REST API: Checkout/Order API #1322
Comments
|
Issue-Label Bot is automatically applying the label Links: app homepage, dashboard and code for this bot. |
|
We talked about this in slack a bit today (p1576592217032800-slack-C8X6Q7XQU) and I'll document some answers to questions here:
As noted in our discussion, we felt that it would be best to create the order when we have a key piece of information in the checkout (i.e. email). It can be created in the background as the user is filling out the rest of the information.
This was not discussed (yet) but at a minimum I think the following should exist in order to create the order:
Some other thoughts/ideas:
If orders are tied to cart/session id is this still a potential issue? Is this a problem that has some history in Woo Core already? If so, what mechanisms were introduced to help mitigate it?
This has bearing on the the reference pull I created in #1349 (which is now linked). I think this should actually simplify things because now we can pass along the order ID along with the updated (and locked in) checkout data to the payment method for completing the payment. The payment would then notify the checkout when payment is successfully completed or not and the checkout would take care of any further processing after that. Since payment method logic is being left up to the payment method themselves, I'm hoping much of the existing logic in payment methods/core can be preserved for this stage of the process.
As soon as the order is created (after email is entered) then order summary can be updated. If there are any changes, we should alert the user. A good question from a design standpoint though, should we differentiate between the two states in the ui: Example transition from "Pending Order Summary" to "Order Summary" in the label for the order summary are in the existing mockups? (cc @garymurray for thoughts).
I guess this depends somewhat on how this happens now. Does core currently reduce stock on successful payment? Is this configured by the store owner? Are there enhancements to this that we want to implement regardless of how core does it currently (and what would those be)? I'm assuming for MVP we want to mostly mirror core? |
If we opt for creating a draft order, is this order going to be displayed in the store orders' dashboard before the shopper finishes the checkout? And I a shopper adds a coupon code after the draft order it's created, it will be required to update that draft order, correct? |
|
@nerrad I'm going to start this one next and I think the way we should approach it is this.. Rather than treating it like the core REST APIs where the consumer/client passes props to create an order, we should keep the creation logic out of reach of clients and instead make it more a Cart to order conversion, only exposing things like addresses for editing. So:
PUT is only available for draft orders. Once the order progresses, we shouldn't allow edits. Calculations are off limits. Status updates are off limits too. We don't want the client to be allowed to update order status as that could be abused. The payment API (#1321?) should be passed an order ID and do updates to the order (status/payment) on the server side. Our client can poll for updates if needed. |
I think we can just stick with |
Agreed, writes should be strictly limited. I also agree the server should take care of converting from cart to order 👍
Hmm. Does the order data model include billing information and shipping information or are those things coupled to their own data models and just linked via order id?
What about coupon entry in the checkout though? What about quantity changes? What about variation selection (might not be MVP but I wonder if we should consider/think through the impact). If you're mostly meaning by the statement that the server is the source of truth for calculations and the client doesn't do calculations and send to the server, then yes I agree.
Agreed. Any status changes for order should only happen server-side or via authed endpoint int he backend, not through the public
Ya that's mostly what I thought would be happening. Receive the order ID plus any other data already in state from the order (totals, line items etc). The goal with the current work I'm doing in #1349 is to basically have the checkout pass off to the payment method what it needs to process the payment and hopefully re-use as much of the existing logic in current payment methods as there is currently (including what ajax requests they might make etc). The focus I think we should have is providing an interface that payment methods will use to communicate with the checkout (and I think I'm pretty close to cracking that nut). |
Those would be editable and form part of the order data. I was thinking we'd just accept those as params during POST to the endpoint. That data is duplicated to the customer object also (used for defaults on next checkout).
I don't consider those calculations. Obviously the client needs to be able to set these things, but calculation logic (i.e. totals) should be server side. This differs from the core REST API where everything is writeable. If we need to be able to track changes to order totals as a result of these updates, we can store and return a hash based on order contents + total amounts. |
|
Ya your current approach sounds great to me Mike! Thanks for thinking through this. I anticipate we may have to fine tune things once we get to the implementation stage, but I think you've identified some key architectural boundaries we have to keep. |
This issue needs more in-depth exploration and planning.
We need to allow the new checkout block to create orders in WooCommerce. This is probably the most complicated endpoint as it handles data, customers, and payments. This needs additional exploration.
We need to decide when orders are created, either:
Unanswered Questions/Notes:
The text was updated successfully, but these errors were encountered: