Merge pull request 'Fixed cookie and header collision issue on signout' (#119) from logout-fix into master

Reviewed-on: #119

LiteCharms.Abstractions/LiteCharms.Abstractions.csproj

@@ -0,0 +1,40 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <SignAssembly>True</SignAssembly>
+    <AssemblyOriginatorKeyFile>..\LiteCharms.snk</AssemblyOriginatorKeyFile>
+  </PropertyGroup>
+
+  <!-- Nuget Package Details -->
+  <PropertyGroup>
+    <PackageId>LiteCharms.Abstractions</PackageId>
+    <Version>1.0.20</Version>
+    <Authors>Khwezi Mngoma</Authors>
+    <Company>Lite Charms (PTY) Ltd</Company>
+    <Description>Shared abstractions for Lite Charms applications.</Description>
+    <PackageProjectUrl>https://gitea.khongisa.co.za/litecharms/components</PackageProjectUrl>
+    <RepositoryUrl>https://gitea.khongisa.co.za/litecharms/components.git</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageTags>utility;dotnet</PackageTags>
+    <PackageIcon>icon.png</PackageIcon>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <None Include="..\LICENSE" Pack="true" PackagePath="\" />
+    <None Include="..\icon.png" Pack="true" PackagePath="\" />
+  </ItemGroup>
+  
+  <ItemGroup>
+    <PackageReference Include="FluentResults" Version="4.0.0" />
+    <PackageReference Include="Mediator.Abstractions" Version="3.0.2" />
+
+    <Using Include="Mediator" />
+    <Using Include="FluentResults" />
+    <Using Include="System.Threading.Channels" />
+  </ItemGroup>
+
+</Project>

LiteCharms.Entities/LiteCharms.Entities.csproj

@@ -0,0 +1,45 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <SignAssembly>True</SignAssembly>
+    <AssemblyOriginatorKeyFile>..\LiteCharms.snk</AssemblyOriginatorKeyFile>
+  </PropertyGroup>
+
+  <!-- Nuget Package Details -->
+  <PropertyGroup>
+    <PackageId>LiteCharms.Entities</PackageId>
+    <Version>1.0.20</Version>
+    <Authors>Khwezi Mngoma</Authors>
+    <Company>Lite Charms (PTY) Ltd</Company>
+    <Description>Shared entities for Lite Charms applications.</Description>
+    <PackageProjectUrl>https://gitea.khongisa.co.za/litecharms/components</PackageProjectUrl>
+    <RepositoryUrl>https://gitea.khongisa.co.za/litecharms/components.git</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageTags>utility;dotnet</PackageTags>
+    <PackageIcon>icon.png</PackageIcon>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <None Include="..\LICENSE" Pack="true" PackagePath="\"/>
+    <None Include="..\icon.png" Pack="true" PackagePath="\" />
+  </ItemGroup>
+
+  <!-- Database -->
+  <ItemGroup>
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.7" />    
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.7" />    
+
+    <!-- Global Usings -->    
+    <Using Include="Microsoft.EntityFrameworkCore" />
+    <Using Include="Microsoft.EntityFrameworkCore.Metadata.Builders" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\LiteCharms.Models\LiteCharms.Models.csproj" />
+  </ItemGroup>
+
+</Project>

LiteCharms.Features.MidrandBooks.Seed/LiteCharms.Features.MidrandBooks.Seed.csproj

@@ -11,7 +11,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Bogus" Version="35.6.5" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.103">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -116,8 +116,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.7" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.4" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.MidrandBooks/Customers/CustomerService.cs

@@ -334,6 +334,28 @@ public sealed class CustomerService(IDbContextFactory<MidrandBooksDbContext> con
         }
     }
 
+    public async ValueTask<Result<Customer>> GetCustomerAsync(string email, CancellationToken cancellationToken = default)
+    {
+        try
+        {
+            await using var context = await contextFactory.CreateDbContextAsync(cancellationToken);
+
+            var customer = await context.Customers
+                .AsNoTracking()
+                .Include(c => c.Contacts)
+                .Include(c => c.Addresses)
+                .FirstOrDefaultAsync(c => c.Email == email, cancellationToken);
+
+            return customer is not null
+                ? Result.Ok(customer.ToModel())
+                : Result.Fail<Customer>(new Error($"Customer with email '{email}' does not exist."));
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail<Customer>(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
     public async ValueTask<Result<Customer>> GetCustomerAsync(long customerId, CancellationToken cancellationToken = default)
     {
         try

