public async Task <Payment> Handle(SavePayment request, CancellationToken cancellationToken)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
using (var db = new PaymentGatewayDbContext())
{
// Implementing masking as suggested here: https://security.stackexchange.com/a/145079
// CC numbers in the PaymentRequest are sanitised and should be just the numbers (no spaces)
var maskedCardNumber = CardNumber.Replace(request.Request.CardNumber, @"$1******$3");
var payment = new Payment(0,
request.Request.MerchantId,
request.Request.CardHolderName,
maskedCardNumber,
request.Request.ExpiryDate,
request.Request.Money,
request.Response.AcquiringBankPaymentId,
request.Response.Status,
request.Response.Timestamp);
await db.AddAsync(payment);
await db.SaveChangesAsync();
return(payment);
}
}
private static async Task <Merchant> AddMerchant(SaveMerchant request)
{
using (var db = new PaymentGatewayDbContext())
{
var newMerchant = new Merchant(0, request.Merchant.Name);
db.Add(newMerchant);
await db.SaveChangesAsync();
return(newMerchant);
}
}