Sync payment integration code from payment-integration branch

- Add payment models, CRUD functions, and Razorpay service
- Add payment API routes and frontend components
- Add database migration for payment tables
- Add .gitignore entry for .env
- Add .env.example with placeholder Razorpay keys
- Keep upstream-contribution README style

Author: AchuAshwath

.env.example

@@ -0,0 +1,55 @@
+# Domain
+# This would be set to the production domain with an env var on deployment
+# used by Traefik to transmit traffic and acquire TLS certificates
+DOMAIN=localhost
+# To test the local Traefik config
+# DOMAIN=localhost.tiangolo.com
+
+# Used by the backend to generate links in emails to the frontend
+FRONTEND_HOST=http://localhost:5173
+# In staging and production, set this env var to the frontend host, e.g.
+# FRONTEND_HOST=https://dashboard.example.com
+
+# Environment: local, staging, production
+ENVIRONMENT=local
+
+PROJECT_NAME="Full Stack FastAPI Project"
+STACK_NAME=full-stack-fastapi-project
+
+# Backend
+BACKEND_CORS_ORIGINS="http://localhost,http://localhost:5173,https://localhost,https://localhost:5173,http://localhost.tiangolo.com"
+SECRET_KEY=changethis
+FIRST_SUPERUSER=admin@example.com
+FIRST_SUPERUSER_PASSWORD=changethis
+
+# Emails
+SMTP_HOST=
+SMTP_USER=
+SMTP_PASSWORD=
+EMAILS_FROM_EMAIL=info@example.com
+SMTP_TLS=True
+SMTP_SSL=False
+SMTP_PORT=587
+
+# Postgres
+POSTGRES_SERVER=localhost
+POSTGRES_PORT=5432
+POSTGRES_DB=app
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=changethis
+
+SENTRY_DSN=
+
+# Configure these with your own Docker registry images
+DOCKER_IMAGE_BACKEND=backend
+DOCKER_IMAGE_FRONTEND=frontend
+
+# Razorpay Payment Gateway Configuration
+# Get your API keys from: https://dashboard.razorpay.com/app/keys
+# Test keys are available immediately (no KYC required)
+# Live keys require KYC verification (1-2 working days)
+RAZORPAY_KEY_ID=rzp_test_xxxxxxxxxxxxx
+RAZORPAY_KEY_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxx
+# Optional: For production webhook verification
+# Get webhook secret from: Settings → Webhooks in Razorpay Dashboard
+RAZORPAY_WEBHOOK_SECRET=your_webhook_secret_here

.gitignore

@@ -4,3 +4,4 @@ node_modules/
 /playwright-report/
 /blob-report/
 /playwright/.cache/
+.env

backend/app/api/main.py

@@ -1,13 +1,14 @@
 from fastapi import APIRouter
 
-from app.api.routes import items, login, private, users, utils
+from app.api.routes import items, login, payments, private, users, utils
 from app.core.config import settings
 
 api_router = APIRouter()
 api_router.include_router(login.router)
 api_router.include_router(users.router)
 api_router.include_router(utils.router)
 api_router.include_router(items.router)
+api_router.include_router(payments.router)
 
 
 if settings.ENVIRONMENT == "local":

backend/app/api/routes/__init__.py

@@ -0,0 +1,2 @@
+from . import payments
+

backend/app/core/config.py

@@ -94,6 +94,16 @@ def emails_enabled(self) -> bool:
     FIRST_SUPERUSER: EmailStr
     FIRST_SUPERUSER_PASSWORD: str
 
+    # Razorpay Payment Gateway Configuration
+    RAZORPAY_KEY_ID: str = ""
+    RAZORPAY_KEY_SECRET: str = ""
+    RAZORPAY_WEBHOOK_SECRET: str | None = None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def razorpay_enabled(self) -> bool:
+        return bool(self.RAZORPAY_KEY_ID and self.RAZORPAY_KEY_SECRET)
+
     def _check_default_secret(self, var_name: str, value: str | None) -> None:
         if value == "changethis":
             message = (
@@ -112,6 +122,17 @@ def _enforce_non_default_secrets(self) -> Self:
         self._check_default_secret(
             "FIRST_SUPERUSER_PASSWORD", self.FIRST_SUPERUSER_PASSWORD
         )
+        # Warn if Razorpay keys are not set in production
+        if (
+            self.ENVIRONMENT != "local"
+            and not self.razorpay_enabled
+            and self.RAZORPAY_KEY_ID == ""
+        ):
+            warnings.warn(
+                "RAZORPAY_KEY_ID and RAZORPAY_KEY_SECRET are not set. "
+                "Payment functionality will be disabled.",
+                stacklevel=1,
+            )
 