LiteCharms.Features.MidrandBooks/Customers/Entities/CustomerConfiguration.cs

@@ -12,8 +12,8 @@ public sealed class CustomerConfiguration : IEntityTypeConfiguration<Customer>
         builder.Property(c => c.Company).IsRequired(false);
         builder.Property(c => c.VatNumber).IsRequired(false);
         builder.Property(c => c.Email).IsRequired();
-        builder.Property(c => c.Phone).IsRequired();
-        builder.Property(c => c.Website).IsRequired();
+        builder.Property(c => c.Phone).IsRequired(false);
+        builder.Property(c => c.Website).IsRequired(false);
         builder.Property(c => c.Enabled).HasDefaultValue(true);
 
         builder.OwnsMany(f => f.SocialMedia, b => { b.ToJson(); });

LiteCharms.Features.MidrandBooks/Extensions/Shop.cs

@@ -1,11 +1,12 @@
 using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Browser;
 using LiteCharms.Features.MidrandBooks.Abstractions;
 
 namespace LiteCharms.Features.MidrandBooks.Extensions;
 
 public static class Shop
 {
-    public static IServiceCollection AddShopServices(this IServiceCollection services)
+    public static IServiceCollection AddShopServices(this IServiceCollection services, bool includeLocalStorage = false)
     {
         var serviceType = typeof(IService);
 
@@ -19,6 +20,9 @@ public static class Shop
 
         foreach (var coreImplementation in coreImplementations) services.AddScoped(coreImplementation);
 
+        if (includeLocalStorage)
+            services.AddScoped<LocalStorageService>();
+
         return services;
     }
 }

LiteCharms.Features.MidrandBooks/LiteCharms.Features.MidrandBooks.csproj

@@ -32,7 +32,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>
     <PackageReference Include="Humanizer" Version="3.0.10" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.103">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.7" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.4" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->
@@ -148,6 +148,7 @@
 
   <!-- Shared Usings -->
   <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.Http" />
     <Using Include="System.Net.Sockets" />
     <Using Include="System.Text.RegularExpressions" />
     <Using Include="System.Web" />

LiteCharms.Features.MidrandBooks/Orders/OrderService.cs

@@ -164,6 +164,27 @@ public sealed class OrderService(IDbContextFactory<MidrandBooksDbContext> contex
     public async ValueTask<Result> CancelOrderAsync(long orderId, CancellationToken cancellationToken = default) =>
         await UpdateOrderStatusAsync(orderId, OrderStatus.Cancelled, cancellationToken);
 
+    public async ValueTask<Result<Order>> GetPendingOrderAsync(long customerId, CancellationToken cancellationToken = default)
+    {
+        try
+        {
+            await using var context = await contextFactory.CreateDbContextAsync(cancellationToken);
+
+            var order = await context.Orders.AsNoTracking()
+                .Where(o => o.Status == OrderStatus.Pending && o.CustomerId == customerId)
+                .OrderByDescending(o => o.Id)
+                .FirstOrDefaultAsync(cancellationToken);
+
+            return order is not null
+                ? Result.Ok(order.ToModel())
+                : Result.Fail<Order>("Order not found.");
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail<Order>(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
     public async ValueTask<Result<Order>> GetOrderAsync(long orderId, CancellationToken cancellationToken = default)
     {
         try

LiteCharms.Features.MidrandBooks/Payments/CartService.cs

@@ -1,5 +1,4 @@
-using LiteCharms.Features.Abstractions;
-using LiteCharms.Features.Browser;
+using LiteCharms.Features.Browser;
 using LiteCharms.Features.Hasher;
 using LiteCharms.Features.MidrandBooks.Authors.Models;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
@@ -7,7 +6,7 @@ using LiteCharms.Features.MidrandBooks.Products.Models;
 
 namespace LiteCharms.Features.MidrandBooks.Payments;
 
-public sealed class CartService(LocalStorageService localStorage) : IService
+public sealed class CartService(LocalStorageService localStorage)
 {
     private readonly string CartStorageKey = HashService.ToMd5Hash(nameof(Cart)).Value;
 

LiteCharms.Features.MidrandBooks/Payments/Events/Handlers/PayfastPaymentConfirmationReceivedEventHandler.cs

