Search code examples
djangorazorpay

Django razorpay: How to get the order id after payment is complete

As per my understanding.

Step1) create Order_id

order_amount = 50000
order_currency = 'INR'
order_receipt = 'order_rcptid_11'
notes = {'Shipping address': 'Bommanahalli, Bangalore'}   # OPTIONAL

obj = client.order.create(amount=order_amount, currency=order_currency, receipt=order_receipt, notes=notes)

then save order in databas

order_id = obj['id']
Orders(
  id=order_id,
  status="pending",
  user=user, 
  razorpay_payment_id="",
  razorpay_order_id="",
  razorpay_signature="").save()

Step2 - Pass the order_id to the checkout page

<form action="https://www.example.com/payment/success/" method="POST">
<script
    src="https://checkout.razorpay.com/v1/checkout.js"
    data-key="YOUR_KEY_ID" // Enter the Test API Key ID generated from Dashboard → Settings → API Keys
    data-amount="29935" // Amount is in currency subunits. Hence, 29935 refers to 29935 paise or ₹299.35.
    data-currency="INR"//You can accept international payments by changing the currency code. Contact our Support Team to enable International for your account
    data-order_id="order_CgmcjRh9ti2lP7"//Replace with the order_id generated by you in the backend.
    data-buttontext="Pay with Razorpay"
    data-name="Acme Corp"
    data-description="A Wild Sheep Chase is the third novel by Japanese author Haruki Murakami"
    data-image="https://example.com/your_logo.jpg"
    data-prefill.name="Gaurav Kumar"
    data-prefill.email="[email protected]"
    data-theme.color="#F37254"
></script>
<input type="hidden" custom="Hidden Element" name="hidden">
</form>

Step3: Get the reponse on payment completed

{
  "razorpay_payment_id": "pay_29QQoUBi66xm2f",
  "razorpay_order_id": "order_9A33XWu170gUtm",
  "razorpay_signature": "9ef4dffbfd84f1318f6739a3ce19f9d85851857ae648f114332d8401e0949a3d"
}

Now We have to verify this.

But here we dont know this response is for which order_id as per this image.

enter image description here

Because i have seen someone using the below to retrieve the order

Orders.objects.get(order_id = razorpay_order_id)

but this contradicts with the notes in the above image.

If order_id is not same razorpay_order_id then the only way to retrieve the order is it to include it in the callback url like /successs/order_id

So how to do this the right way

Also one more confusing thing i found is that the python library razorpay is different from the docs

enter image description here

And what the docs say:

enter image description here

and again another confusion is the docs says we can use the python module

enter image description here

Solution

  • In step 1, with obj = client.order.create() and obj['id'] what you are getting is the order_id, and you have to save it in the DB corresponding to the Order.

    We can blindly trust this created order_id since this is created in our server.

    And on completing the checkout process of the order, the Razorpay returns razorpay_order_id, this will be the same as our order_id unless someone manipulated it. That's why the documentation says:

    Do not use the razorpay_order_id "returned by the Checkout"

    What does it actually mean is Do not use the razorpay_order_id "returned by the Checkout" directly in the

    client.payment.capture(response['razorpay_payment_id'], ... )

    without any validations or cross-checking with our previously created order_id

    How to return the order?

    Since we have already saved our Order with the order_id,

    we can cross-check the razorpay_order_id with our order_id like in the example you mentioned.

    trusted_order = Orders.objects.filter(order_id=razorpay_order_id)

    if there exists a trusted_order that is not previously paid then we are safe to use razorpay_payment_id.