Payment provider management module for the Unchained Engine
npm install @unchainedshop/core-payment
Payment provider module for the Unchained Engine. Manages payment providers, credentials, and payment processing.
``bash`
npm install @unchainedshop/core-payment
`typescript
import { configurePaymentModule, PaymentProviderType } from '@unchainedshop/core-payment';
const paymentModule = await configurePaymentModule({ db });
// Create a payment provider
const providerId = await paymentModule.create({
type: PaymentProviderType.CARD,
adapterKey: 'shop.unchained.payment.stripe',
});
// Find providers for a context
const providers = await paymentModule.findSupported({
order: orderObject,
});
`
| Export | Description |
|--------|-------------|
| configurePaymentModule | Configure and return the payment module |
| Method | Description |
|--------|-------------|
| findProvider | Find provider by ID |findProviders
| | Find providers with filtering |count
| | Count providers |providerExists
| | Check if provider exists |findSupported
| | Find providers supported for context |findInterface
| | Get provider interface definition |
| Method | Description |
|--------|-------------|
| create | Create a new payment provider |update
| | Update provider configuration |delete
| | Soft delete a provider |
| Method | Description |
|--------|-------------|
| findCredentials | Find stored credentials for user |createCredentials
| | Store payment credentials |deleteCredentials
| | Remove stored credentials |markPreferred
| | Mark credentials as preferred |
| Export | Description |
|--------|-------------|
| PaymentProviderType | Provider types (CARD, INVOICE, GENERIC) |
| Export | Description |
|--------|-------------|
| paymentSettings | Access payment module settings |
| Export | Description |
|--------|-------------|
| PaymentProvider | Provider document type |PaymentCredentials
| | Credentials document type |PaymentModule
| | Module interface type |
| Event | Description |
|-------|-------------|
| PAYMENT_PROVIDER_CREATE | Provider created |PAYMENT_PROVIDER_UPDATE
| | Provider updated |PAYMENT_PROVIDER_REMOVE
| | Provider deleted |
This module is designed for PCI DSS SAQ-A eligibility:
- No card data storage: Credit card numbers (PAN) and CVV are never stored
- Provider tokens only: Only payment provider-issued tokens are stored
- Secure credentials: Payment credentials contain references, not card data
`typescript``
// PaymentCredentials structure - tokens only, no card data
type PaymentCredentials = {
paymentProviderId: string;
userId: string;
token?: string; // Provider-issued token (NOT card number)
isPreferred?: boolean;
meta: any; // Provider-specific metadata
};
All payment integrations use tokenization patterns:
1. Card data collected by payment provider (Stripe, Datatrans, etc.)
2. Provider returns secure token
3. Unchained stores only the token reference
4. Subsequent charges use the token
See SECURITY.md for complete PCI DSS compliance documentation.
EUPL-1.2