We recommend using Composer for installation and update management.
composer require remp/crm-payments-module
Add installed extension to your app/config/config.neon
file.
extensions:
- Crm\PaymentsModule\DI\PaymentsModuleExtension
Add following commands to your scheduler (e.g. crontab) and change the path to match your deploy path:
# charge available recurrent payments
*/15 * * * * flock /tmp/payments_charge.lock /usr/bin/php /var/www/html/bin/command.php payments:charge
# pre-calculate payment-related metadata
04 04 * * * /usr/bin/php /var/www/html/bin/command.php payments:calculate_averages
You can configure time before which application:cleanup
deletes old repository data and column which it uses by using (in your project configuration file):
services:
paymentLogsRepository:
setup:
- setRetentionThreshold('-2 months', 'created_at')
You can configure fast charge threshold check by adding this to your configuration:
payments:
fastcharge_threshold: 24 # default: 24; number of hours (if set to 0 fast charge check is disabled)
Fast charge check is done by RecurrentPaymentsChargeCommand::validateRecurrentPayment
and it prevents system
from repeated charging if error occurs while charging.
For payment module to work correctly, please add execution of following commands to your scheduler. Example displays crontab usage for execution (alter paths to your deploy paths):
# calculate payment related averages; expensive calculations that should be done nightly
04 04 * * * php /var/www/html/bin/command.php payments:calculate_averages
# recurrent payment charges; using flock to allow only single instance running at once
*/15 * * * * flock /tmp/payments_charge.lock /usr/bin/php /var/www/html/bin/command.php payments:charge
### OPTIONAL
# failcheck to prevent payments not working without anyone noticing (see command options)
*/10 * * * * php /var/www/html/bin/command.php payments:last_payments_check [email protected]
# try to acquire debit card expiration dates for cards that don't have it
*/10 * * * * php /var/www/html/bin/command.php payments:update_recurrent_payments_expires
# stop recurrent payments with expired cards
7 2 1 * * php /var/www/html/bin/command.php payments:stop_expired_recurrent_payments
# if you use Cardpay/Comfortpay gateways and bank sends you email notifications, you can confirm payments based
# on those emails
*/3 * * * * php /var/www/html/bin/command.php payments:tatra_banka_mail_confirmation
Module might provide service commands to be run in the deployed environment. Mostly to handle internal changes
and to prevent direct manipulation with the database. You can display required and optional arguments by using
--help
switch when running the command.
Payments module doesn't provide service commands.
Module has a default set of supported payment gateways developed and used by us:
free
. Developed for development purposes, to be used for testing payment-related flows.bank_transfer
. Gateway generates unfinished payment and displays user bank account, amount and transaction identification so the payment can be paired and confirmed later.cardpay
(tatrabanka.sk). One-time card payment provided by Slovak bank.comfortpay
(tatrabanka.sk). Recurrent card payment provided by Slovak bank (CRM is handling charging)csob
(csob.cz). One-time card payment provided by Czech bank.csob_one_click
(csob.cz). Recurrent card payment provided by Czech bank (CRM ish handling charging)paypal
(paypal.com). One-time payment provided by major global provider.paypal_reference
(paypal.com). Recurrent payment provided by major global provider (CRM is handling charging)tatrapay
(tatrabanka.sk). One-time payment linked to Slovak bank's internet banking.
By default, only bank_transfer
as a default payment gateway is enabled by PaymentsModule. You can enable gateways you wish to use by adding following snippet to your app/config/config.neon
:
services:
# ...
gatewayFactory:
setup:
- registerGateway(free, Crm\PaymentsModule\Gateways\Free)
At this moment, there are several gateway implementations you can add to your CRM installation as a separate module:
stripe
(stripe.com). One-time payment provided by major global provider.stripe_recurrent
(stripe.com). Recurrent payment provided by major global provider (CRM is handling charging)slsp_sporopay
(slsp.sk). One-time payment linked to Slovak bank's internet banking.vub_eplatby
(vub.sk). One-time payment linked to Slovak bank's internet banking.
Standard and initial recurrent payment have common beginning of process. Once the system generates instance of new payment, user can be redirected to payment gateway for processing. Each gateway requires different set of parameters to be provided, therefore gateway is responsible for generating the redirect URL with all required parameters.