@@ -1,17 +1,13 @@
-using LiteCharms.Features.Api.Configuration;
-using LiteCharms.Features.Hasher;
+using LiteCharms.Features.Hasher;
 using LiteCharms.Features.Mediator;
 using LiteCharms.Features.MidrandBooks.Orders;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
 
 namespace LiteCharms.Features.MidrandBooks.Payments.Events.Handlers;
 
-public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvider services, 
-    IOptions<PayfastSettings> payfastOptions, ILogger<PayfastPaymentConfirmationReceivedEvent> logger) :
+public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvider services, ILogger<PayfastPaymentConfirmationReceivedEvent> logger) :
     INotificationHandler<PayfastPaymentConfirmationReceivedEvent>
 {
-    private readonly PayfastSettings pasfastSettings = payfastOptions.Value;
-
     public async ValueTask Handle(PayfastPaymentConfirmationReceivedEvent notification, CancellationToken cancellationToken)
     {
         using var activity = MediatorTelemetry.Source.StartActivity($"Quartz: {typeof(PayfastPaymentConfirmationReceivedEvent).Name}");
@@ -23,83 +19,34 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi
         var paymentService = scope.ServiceProvider.GetRequiredService<PaymentService>();
         var payfastService = scope.ServiceProvider.GetRequiredService<PayfastService>();
 
-        var payload = notification.Payload ?? throw new Exception("Payload metadata context context is null.");
+        var payload = notification.Payload ?? throw new Exception("Payload metadata context is null.");
 
-        var dict = payload.ToParamDictionary();
-        var localSignature = PayfastService.GenerateSignature(dict, pasfastSettings.Passphrase);
+        var hashResult = hashService.DecodeLongIdHash(payload.MerchantPaymentId!);
+        if (hashResult.IsFailed) throw new Exception("Failed to decode application tracking hash key identifier.");
 
-        if (localSignature.IsFailed)
-            throw new Exception("Failed to generate local signature for incoming webhook payload.");
+        var orderResult = await orderService.GetOrderAsync(hashResult.Value, cancellationToken);
+        if (orderResult.IsFailed) throw new Exception("Target system order entity context cannot be traced.");
 
-        if (!string.Equals(localSignature.Value, payload.Signature, StringComparison.OrdinalIgnoreCase))
+        var paymentResult = await paymentService.GetOrderPaymentAsync(orderResult.Value.Id, cancellationToken);
+        if (paymentResult.IsFailed) throw new Exception("Target payment ledger entity cannot be resolved.");
+
+        var isAlreadyProcessed = await paymentService.HasLedgerEntryAsync(orderResult.Value.Id, paymentResult.Value.Id, cancellationToken);
+        if (isAlreadyProcessed.Value)
         {
-            logger.LogCritical("Incoming webhook signature verification failed. Possible payload tampering.");
+            logger.LogWarning("Webhook reference token '{Ref}' already verified. Skipping processing routines.", payload.MerchantPaymentId);
 
             return;
         }
 
-        var hashResult = hashService.DecodeLongIdHash(payload.MerchantPaymentId!);
-
-        if (hashResult.IsFailed) throw new Exception("Failed to decode application tracking hash key identifier.");
-
-        var orderResult = await orderService.GetOrderAsync(hashResult.Value, cancellationToken);
-
-        if (orderResult.IsFailed) throw new Exception("Target system order entity context cannot be traced.");
-
-        var paymentResult = await paymentService.GetOrderPaymentAsync(orderResult.Value.Id, cancellationToken);
-
-        if (paymentResult.IsFailed) throw new Exception("Target payment ledger entity cannot be resolved.");
+        var isAmountValid = payfastService.ValidatePaymentAmount(orderResult.Value.Total, payload.AmountGross);
+        if (!isAmountValid.Value)
+            throw new Exception("Security validation exception: Transaction cost variance bounds breached (Price Tampering Detected).");
 
         decimal.TryParse(payload.AmountGross, CultureInfo.InvariantCulture, out var gross);
         decimal.TryParse(payload.AmountFee, CultureInfo.InvariantCulture, out var fee);
         decimal.TryParse(payload.AmountNet, CultureInfo.InvariantCulture, out var net);
         string status = payload.PaymentStatus ?? "UNKNOWN";
 
