Open mbertheau opened 8 years ago
Indeed, it's not safe to rely on the browser redirecting. But Adyen has notifications to address that issue. We arrived at a best practice to just process whatever arrives first (Adyen's notification or the redirect), and acknowledge-but-ignore the other. If you use the HTTP POST
style notification, the data format is almost identical. You're welcome to have a look at django-oscar-adyen
.
The redirect of the user's browser after the payment was finished successfully may not always arrive at the server. In that case an order is never created, but money is taken from the customer. When the code encounters such a situation, it logs an error, complaining that the order couldn't be found (https://github.com/machtfit/adyen/blob/master/oscar_adyen/api.py in
handle_notification()
).To handle this case right now you need to monitor these errors and refund the user through adyen's interface and set
handled = True
on the notification.