As remp/crm-payments-module
is responsible only for actual payment processing, frontend flow can be managed by our
remp/crm-salesfunnel-module
which provides a way to create
sales funnels (payment windows), aggregates statistics and displays user success page after the payment with possibility
to extend it with widgets.
After the payment, user is directed back to the CRM. Each gateway provides its own URL where user is directed for payment completion processing.
If the payment is successful, payments module uses PaymentCompleteRedirectManager
to determine what kind of success page the user should see. If crm-salesfunnel-module
is used, user is directed
to the success page registered by the module.
The flow of payment processing can be described with following diagram:
If the payment uses gateway that supports recurrent payment, the initial flow is usually the same as with the regular payments. The difference comes in during processing of successful initial payment.
PaymentsModule creates new instance of recurrent payment - a profile defining when the system should charge user again, and what subscription type will the user get when charged.
Each recurrent payment instance represent a single payment that will be charged in the future. That means, that if the charge fails, system creates new recurrent payment with charge date calculated based on retry rules and stores failing information to the original recurrent payment. Similarly, if the charge was successful, new subscription is created and new recurrent payment is defined to be charged in the next period. Thanks to that the system is able to provide information about each charge attempt for whole history of user charging including the bank approval/failure code.
This is all done on backend without system requiring any kind of user interaction. This block merely explains the flow and describes the terms so when displayed in CRM admin, the reader understands the displayed data.
To charge the user, add payments:charge
command to your scheduler. Command doesn't handle concurrent runs - that means
that it's responsibility of your scheduler to prevent multiple overlapping instances of command running at the same time.
Otherwise a user could be charged twice during the same period.
We recommend using flock
or some other locking tool which will prevent command to be execute while the previous
instance is still running. Following is an example snippet for crontab to run the charging every 15 minutes:
*/15 * * * * flock /tmp/payments_charge.lock /usr/bin/php /var/www/html/bin/command.php payments:charge
If gateway supports it, CRM fetches expiration date for each cid
(effectively credit card) used to execute recurring charges. Optionally, you can add command to your scheduler that automatically stops expired recurrent payments:
# stop recurrent payments with expired cards
7 2 1 * * php /var/www/html/bin/command.php payments:stop_expired_recurrent_payments
When recurrent payment is stopped, Crm\PaymentsModule\Events\RecurrentPaymentCardExpiredEvent
is emitted. By default, PaymentsModule
checks if there's another active recurring payment for user. If there isn't, it sends NotificationEvent
with card_expires_this_month
template code.
If you're not satisfied with the default implementation, you can remove the default handler by unregistering it in your module definition:
class FooModule extends Crm\ApplicationModule\CrmModule
{
// ...
public function registerEventHandlers(League\Event\Emitter $emitter)
{
$emitter->removeListener(
\Crm\PaymentsModule\Events\RecurrentPaymentCardExpiredEvent::class,
$this->getInstance(\Crm\PaymentsModule\Events\RecurrentPaymentCardExpiredEventHandler::class)
);
// ...
}
}
You can implement and integrate new gateways to the CRM if necessary. Based on whether you're implementing standard
or recurrent gateway, you implementation should implement just Crm\PaymentsModule\Gateways\PaymentInterface
or the former and Crm\PaymentsModule\Gateways\RecurrentPaymentInterface
.
When implementing a gateway, we recommend extending Crm\PaymentsModule\Gateways\GatewayAbstract
to avoid implementing parts which are always similar and would cause code duplication.
Once you have your implementation ready, you need to seed it into the database from within seeder in your own module (see PaymentGatewaysSeeder as an example) and register it into the application's configuration:
services:
# ...
- Crm\FooModule\Gateways\Foo
# ...
gatewayFactory:
setup:
- registerGateway(foo, Crm\FooModule\Gateways\Foo)
Then, add seeder that will insert the gateway to database. See Crm\PaymentsModule\Seeders\PaymentGatewaysSeeder
as an example seeder implementation and register seeders section
of CRM skeleton documentation too see how the seeders should be registered in your module.
