Joyida Payment SDK

O'zbek

English

O'zbek

English

Appearance

Autentifikatsiya

@joyida/payme SDKsi ikki xil autentifikatsiya usulini qo'llab-quvvatlaydi: Merchant API uchun Basic autentifikatsiya va Subscribe API uchun X-Auth sarlavhasi.

Merchant API autentifikatsiyasi

Merchant API HTTP Basic autentifikatsiyadan foydalanadi.

Autentifikatsiya formati 

Authorization: Basic base64(Paycom:SECRET_KEY)

SDKda ishlatish

SDK avtomat ravishda autentifikatsiya sarlavhasini yaratadi:

typescript
import { PaymeMerchant } from '@joyida/payme';

// SDK avtomat ravishda autentifikatsiya sarlavhasini yaratadi
const payme = new PaymeMerchant({
  secretKey: 'your_secret_key'
});

// Barcha so'rovlar avtomat autentifikatsiya bilan yuboriladi
await payme.checkPerformTransaction({
  amount: 500000,
  account: { order_id: 'ORD-123' }
});

Qo'lda autentifikatsiya sarlavhasini yaratish

Agar kerak bo'lsa, qo'lda yaratishingiz mumkin:

typescript
import { createBasicAuth } from '@joyida/payme';

const secretKey = 'your_secret_key';
const authHeader = createBasicAuth(secretKey);

console.log(authHeader); // "Basic UGF5Y29tOnlvdXJfc2VjcmV0X2tleQ=="

Autentifikatsiya Yordamchi Funksiyalari

Eskirgan Bildirishnoma

AuthManager klassi eskirgan va 0.5.0 versiyasida olib tashlanadi. Iltimos, nomdosh autentifikatsiya funksiyalarini ishlating.

Ko'chirish:

typescript
// ❌ Eski (eskirgan)
import { AuthManager } from '@joyida/payme';
AuthManager.createBasicAuth('secret');

// ✅ Yangi (tavsiya etilgan)
import { createBasicAuth } from '@joyida/payme';
createBasicAuth('secret');

SDK avtomat ravishda autentifikatsiya sarlavhasini yaratadi:

typescript
import { createXAuth } from '@joyida/payme';

// Klient tomon rejimi
const clientHeader = createXAuth('merchant_id', undefined, 'client');
// Returns: "merchant_id"

// Server tomon rejimi
const serverHeader = createXAuth('merchant_id', 'password', 'server');
// Returns: "merchant_id:password"

Subscribe API autentifikatsiyasi

Subscribe API X-Auth maxsus sarlavhasidan foydalanadi. Ushbu sarlavha ishlatilgan rejimga bog'liq.

Klient tomon rejimi (Card Tokenization)

Kartalarni tokenizatsiya qilish uchun ishlatiladi. Faqat merchant ID talab qilinadi.

X-Auth: MERCHANT_ID

Server tomon rejimi (Card Management & Receipts)

Kartalarni boshqarish va cheklar yaratish uchun ishlatiladi. Merchant ID va parol talab qilinadi.

X-Auth: MERCHANT_ID:PASSWORD

SDKda ishlatish

SDK avtomat ravishda to'g'ri X-Auth formatini yaratadi:

typescript
import { PaymeSubscribe } from '@joyida/payme';

// Klient tomon - faqat merchant ID
const subscribeClient = new PaymeSubscribe({
  merchantId: 'your_merchant_id'
}, 'client');

// X-Auth: "your_merchant_id"

// Server tomon - merchant ID va parol
const subscribeServer = new PaymeSubscribe({
  merchantId: 'your_merchant_id',
  password: 'your_password'
}, 'server');

// X-Auth: "your_merchant_id:your_password"

Qo'lda X-Auth sarlavhasini yaratish

typescript
import { AuthManager } from '@joyida/payme';

// Klient tomon
const clientAuth = AuthManager.createXAuth('12345', undefined, 'client');
console.log(clientAuth); // "12345"

// Server tomon
const serverAuth = AuthManager.createXAuth('12345', 'myPassword', 'server');
console.log(serverAuth); // "12345:myPassword"

Autentifikatsiya xatolarini hal qilish

"Forbidden" (-32504) xatosi

Bu xato noto'g'ri tizimga kirish ma'lumotlarini bildiradi.

