Payment integration of SSLCommerz

.env.example

@@ -3,15 +3,22 @@
 DATABASE_URL="postgres://1d421585019e812f1977d6aa0cef7dd51610436076598e55926cbd3072d017c1:sk_OfVGN0_tWDbVdYf_P28Ow@db.prisma.io:5432/postgres?sslmode=require"
 POSTGRES_URL="postgres://1d421585019e812f1977d6aa0cef7dd51610436076598e55926cbd3072d017c1:sk_OfVGN0_tWDbVdYf_P28Ow@db.prisma.io:5432/postgres?sslmode=require"
 PRISMA_DATABASE_URL="prisma+postgres://accelerate.prisma-data.net/?api_key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqd3RfaWQiOjEsInNlY3VyZV9rZXkiOiJza19PZlZHTjBfdFdEYlZkWWZfUDI4T3ciLCJhcGlfa2V5IjoiMDFLRzJYTkFXQ001VDZRUkdNU0Y1R0Y1TVMiLCJ0ZW5hbnRfaWQiOiIxZDQyMTU4NTAxOWU4MTJmMTk3N2Q2YWEwY2VmN2RkNTE2MTA0MzYwNzY1OThlNTU5MjZjYmQzMDcyZDAxN2MxIiwiaW50ZXJuYWxfc2VjcmV0IjoiMTE5OWQ5OGQtMDg3Ny00MmQzLWEwZTEtOWJhM2U1YzNjYzIwIn0.pqHhe8pkmYyj9H5CamwsM3_QqPvPgXylaGypKUgYxD8"
+
 # NextAuth Configuration
 NEXTAUTH_SECRET="7d08e0c5225aaa9fced497c0d4d6265ea365b918c2a911bd206ecd1028cb1f69"
 NEXTAUTH_URL="http://localhost:3000"
 
 # Email Configuration
 EMAIL_FROM="noreply@example.com"
-
 RESEND_API_KEY="re_SDif4qes_L3M23yb341vpHw287V7rCkLF"  # Build fails without this
 
+# SSLCommerz Payment Gateway (Bangladesh)
+SSLCOMMERZ_STORE_ID="codes69469d5ee7198"
+SSLCOMMERZ_STORE_PASSWORD="codes69469d5ee7198@ssl"
+SSLCOMMERZ_IS_SANDBOX="true"
+SSLCOMMERZ_SESSION_API="https://sandbox.sslcommerz.com/gwprocess/v3/api.php"
+SSLCOMMERZ_VALIDATION_API="https://sandbox.sslcommerz.com/validator/api/validationserverAPI.php"
+
 # Pathao Courier Integration (Optional - Per Store Configuration)
 # These are stored per-store in the database via Store model
 # Use admin panel to configure Pathao credentials for each store
@@ -20,6 +27,7 @@ RESEND_API_KEY="re_SDif4qes_L3M23yb341vpHw287V7rCkLF"  # Build fails without thi
 # PATHAO_REFRESH_TOKEN="your_refresh_token"
 # PATHAO_STORE_ID="123"  # Pathao pickup store ID
 # PATHAO_MODE="sandbox"  # or "production"
+
 # Facebook/Meta Shop Integration
 # Create Facebook App at: https://developers.facebook.com/apps
 # Create System User at: https://business.facebook.com/settings/system-users
@@ -47,3 +55,4 @@ FACEBOOK_WEBHOOK_VERIFY_TOKEN=""
 FACEBOOK_ACCESS_LEVEL="STANDARD"
 FACEBOOK_CONVERSIONS_ACCESS_TOKEN=""
 FACEBOOK_TEST_EVENT_CODE="TEST89865"
+>>>>>>> origin/main