If you want to change the success page displayed to user after the payment based on any arbitrary rule - for example
your gateway might want user to see some special offering or require him to enter some additional data - you can register
redirect resolver to process this request. When the payment is confirmed, redirect resolver will decide (based on
priority of registered resolvers) whether to redirect user to a special success page or whether a default success page
(if remp/crm-salesfunnel-module
is used) is sufficient.
The implementation of redirect resolver can look like this:
<?php
namespace Crm\FooModule\Model;
use Crm\PaymentsModule\Model\PaymentCompleteRedirectResolver;
use Nette\Database\Table\ActiveRow;
class FooPaymentCompleteRedirectResolver implements PaymentCompleteRedirectResolver
{
public function wantsToRedirect(?ActiveRow $payment, string $status): bool
{
if ($payment && $status === self::PAID) {
return $payment->payment_gateway->code === 'foo_gateway';
}
return false;
}
public function redirectArgs(?ActiveRow $payment, string $status): array
{
if ($payment && $status === self::PAID) {
return [
':Foo:SalesFunnel:Success',
['variableSymbol' => $payment->variable_symbol],
];
}
throw new \Exception('unhandled status when requesting redirectArgs (did you check wantsToRedirect first?): ' . $status);
}
}
In the example the resolver first checked whether the redirection should happen for this particular payment - it should
happen if the payment was done via foo_gateway
. Then the redirectArgs
method returns array of arguments,
that will be 1:1 used in Nette's $this->redirect()
call. User will be redirected to renderSuccess
method
of SalesFunnelPresenter
that is implemented in our FooModule
and presents user our own success page.
When the implementation is ready, resolver needs to be registered in the app/config/config.neon
with the priority
specifying order of execution of resolvers - higher the number, higher the priority.
services:
# ...
paymentCompleteRedirect:
setup:
- registerRedirectResolver(Crm\FooModule\Model\FooPaymentCompleteRedirectResolver(), 400)
When bank_transfer
is used, user isn't redirected to external payment gateway provider, but CRM displays payment information that user should use to complete the payment manually.
By default, this is handled by BankTransferPresenter
, but you can use your own custom screen with transfer information by using your own redirect resolver instead of bank transfers' default resolver.
Create the resolver and register it with priority >10 in your config.neon
.
services:
# ...
paymentCompleteRedirect:
setup:
- registerRedirectResolver(Crm\FooModule\BankTransferPaymentCompleteRedirectResolver(), 50)
Sometimes user doesn't finish the whole payment process and quits after the payment was made but before returning to the CRM for internal payment confirmation. That scenario is always unpleasant as user doesn't have money nor subscription.
To support this scenario, we've added possibility to read bank confirmation emails and try to confirm unfinished payments based on incoming emails.
The implementation is not universal yet and you'd need to create your own command for checking the mailbox. Please take a look at two implementations that we included within this package: confirmation commands for Tatra banka and for CSOB.
By default, our mail processing commands (e.g.: Tatra banka, CSOB) are using our implementation of mail downloader: ImapMailDownloader. You can replace this downloader if needed by:
- creating your own mail downloader which must implement MailDownloaderInterface
- replacing default implementation with your own in your app config neon file:
services:
mailDownloader: Crm\YourModule\Models\MailDownloader\YourMailDownloader
Payments module provides a very basic way how to handle the upgrades. The upgrades are not currently configurable and work with predefined set of rules. There are 4 type of upgrades available:
- Shortening. If user's subscription doesn't end in the near time, system allows upgrade via shortening of actual subscription. The amount of days to shorten is based on number of remaining days of current subscription and the price of subscription type user's being upgraded to. Shortening is not trigerred if the shortened subscription would end sooner than in 14 days.
- Paid upgrade. If the shortening is not available, user is offered a paid upgrade. The amount to pay is calculated based
- Paid recurrent. Triggered when user's current subscription is recurrent and the subscription doesn't end within the following 5 days. Immediate charge amount is calculated based on upgraded subscription type price and the remaining number of days of current users's subscription. Next period charge is then made with the price of upgraded subscription.
- Free recurrent. If user has less than 5 days of subscription remaining, system allows the free upgrade to higher subscription. Next period charge is then made with the price of upgraded subscription.