-        var isAlreadyProcessed = await paymentService.HasLedgerEntryAsync(orderResult.Value.Id, paymentResult.Value.Id, cancellationToken);
-
-        if (isAlreadyProcessed.Value)
-        {
-            logger.LogWarning("Webhook reference token '{Ref}' already verified. Skipping validation routines.", payload.MerchantPaymentId);
-
-            return;
-        }
-
-        if (notification.PerformBackgroundChecks)
-        {
-            var isHostValid = await payfastService.ValidateReferrerIpAsync(notification.RemoteIpAddress!, notification.AllowLoopback, cancellationToken);
-
-            if (isHostValid.IsFailed)
-                throw new Exception("Security validation exception: Webhook packet source address failed cluster validation checks.");
-
-            if (!isHostValid.Value)
-                throw new Exception("Security validation exception: Webhook packet source address failed cluster validation checks.");
-
-            var isAmountValid = payfastService.ValidatePaymentAmount(orderResult.Value.Total, payload.AmountGross);
-
-            if (!isAmountValid.Value)
-                throw new Exception("Security validation exception: Transaction cost variance bounds breached.");
-
-            var paramList = new List<string>();
-
-            foreach (var kvp in dict)
-            {
-                if (!string.IsNullOrEmpty(kvp.Value))
-                {
-                    string encoded = HttpUtility.UrlEncode(kvp.Value.Trim());
-
-                    string safeValue = PayfastService.PercentEncodingRegex.Replace(encoded, m => m.Value.ToLowerInvariant());
-                    paramList.Add($"{kvp.Key}={safeValue}");
-                }
-            }
-
-            string rawParamString = string.Join("&", paramList);
-
-            var serverConfirmation = await payfastService.ValidateServerConfirmationAsync(rawParamString, isSandbox: true, cancellationToken);
-
-            if (serverConfirmation.IsFailed)
-                throw new Exception("Security validation exception: Payfast central handshake server rejected payload legitimacy.");
-        }
-
         await payfastService.WriteLedgerEntryAsync(new CreateGatewayLedgerEntry
         {
             OrderId = orderResult.Value.Id,
@@ -119,46 +66,39 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi
             {
                 OrderId = orderResult.Value.Id,
                 PaymentId = paymentResult.Value.Id,
-                PaymentGatewayReference = payload.PaymentId!,
+                PaymentGatewayReference = payload.MerchantPaymentId!,
                 Status = LedgerStatuses.Completed,
                 CustomerId = orderResult.Value.CustomerId,
             }, cancellationToken);
 
-            if (ledgerWriteResult.IsFailed)
-                throw new Exception("Failed to write ledger entry for payment confirmation.");
+            if (ledgerWriteResult.IsFailed) throw new Exception("Failed to write ledger entry for payment confirmation.");
 
             var completePaymentResult = await paymentService.CompletePaymentAsync(paymentResult.Value.Id, PaymentStatuses.Paid, cancellationToken);
-
-            if (completePaymentResult.IsFailed)
-                throw new Exception("Failed to update payment status to 'Paid' for payment confirmation.");
+            if (completePaymentResult.IsFailed) throw new Exception("Failed to update payment status to 'Paid'.");
 
             var updateOrderResult = await orderService.UpdateOrderStatusAsync(orderResult.Value.Id, OrderStatus.Completed, cancellationToken);
-
-            if (updateOrderResult.IsFailed)
-                throw new Exception("Failed to update order status to 'Completed' for payment confirmation.");
+            if (updateOrderResult.IsFailed) throw new Exception("Failed to update order status to 'Completed'.");
 
             logger.LogInformation("Order payment verified secure and cleared successfully.");
         }
         else
         {
-            LedgerStatuses ledgerStatus;
+            LedgerStatuses ledgerStatus = status.Equals("CANCELLED", StringComparison.OrdinalIgnoreCase)
+                ? LedgerStatuses.Cancelled
+                : LedgerStatuses.Failed;
 
-            if (status.Equals("CANCELLED", StringComparison.OrdinalIgnoreCase))
-                ledgerStatus = LedgerStatuses.Cancelled;
-            else
-                ledgerStatus = LedgerStatuses.Failed;
-
-            var ledgerWriteResult = await paymentService.WriteLedgerEntryAsync(new CreateLedgerEntry
+            await paymentService.WriteLedgerEntryAsync(new CreateLedgerEntry
             {
                 OrderId = orderResult.Value.Id,
                 PaymentId = paymentResult.Value.Id,
-                PaymentGatewayReference = payload.PaymentId!,
+                PaymentGatewayReference = payload.MerchantPaymentId!,
                 Status = ledgerStatus,
                 CustomerId = orderResult.Value.CustomerId,
             }, cancellationToken);
 