.github/copilot-instructions.md

@@ -79,7 +79,7 @@
 /.github
   copilot-instructions.md       # This file
   /agents                       # Custom agent definitions
-middleware.ts                   # NextAuth middleware (route protection)
+middleware.ts                   # Subdomain routing + auth protection
 next.config.ts                  # React Compiler enabled
 tsconfig.json                   # TypeScript config (paths: @/*)
 components.json                 # shadcn-ui config
@@ -90,9 +90,9 @@ components.json                 # shadcn-ui config
 - **Session**: JWT strategy, `session.user.id` added in callback (NEVER remove)
 - **Config**: `src/lib/auth.ts` exports `authOptions`
 - **Handler**: `src/app/api/auth/[...nextauth]/route.ts` (5 lines)
-- **Protection**: `middleware.ts` (re-export from `next-auth/middleware`)
-  - **Matcher**: `/dashboard/:path*`, `/settings/:path*`, `/team/:path*`, `/projects/:path*`
-  - **To Protect New Route**: Add to matcher array (e.g., `"/reports/:path*"`)
+- **Protection**: `middleware.ts` (handles subdomain routing + auth protection)
+  - **Protected Routes**: `/dashboard/:path*`, `/settings/:path*`, `/team/:path*`, `/projects/:path*`, `/products/:path*`
+  - **To Protect New Route**: Add to `protectedPaths` array in middleware.ts
 - **Server Session**: Use `getServerSession(authOptions)` in Server Components
 - **Client Session**: Use `useSession()` hook in Client Components
 
@@ -144,7 +144,7 @@ npx dotenv -e .env.local -- prisma migrate dev --schema=prisma/schema.prisma
 
 ### Adding Protected Routes
 1. Create route folder in `src/app/your-route`
-2. Add to `middleware.ts` matcher: `"/your-route/:path*"`
+2. Add to `protectedPaths` array in `middleware.ts`
 3. Use `getServerSession(authOptions)` to check auth in Server Components
 
 ### Adding shadcn-ui Components
@@ -161,7 +161,7 @@ npx dotenv -e .env.local -- prisma migrate dev --schema=prisma/schema.prisma
 - **eslint.config.mjs**: ESLint 9 flat config, Next.js rules
 - **components.json**: shadcn-ui config (New York style, RSC, Tailwind v4)
 - **postcss.config.mjs**: Tailwind CSS PostCSS plugin
-- **middleware.ts**: NextAuth route protection (5 lines)
+- **middleware.ts**: Subdomain routing + auth protection for multi-tenant stores
 
 ## Common Pitfalls & Workarounds
 
@@ -184,7 +184,6 @@ npx dotenv -e .env.local -- prisma migrate dev --schema=prisma/schema.prisma
 - **Password Auth**: Add `passwordHash` to User model, implement CredentialsProvider (dev only)
 - **OAuth**: Extend `authOptions.providers` (keep environment separation)
 - **Cache Tags**: Use `revalidateTag()` for org-switch or membership updates
-- **Middleware Migration**: Next.js 16 recommends `proxy.ts` over `middleware.ts` (not yet migrated)
 
 ## Validation & Testing
 

.gitignore

@@ -26,6 +26,15 @@
 /.playwright-artifacts*/
 /.auth/
 
+# Playwright Images
+/.playwright-mcp/*
+
+# Playwright test artifacts (DO NOT COMMIT)
+/playwright-report/
+/test-results/
+/.playwright-artifacts*/
+/.auth/
+
 # production
 /build
 
@@ -55,6 +64,21 @@ test-pathao-*.js
 trigger-*.mjs
 explore-*.mjs
 find-*.mjs
+# Agent work directory (temporary files, debug scripts, logs)
+.agent_work/
+analyze-*.js
+check-*.js
+check-*.mjs
+fix-*.js
+get-*.js
+get-*.mjs
+list-*.js
+list-*.mjs
+test-create-*.js
+test-pathao-*.js
+trigger-*.mjs
+explore-*.mjs
+find-*.mjs
 
 # env files (can opt-in for committing if needed)
 .env*

.vscode/mcp.json

@@ -9,4 +9,4 @@
 			"type": "stdio"
 		}
 	}
-}
+}