Yechimlar:

  1. Merchant ID tekshiruvi:

    typescript
    console.log(process.env.PAYME_MERCHANT_ID); // To'g'riligini tekshiring

  2. Maxfiy kalit tekshiruvi:

    typescript
    console.log(process.env.PAYME_SECRET_KEY); // To'g'riligini tekshiring

  3. Bo'shliqlar borligini tekshiring:

    bash
    # ❌ Noto'g'ri
PAYME_SECRET_KEY= secret_key

# ✅ To'g'ri
PAYME_SECRET_KEY=secret_key

  4. Test va ishlab chiqarish muhitlarini aralashtirmang:

    typescript
    const baseURL = process.env.NODE_ENV === 'test'
  ? 'https://checkout.test.paycom.uz/api'
  : 'https://checkout.paycom.uz/api';

// Test muhiti uchun test kalitlaridan foydalaning
const secretKey = process.env.NODE_ENV === 'test'
  ? process.env.PAYME_TEST_SECRET_KEY
  : process.env.PAYME_SECRET_KEY;

"Password required for server-side Subscribe API" xatosi

Bu xato server tomon Subscribe API rejimida parolni taqdim etmasdan yaratilganini bildiradi.

Noto'g'ri:

typescript
// Parol yo'q - xato!
const subscribe = new PaymeSubscribe({
  merchantId: 'your_merchant_id'
  // password yo'q!
}, 'server');

To'g'ri:

typescript
// Parol bor - to'g'ri!
const subscribe = new PaymeSubscribe({
  merchantId: 'your_merchant_id',
  password: 'your_password' // Parol majburiy server tomon rejimda
}, 'server');

Xavfsizlik amaliyotlar

1. Tizimga kirish ma'lumotlarini kodga yozmang

Yomon:

typescript
const payme = new PaymeMerchant({
  secretKey: 'my_secret_key_123' // Kodga yozilgan!
});

Yaxshi:

typescript
const payme = new PaymeMerchant({
  secretKey: process.env.PAYME_SECRET_KEY! // Muhit o'zgaruvchisidan
});

2. .env faylini .gitignore qo'shing 

# .gitignore
.env
.env.local
.env.*.local

3. Muhit o'zgaruvchilarini tasdiqlang

typescript
function validateEnv() {
  const required = ['PAYME_SECRET_KEY', 'PAYME_MERCHANT_ID'];
  const missing = required.filter(key => !process.env[key]);

  if (missing.length > 0) {
    throw new Error(
      `Muhit o'zgaruvchilari topilmadi: ${missing.join(', ')}`
    );
  }
}

// Ilova boshlanishida
validateEnv();

4. Production muhitida debug rejimini o'chiring

typescript
const payme = new PaymeMerchant({
  secretKey: process.env.PAYME_SECRET_KEY!,
  debug: process.env.NODE_ENV === 'development' // Faqat rivojlanishda
});

To'liq misol

typescript
import { PaymeMerchant, PaymeSubscribe } from '@joyida/payme';

// Muhit o'zgaruvchilarini tasdiqlash
function validateEnv() {
  const required = ['PAYME_SECRET_KEY', 'PAYME_MERCHANT_ID'];
  const missing = required.filter(key => !process.env[key]);

  if (missing.length > 0) {
    throw new Error(
      `Muhit o'zgaruvchilari topilmadi: ${missing.join(', ')}`
    );
  }
}

validateEnv();

// Merchant API - Basic autentifikatsiya
const payme = new PaymeMerchant({
  merchantId: process.env.PAYME_MERCHANT_ID!,
  secretKey: process.env.PAYME_SECRET_KEY!,
  baseURL: process.env.NODE_ENV === 'test'
    ? 'https://checkout.test.paycom.uz/api'
    : 'https://checkout.paycom.uz/api',
  debug: process.env.NODE_ENV === 'development'
});

// Subscribe API - klient tomon (faqat merchant ID)
const subscribeClient = new PaymeSubscribe({
  merchantId: process.env.PAYME_MERCHANT_ID!,
  baseURL: process.env.NODE_ENV === 'test'
    ? 'https://checkout.test.paycom.uz/api'
    : 'https://checkout.paycom.uz/api',
}, 'client');

// Subscribe API - server tomon (merchant ID va parol)
const subscribeServer = new PaymeSubscribe({
  merchantId: process.env.PAYME_MERCHANT_ID!,
  password: process.env.PAYME_PASSWORD!,
  baseURL: process.env.NODE_ENV === 'test'
    ? 'https://checkout.test.paycom.uz/api'
    : 'https://checkout.paycom.uz/api',
  debug: process.env.NODE_ENV === 'development'
}, 'server');

MIT Lizenziyasi ostida chiqarilgan.

Copyright © 2026 Joyida Team