-            logger.LogInformation("Webhook validation pipeline passed checks successfully, logged entry to ledger with status: {Status}", status);
+            logger.LogInformation("Webhook pipeline logged non-success entry to ledger with status: {Status}", status);
         }
+
         activity?.SetStatus(ActivityStatusCode.Ok);
     }
 }

LiteCharms.Features.MidrandBooks/Payments/PayfastService.cs

@@ -48,6 +48,39 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
         }
     }
 
+    public static bool VerifyIncomingSignatureFromForm(IFormCollection formCollection, string passphrase)
+    {
+        var sortedFields = new Dictionary<string, string>(StringComparer.Ordinal);
+
+        foreach (var field in formCollection)
+        {
+            sortedFields.Add(field.Key, field.Value.ToString());
+        }
+
+        if (!sortedFields.TryGetValue("signature", out var incomingSignature)) return false;
+
+        var stringBuilder = new StringBuilder();
+
+        foreach (var key in sortedFields.Keys)
+        {
+            if (key.Equals("signature", StringComparison.OrdinalIgnoreCase)) continue;
+
+            string encodedVal = HttpUtility.UrlEncode(sortedFields[key].Trim());
+            string cleanVal = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToUpperInvariant());
+
+            stringBuilder.Append($"{key}={cleanVal}&");
+        }
+
+        string encodedPassphrase = HttpUtility.UrlEncode(passphrase.Trim());
+        string safePassphrase = PercentEncodingRegex.Replace(encodedPassphrase, m => m.Value.ToUpperInvariant());
+
+        stringBuilder.Append($"passphrase={safePassphrase}");
+
+        string generatedSignature = HashService.ToMd5Hash(stringBuilder.ToString()).Value;
+
+        return incomingSignature.Equals(generatedSignature, StringComparison.OrdinalIgnoreCase);
+    }
+
     public async ValueTask<Result<bool>> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default)
     {
         if(payfastOptions.Value?.ValidHosts?.Length == 0)
@@ -147,33 +180,66 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
     {
         var pfOutput = new StringBuilder();
 
-        foreach (var kvp in data)
+        var mandatorySequence = GetPayfastMandatoryFieldSequence();
+
+        foreach (string key in mandatorySequence)
         {
-            if (string.IsNullOrEmpty(kvp.Value))
-                continue;
+            if (data.TryGetValue(key, out string? rawValue) && !string.IsNullOrEmpty(rawValue))
+            {
+                string encodedVal = HttpUtility.UrlEncode(rawValue.Trim());
+                string val = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToUpperInvariant());
 
-            string key = kvp.Key;
-
-            string encodedVal = HttpUtility.UrlEncode(kvp.Value.Trim());
-
-            string val = PercentEncodingRegex.Replace(encodedVal, m => m.Value.ToLowerInvariant());
-
-            pfOutput.Append($"{key}={val}&");
+                pfOutput.Append($"{key}={val}&");
+            }
         }
 
-        string getString = pfOutput.Length > 0
+        var getString = pfOutput.Length > 0
             ? pfOutput.ToString()[..^1]
             : string.Empty;
 
         if (!string.IsNullOrWhiteSpace(passPhrase))
         {
             string encodedPassphrase = HttpUtility.UrlEncode(passPhrase.Trim());
-
-            string safePassphrase = PercentEncodingRegex.Replace(encodedPassphrase, m => m.Value.ToLowerInvariant());
+            string safePassphrase = PercentEncodingRegex.Replace(encodedPassphrase, m => m.Value.ToUpperInvariant());
 
             getString += $"&passphrase={safePassphrase}";
         }
 
         return HashService.ToMd5Hash(getString);
-    }    
+    }
+
+    private static string[] GetPayfastMandatoryFieldSequence() =>
+        [
+            "merchant_id",
+            "merchant_key",
+            "return_url",
+            "cancel_url",
+            "notify_url",
+            "name_first",
+            "name_last",
+            "email_address",
+            "cell_number",
+            "m_payment_id",
+            "amount",
+            "item_name",
+            "item_description",
+            "custom_int1",
+            "custom_int2",
+            "custom_int3",
+            "custom_int4",
+            "custom_int5",
+            "custom_str1",
+            "custom_str2",
+            "custom_str3",
+            "custom_str4",
+            "custom_str5",
+            "email_confirmation",
+            "confirmation_address",
+            "payment_method",
+            "subscription_type",
+            "billing_date",
+            "recurring_amount",
+            "frequency",
+            "cycles"
+        ];
 }

