "foodPreference", "name", "email"]); } else if (step === 2) { const designation = form.getValues("designation"); if (designation === "student") { @@ -380,10 +381,10 @@ export default function RegistrationForm() {