Discussion on: End-to-end Paypal Checkout with Rails (Part 3 of 3)

[Ripchanskiy]

Hello Galih.
Thank you for interesting article.
I don't know vue and maybe i just missed something.
But how can we protect against fake requests? For instance if i send this request manually from console.Where in controller we check that payment was successful ?

      const response = await fetch('/api/v1/store/paypal_purchases', {
        method:   'POST',
        headers:  {
          "Content-Type": "application/json"
        },
        body:     JSON.stringify(
          {
            price_cents:    this.priceStr,
            price_currency: this.currencyCode,
            product_id:     this.productId,
            token:          order.orderID,
            customer_id:    order.payer.payer_id,
            customer_email: order.payer.email_address,
            is_successful:  order.status === 'COMPLETED'
          }
        )
      });