Upgrade options for subscription types are configurable within subscription type detail in CRM admin. Upgrades don't check the content of each subscription type - therefore they cannot automatically determine that monthly web subscription can be upgraded to monthly web + print subscription. Each upgrade has to be configured manually and all upgrade options are always determined based on actual subscription, price of actual subscription type and price of upgraded subscription type.
If the VAT rate changes in your country, there are two commands that help you update the system. Schedule them to be executed on the date of VAT change.
payments:change_vat --original-vat=X --target-vat=Y
- Command changes all existing subscription type items and each affected (
type=subscription_type
) payment item. You can test the command before the VAT change date by using--dry-run
and--verbose
options. - If you used other types of payments (e.g.
type=product
made byremp/crm-products-module
), read their READMEs or create your own command to handle the change based on the command from this module.
- Command changes all existing subscription type items and each affected (
application:change_config_value vat_default Y
- Command changes system default VAT to the new default VAT rate. Use this only when the standard VAT rate changes.
Before each payment is created, CRM internally assigns it one of the VAT modes - one of B2C, B2B or B2B Reverse-charge mode. Each payment is then processed according to the selected mode.
B2C mode is selected by default by payments module. If you want to set different mode for a payment, the options are:
- Include invoice module in your CRM configuration. The module provides mode selecting functionality out-of-the-box. It uses invoice address for deciding who is a valid B2B customer.
- Or implement
VatModeDataProviderInterface
data provider. It providesgetVatMode
function, which decides who is considered a valid B2B customer.
No VAT related changes are applied.
When B2B reverse-charge mode is applied, VAT is not included in the payment. Practically, this is done by subtracting the VAT from the final sum (as if 0% VAT was set).
No VAT related changes are applied, unless One Stop Shop mode is enabled.
One Stop Shop (OSS) is an optional VAT feature, that can be turned on for payments made in B2C mode. For more details about its specifics, see https://vat-one-stop-shop.ec.europa.eu/index_en.
⚠ One Stop Shop works for EU countries only.
Prerequisites and setup
For turning on the OSS feature, you need:
- Populated
vat_rates
table with current VAT rates. See [Vatstack setup](Loading VAT rates using Vatstack service) for more details.
The feature can be turned on in CRM settings in /admin/config-admin/
in Payments section.
How it works
If enabled, each payment is assigned a payment country when the payment is created. Payment country is resolved according to multiple rules, sorted by priority:
- Country provided by
OneStopShopCountryResolutionDataProviderInterface
data provider.- For example,
InvoiceModule
resolves the payment country depending on invoice address country.
- For example,
- Payment address country.
- Explicitly selected payment country, for example by user in sales funnel.
- Derived from previous payment (e.g. for recurrent payments).
- Derived from user's IP address location.
After resolving, payment country is stored along with other payment data. Next, if payment is made outside the default country, OSS adjust VAT rates of the payment items.
VAT rate is adjusted accordingly:
- VAT rates for particular payment country are loaded from
vat_rates
DB table. - Table
vat_rates
contains only VAT rates of EU countries. - If no record is found, system considers that as the third country (outside of EU), 0% VAT rate is used.
- Otherwise, one of the loaded VAT rates (each country may have several VAT levels) is set.
- VAT rate level is selected either by
OneStopShopVatRateDataProviderInterface
data provider or a "standard" VAT rate is applied.- Data provider may select VAT rate level depending on arbitrary rules, for example, for "print" payment items, "reduced" VAT rate level may be applied.
To load current VAT rates of EU member countries, we decided to use free VAT rate service https://vatstack.com/ which handles all issues with official EU VAT rates list for us.
After registration you'll find your API keys on page Developers->Api Keys. Add your public API key into your config.neon
:
services:
vatStackApiClient:
setup:
- setApiKey('{VATSTACK_PUBLIC_API_KEY}')
# or load it from environment variable
#- setApiKey(@environmentConfig::get('PAYMENTS_VATSTACK_API_KEY'))
Or you can provide API key with option --vatstack_api_key={VAT-STACK-PUBLIC-API-KEY}
when running command.