LiteCharms.Features.MidrandBooks/Payments/PaymentService.cs

@@ -123,8 +123,7 @@ public sealed class PaymentService(IDbContextFactory<MidrandBooksDbContext> cont
             await using var context = await contextFactory.CreateDbContextAsync(cancellationToken);
 
             var exists = await context.Ledger.AnyAsync(l =>
-                l.OrderId == orderId &&
-                l.PaymentId == paymentId, cancellationToken);
+                l.OrderId == orderId && l.PaymentId == paymentId && l.Status == LedgerStatuses.Completed, cancellationToken);
 
             return Result.Ok(exists);
         }
@@ -162,7 +161,8 @@ public sealed class PaymentService(IDbContextFactory<MidrandBooksDbContext> cont
                 CustomerId = request.CustomerId,
                 OrderId = request.OrderId,
                 PaymentId = request.PaymentId,
-                Status = request.Status,
+                MerchantPaymentId = request.PaymentGatewayReference,
+                Status = request.Status,                
             });
 
             return await context.SaveChangesAsync(cancellationToken) > 0

LiteCharms.Features.MidrandBooks/Postgres/Migrations/20260612210020_OnlyEmailIsMandatoryOnCustomer.cs

@@ -0,0 +1,54 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace LiteCharms.Features.MidrandBooks.Postgres.Migrations
+{
+    /// <inheritdoc />
+    public partial class OnlyEmailIsMandatoryOnCustomer : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.AlterColumn<string>(
+                name: "Website",
+                table: "Customers",
+                type: "text",
+                nullable: true,
+                oldClrType: typeof(string),
+                oldType: "text");
+
+            migrationBuilder.AlterColumn<string>(
+                name: "Phone",
+                table: "Customers",
+                type: "text",
+                nullable: true,
+                oldClrType: typeof(string),
+                oldType: "text");
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.AlterColumn<string>(
+                name: "Website",
+                table: "Customers",
+                type: "text",
+                nullable: false,
+                defaultValue: "",
+                oldClrType: typeof(string),
+                oldType: "text",
+                oldNullable: true);
+
+            migrationBuilder.AlterColumn<string>(
+                name: "Phone",
+                table: "Customers",
+                type: "text",
+                nullable: false,
+                defaultValue: "",
+                oldClrType: typeof(string),
+                oldType: "text",
+                oldNullable: true);
+        }
+    }
+}

LiteCharms.Features.MidrandBooks/Postgres/Migrations/MidrandBooksDbContextModelSnapshot.cs

@@ -17,7 +17,7 @@ namespace LiteCharms.Features.MidrandBooks.Postgres.Migrations
         {
 #pragma warning disable 612, 618
             modelBuilder
-                .HasAnnotation("ProductVersion", "10.0.8")
+                .HasAnnotation("ProductVersion", "10.0.9")
                 .HasAnnotation("Relational:MaxIdentifierLength", 63);
 
             NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
@@ -309,7 +309,6 @@ namespace LiteCharms.Features.MidrandBooks.Postgres.Migrations
                         .HasDefaultValue(true);
 
                     b.Property<string>("Phone")
-                        .IsRequired()
                         .HasColumnType("text");
 
                     b.Property<DateTime?>("UpdatedAt")
@@ -321,7 +320,6 @@ namespace LiteCharms.Features.MidrandBooks.Postgres.Migrations
                         .HasColumnType("text");
 
                     b.Property<string>("Website")
-                        .IsRequired()
                         .HasColumnType("text");
 
                     b.HasKey("Id");

LiteCharms.Features.TechShop/LiteCharms.Features.TechShop.csproj

@@ -136,8 +136,8 @@
 
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.7" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.4" />
     <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
 
     <!-- global Usings -->

LiteCharms.Features.Tests.Common/appsettings.json

@@ -4,8 +4,6 @@
     "ValidHosts": [
       "www.payfast.co.za",
       "sandbox.payfast.co.za",
-      "w1w.payfast.co.za",
-      "w2w.payfast.co.za",
       "ips.payfast.co.za",
       "api.payfast.co.za",
       "payment.payfast.io"