# upsert all EU members; API key loaded from config.neon
php bin/command.php payments:upsert_eu_vat_rates
# upsert all EU members; API key loaded from option
php bin/command.php payments:upsert_eu_vat_rates --vatstack_api_key={VAT-STACK-PUBLIC-API-KEY}
# upsert only one country (Slovakia in this example)
php bin/command.php payments:upsert_eu_vat_rates --country_code=SK
VAT rates are stored into vat_rates
table for each EU member country (linked to countries
table with foreign key country_id
).
VAT rates do not change often, but we strongly recommend to add this command into your scheduler (eg. cron). Expired VAT rates are kept with column valid_to
set to date when system (this command) expired them.
To get current VAT rates for one country, call method VatRatesRepository->getByCountryAndDate()
.
$country = $this->countriesRepository->findByIsoCode('SK');
// currently valid vat rates for country
$currentVatRates = $this->vatRatesRepository->getByCountry($country);
// country vat rates valid when payment was paid
$pastVatRates = $this->vatRatesRepository->getByCountryAndDate($country, $payment->created_at);
All examples use http://crm.press
as a base domain. Please change the host to the one you use
before executing the examples.
All examples use XXX
as a default value for authorization token, please replace it with the
real tokens:
- API tokens. Standard API keys for server-server communication. It identifies the calling application as a whole.
They can be generated in CRM Admin (
/api/api-tokens-admin/
) and each API key has to be whitelisted to access specific API endpoints. By default the API key has access to no endpoint. - User tokens. Generated for each user during the login process, token identify single user when communicating between
different parts of the system. The token can be read:
- From
n_token
cookie if the user was logged in via CRM. - From the response of
/api/v1/users/login
endpoint - you're free to store the response into your own cookie/local storage/session.
- From
API responses can contain following HTTP codes:
Value | Description |
---|---|
200 OK | Successful response, default value |
400 Bad Request | Invalid request (missing required parameters) |
403 Forbidden | The authorization failed (provided token was not valid) |
404 Not found | Referenced resource wasn't found |
If possible, the response includes application/json
encoded payload with message explaining
the error further.
Handles the IPN notifications from PayPal. Follow this guide to enable IPN notifications for your PayPal account. Use http://crm.press/api/v1/payments/paypal-ipn
as "Notification URL" (replace http://crm.press
with your domain).
Note: when switching to "live" mode, don't forget to also change the paypal_ipn_baseurl
config to the live IPN endpoint (see here)
API call returns unique variable symbol (transaction ID) to be used for new payment instance.
Name | Value | Required | Description |
---|---|---|---|
Authorization | Bearer String | yes | User token. Token must belong to user with admin flag. |
curl -X POST \
http://crm.press:8080/api/v1/payments/variable-symbol \
-H 'Accept: application/json, text/plain, */*' \
-H 'Authorization: Bearer XXX'
Response:
{
"status": "ok",
"variable_symbol": "2735309229"
}
API call returns list of all user's recurrent payments.
Name | Value | Required | Description |
---|---|---|---|
Authorization | Bearer String | yes | User token. |
Name | Value | Required | Description |
---|---|---|---|
states | String Array | no | Filter to return only payments with desired states. Available values: active , user_stop , admin_stop , pending , charged , charge_failed , system_stop . |
chargeable_from | String | no | ISO 8601 based date to filter only payments with charge_at parameter after the specified date. |
curl 'http://crm.press/api/v1/users/recurrent-payments?states[]=active&states[]=user_stop&chargeable_from=2020-07-10T09%3A13%3A38%2B00%3A00' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXX'
Response:
[
{
"id": 154233,
"parent_payment_id": 1231610,
"charge_at": "2020-10-07T08:54:00+02:00",
"payment_gateway_code": "stripe_recurrent",
"subscription_type_code": "sample",
"state": "active",
"retries": 4
}
]
API call to reactivate user's recurrent payment.
Conditions to successfully reactivate recurrent payment:
- RecurrentPayment has to be in
\Crm\PaymentsModule\Repository\RecurrentPaymentsRepository::STATE_USER_STOP
state. - Next charge of payment has to be in future (>= now).
Changes:
- State of recurrent payment is set to
\Crm\PaymentsModule\Repository\RecurrentPaymentsRepository::STATE_ACTIVE
.
Name | Value | Required | Description |
---|---|---|---|
Authorization | Bearer String | yes | User token. |
Name | Value | Required | Description |
---|---|---|---|
id | Integer | yes | RecurrentPayment ID. |
curl -X POST 'http://crm.press/api/v1/recurrent-payment/reactivate' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXX' \
--data-raw '{
"id": 999999
}'
Response:
On success HTTP status 200 OK is returned with recurrent payment's details.
{
"id": 999999,
"parent_payment_id": 1234567,
"charge_at": "2020-10-07T08:54:00+02:00", // charge is not changed when reactivating recurrent
"payment_gateway_code": "stripe_recurrent",
"subscription_type_code": "sample",
"state": "active", // on success, state is always set to `active`
"retries": 4
}
In addition to API responses described at the beginning of API documentation section:
Value | Description |
---|---|
409 Conflict | Recurrent payment cannot be stopped by user (reason is in error message) |
API call to stop user's recurrent payment.
Conditions to successfully stop recurrent payment:
- RecurrentPayment has to be in
\Crm\PaymentsModule\Repository\RecurrentPaymentsRepository::STATE_ACTIVE
state.
Changes:
- State of recurrent payment is set to
\Crm\PaymentsModule\Repository\RecurrentPaymentsRepository::STATE_USER_STOP
.
Name | Value | Required | Description |
---|---|---|---|
Authorization | Bearer String | yes | User token. |
Name | Value | Required | Description |
---|---|---|---|
id | Integer | yes | RecurrentPayment ID. |
curl -X POST 'http://crm.press/api/v1/recurrent-payment/stop' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer XXX' \
--data-raw '{
"id": 999999
}'
Response:
On success HTTP status 200 OK is returned with recurrent payment's details.
{
"id": 999999,
"parent_payment_id": 1234567,
"charge_at": "2020-10-07T08:54:00+02:00", // charge is not changed when stopping recurrent
"payment_gateway_code": "stripe_recurrent",
"subscription_type_code": "sample",
"state": "user_stop", // this endpoint always sets state to `user_stop`
"retries": 4
}
In addition to API responses described at the beginning of API documentation section:
Value | Description |
---|---|
409 Conflict | Recurrent payment cannot be stopped by user (reason is in error message) |
ActualFreeSubscribersStatWidget
Simple admin dashboard widget showing free subscribers count.
ActualPaidSubscribersStatWidget
Simple admin dashboard widget showing paid subscribers count.
ChangePaymentStatus
Admin listing/detail change payment status modal component.
DeviceUserListingWidget
Admin user listing device component.
DonationPaymentItemListWidget
DupliciteRecurrentPayments
Admin listing of duplicit recurrent payments.
LastPayments
Admin listing of last payments in payment gateway detail.
MonthAmountStatWidget
Admin dashboard simple stat widget showing payments amount for last month.
MonthToDateAmountStatWidget
Admin dashboard simple stat widget showing payments amount for last month.
MyNextRecurrentPayment
ParsedMails
Payments admin widget showing payments with wrong amount.
PaymentItemsListWidget
Admin listing of payment items in payment detail.
SubscribersWithPaymentWidget
Admin dashboard single stat widget.
SubscriptionsWithActiveUnchargedRecurrentEndingWithinPeriodWidget
Admin listing widget.
SubscriptionsWithoutExtensionEndingWithinPeriodWidget
Admin dashboard stats widget.
SubscriptionTypeReports
Admin subscription type detail stats widget.
TodayAmountStatWidget
Admin dashboard simple single stat widget.
TotalAmountStatWidget
Admin dashboard simple single stat widget.
TotalUserPayments
Admin user detail stat widget.
UserPayments
Admin user detail listing widget.
Examples of confirmation mails received from banks. Every type of mail has it's own IMAP access configurable in application configuration.
From: b-mail (at) tatrabanka (dot) sk
Subject: e-commerce
From: b-mail (at) tatrabanka (dot) sk
Subject: Kredit na ucte
From: vypis_obchodnik (at) tatrabanka (dot) sk
From: notification (at) csob (dot) cz
Subject: CEB Info: Zaúčtování platby
From: AdminTBS (at) csob (dot) sk
Subject: ČSOB Info 24 - Avízo