LiteCharms.Features.Tests/http/midrandshop-api/http-client.env.json

@@ -0,0 +1,17 @@
+{
+  "payfast-local": {
+    "baseUrl": "https://localhost:7196",
+    "paymentId": "jdPB2zaKM3Z",
+    "signature": "6aeff59bb74f2448ff2c3d81b2ec95de",
+    "item_name": "System Architecture Book",
+    "amount": "350.00"
+  },
+  "payfast-uat": {
+    "baseUrl": "https://api.uat.midrandbooks.co.za",
+    "paymentId": "jdPB2zaKM3Z",
+    "signature": "6aeff59bb74f2448ff2c3d81b2ec95de",
+    "item_name": "System Architecture Book",
+    "amount": "350.00"
+  }
+}
+ 

LiteCharms.Features/Api/TokenService.cs

@@ -1,11 +1,10 @@
-using LiteCharms.Features.Abstractions;
-using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Api.Configuration;
 using LiteCharms.Features.Api.Models;
 using LiteCharms.Features.Api.Sdk;
 
 namespace LiteCharms.Features.Api;
 
-public sealed class TokenService(IConnectApi connectApi, IOptions<LiteCharmsClientSettings> clientOptions) : IService
+public sealed class TokenService(IConnectApi connectApi, IOptions<LiteCharmsClientSettings> clientOptions)
 {
     private readonly LiteCharmsClientSettings clientSettings = clientOptions.Value;
 

LiteCharms.Features/Browser/LocalStorageService.cs

@@ -1,8 +1,6 @@
-using LiteCharms.Features.Abstractions;
+namespace LiteCharms.Features.Browser;
 
-namespace LiteCharms.Features.Browser;
-
-public sealed class LocalStorageService(ProtectedLocalStorage storage) : IService
+public sealed class LocalStorageService(ProtectedLocalStorage storage)
 {
     public async ValueTask<Result> DeleteAsync(string key)
     {

LiteCharms.Features/Extensions/Api.cs

@@ -18,7 +18,7 @@ public static class Api
 
         return services;
     }
-    
+
     public static IServiceCollection AddSecurityApiSdk(this IServiceCollection services, IConfiguration configuration)
     {
         var configSection = configuration.GetSection(nameof(LiteCharmsClientSettings));
@@ -46,6 +46,8 @@ public static class Api
                 options.Retry.BackoffType = Polly.DelayBackoffType.Exponential;
             });
 
+        services.AddScoped<TokenService>();
+
         return services;
     }
 
@@ -75,6 +77,8 @@ public static class Api
             options.SaveTokens = true;
             options.GetClaimsFromUserInfoEndpoint = true;
 
+            options.ForwardSignOut = CookieAuthenticationDefaults.AuthenticationScheme;
+
             options.Scope.Clear();
             options.Scope.Add("openid");
             options.Scope.Add("profile");
@@ -141,17 +145,22 @@ public static class Api
             });
         });
 
-        app.MapGet("/logout", async (HttpContext context) =>
+        app.MapGet("/logout", async (HttpContext context, string? redirectUri = null) =>
         {
             var idToken = await context.GetTokenAsync("id_token");
 
-            var authProperties = new AuthenticationProperties { RedirectUri = "/", };
+            if (string.IsNullOrWhiteSpace(redirectUri))
+            {
+                var host = context.Request.Host.ToUriComponent();
+                redirectUri = $"https://{host}/";
+            }
 
-            if (!string.IsNullOrEmpty(idToken)) 
+            var authProperties = new AuthenticationProperties { RedirectUri = redirectUri, };
+
+            if (!string.IsNullOrEmpty(idToken))
                 authProperties.Parameters.Add("id_token_hint", idToken);
 
             await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, authProperties);
-            await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
         });
 
         return app;

LiteCharms.Features/LiteCharms.Features.csproj

@@ -79,7 +79,7 @@
   <!-- Quartz Scheduler-->
   <ItemGroup>    
     <PackageReference Include="Hashids.net" Version="1.7.0" />    
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.103">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>    
@@ -183,8 +183,8 @@
   
   <!-- Amazon S3 SDK -->
   <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.7" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.4" />
     
     <!-- global Usings -->
     <Using Include="Amazon.S3" />

LiteCharms.Infrastructure/LiteCharms.Infrastructure.csproj

@@ -0,0 +1,104 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <UserSecretsId>7770ab3b-72ee-4897-8e06-57d6613e050a</UserSecretsId>
+    <SignAssembly>True</SignAssembly>
+    <AssemblyOriginatorKeyFile>..\LiteCharms.snk</AssemblyOriginatorKeyFile>
+  </PropertyGroup>
+
+  <!-- Nuget Package Details -->
+  <PropertyGroup>
+    <PackageId>LiteCharms.Infrastructure</PackageId>
+    <Version>1.0.20</Version>
+    <Authors>Khwezi Mngoma</Authors>
+    <Company>Lite Charms (PTY) Ltd</Company>
+    <Description>Infrastructure components for Lite Charms applications.</Description>
+    <PackageProjectUrl>https://gitea.khongisa.co.za/litecharms/components</PackageProjectUrl>
+    <RepositoryUrl>https://gitea.khongisa.co.za/litecharms/components.git</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageIcon>icon.png</PackageIcon>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <None Include="..\LICENSE" Pack="true" PackagePath="\" />
+    <None Include="..\icon.png" Pack="true" PackagePath="\" />
+  </ItemGroup>
+
+  <!-- Quartz Scheduler-->
+  <ItemGroup>        
+    <PackageReference Include="Quartz" Version="3.18.1" />    
+    <PackageReference Include="Quartz.Plugins" Version="3.18.1" />
+    <PackageReference Include="Quartz.Plugins.TimeZoneConverter" Version="3.18.1" />
+    <PackageReference Include="Quartz.Serialization.SystemTextJson" Version="3.18.1" />
+
+    <!-- Global Usings -->
+    <Using Include="Quartz" />
+    <Using Include="Mediator" />
+    <Using Include="FluentResults" />
+  </ItemGroup>
+
+  <!-- Configuration -->
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.7" />    
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.7" />    
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.7" />    
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.7" />    
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.7" />
+    
+    <!-- Global Usings -->
+    <Using Include="Microsoft.Extensions.Configuration" />
+  </ItemGroup>
+  
+  <!-- Health Checks -->
+  <ItemGroup>    
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.7" />
+    
+    <!-- Global Usings -->
+    <Using Include="Microsoft.Extensions.Diagnostics.HealthChecks" />
+  </ItemGroup>
+
+  <!-- Database -->
+  <ItemGroup>
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.7">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.7" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.7">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="10.0.1" />
+
+    <!-- Global Usings -->
+    <Using Include="Npgsql" />
+    <Using Include="Microsoft.EntityFrameworkCore" />
+    <Using Include="Microsoft.EntityFrameworkCore.Design" />
+    <Using Include="Microsoft.EntityFrameworkCore.Metadata.Builders" />
+  </ItemGroup>
+
+  <!-- Project References -->
+  <ItemGroup>
+    <ProjectReference Include="..\LiteCharms.Abstractions\LiteCharms.Abstractions.csproj" />
+    <ProjectReference Include="..\LiteCharms.Entities\LiteCharms.Entities.csproj" />
+    <ProjectReference Include="..\LiteCharms.Models\LiteCharms.Models.csproj" />
+  </ItemGroup>
+
+  <!-- Global Usings -->
+  <ItemGroup>
+    <Using Include="System.Text.Json" />
+    <Using Include="Microsoft.Extensions.Hosting" />
+  </ItemGroup>
+  
+  <ItemGroup>
+    <None Update="appsettings.json">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+
+</Project>

LiteCharms.Models/LiteCharms.Models.csproj

@@ -0,0 +1,35 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <SignAssembly>True</SignAssembly>
+    <AssemblyOriginatorKeyFile>..\LiteCharms.snk</AssemblyOriginatorKeyFile>
+  </PropertyGroup>
+
+  <!-- Nuget Package Details -->
+  <PropertyGroup>
+    <PackageId>LiteCharms.Models</PackageId>
+    <Version>1.0.20</Version>
+    <Authors>Khwezi Mngoma</Authors>
+    <Company>Lite Charms (PTY) Ltd</Company>
+    <Description>Shared models for Lite Charms applications.</Description>
+    <PackageProjectUrl>https://gitea.khongisa.co.za/litecharms/components</PackageProjectUrl>
+    <RepositoryUrl>https://gitea.khongisa.co.za/litecharms/components.git</RepositoryUrl>
+    <RepositoryType>git</RepositoryType>
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageTags>utility;dotnet</PackageTags>
+    <PackageIcon>icon.png</PackageIcon>
+  </PropertyGroup>
+
+  <!-- Global Usings -->
+  <ItemGroup>
+    <Using Include="System.ComponentModel.DataAnnotations"/>
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Include="..\LICENSE" Pack="true" PackagePath="\" />
+    <None Include="..\icon.png" Pack="true" PackagePath="\" />
+  </ItemGroup>
+</Project>