         return self
 

backend/app/crud.py

@@ -1,10 +1,20 @@
 import uuid
 from typing import Any
 
-from sqlmodel import Session, select
+from sqlmodel import Session, func, select
 
 from app.core.security import get_password_hash, verify_password
-from app.models import Item, ItemCreate, User, UserCreate, UserUpdate
+from app.models import (
+    Item,
+    ItemCreate,
+    Order,
+    OrderCreate,
+    Payment,
+    PaymentCreate,
+    User,
+    UserCreate,
+    UserUpdate,
+)
 
 
 def create_user(*, session: Session, user_create: UserCreate) -> User:
@@ -52,3 +62,149 @@ def create_item(*, session: Session, item_in: ItemCreate, owner_id: uuid.UUID) -
     session.commit()
     session.refresh(db_item)
     return db_item
+
+
+# Payment CRUD functions
+def create_order(
+    *, session: Session, order_in: OrderCreate, user_id: uuid.UUID, razorpay_order_id: str
+) -> Order:
+    """
+    Create an order in the database.
+
+    Args:
+        session: Database session
+        order_in: Order creation data
+        user_id: User ID who created the order
+        razorpay_order_id: Razorpay order ID
+
+    Returns:
+        Created Order object
+    """
+    db_order = Order.model_validate(
+        order_in, update={"user_id": user_id, "razorpay_order_id": razorpay_order_id, "status": "created"}
+    )
+    session.add(db_order)
+    session.commit()
+    session.refresh(db_order)
+    return db_order
+
+
+def get_order_by_id(*, session: Session, order_id: uuid.UUID) -> Order | None:
+    """
+    Get order by UUID.
+
+    Args:
+        session: Database session
+        order_id: Order UUID
+
+    Returns:
+        Order object or None if not found
+    """
+    return session.get(Order, order_id)
+
+
+def get_order_by_razorpay_id(
+    *, session: Session, razorpay_order_id: str
+) -> Order | None:
+    """
+    Get order by Razorpay order ID.
+
+    Args:
+        session: Database session
+        razorpay_order_id: Razorpay order ID
+
+    Returns:
+        Order object or None if not found
+    """
+    statement = select(Order).where(Order.razorpay_order_id == razorpay_order_id)
+    return session.exec(statement).first()
+
+
+def update_order_status(
+    *, session: Session, order: Order, status: str
+) -> Order:
+    """
+    Update order status.
+
+    Args:
+        session: Database session
+        order: Order object to update
+        status: New status
+
+    Returns:
+        Updated Order object
+    """
+    from datetime import datetime
+    order.status = status
+    order.updated_at = datetime.utcnow()
+    session.add(order)
+    session.commit()
+    session.refresh(order)
+    return order
+
+
+def create_payment(*, session: Session, payment_in: PaymentCreate) -> Payment:
+    """
+    Create a payment record in the database.
+
+    Args:
+        session: Database session
+        payment_in: Payment creation data
+
+    Returns:
+        Created Payment object
+    """
+    db_payment = Payment.model_validate(payment_in)
+    session.add(db_payment)
+    session.commit()
+    session.refresh(db_payment)
+    return db_payment
+
+
+def get_payments_by_order(*, session: Session, order_id: uuid.UUID) -> list[Payment]:
+    """
+    Get all payments for an order.
+
+    Args:
+        session: Database session
+        order_id: Order UUID
+
+    Returns:
+        List of Payment objects
+    """
+    statement = select(Payment).where(Payment.order_id == order_id)
+    return list(session.exec(statement).all())
+
+
+def get_user_orders(
+    *, session: Session, user_id: uuid.UUID, skip: int = 0, limit: int = 100
+) -> tuple[list[Order], int]:
+    """
+    Get paginated list of orders for a user.
+
+    Args:
+        session: Database session
+        user_id: User UUID
+        skip: Number of records to skip
+        limit: Maximum number of records to return
+
+    Returns:
+        Tuple of (list of Order objects, total count)
+    """
+    count_statement = (
+        select(func.count())
+        .select_from(Order)
+        .where(Order.user_id == user_id)
+    )
+    count = session.exec(count_statement).one()
+
+    statement = (
+        select(Order)
+        .where(Order.user_id == user_id)
+        .order_by(Order.created_at.desc())
+        .offset(skip)
+        .limit(limit)
+    )
+    orders = list(session.exec(statement).all())
+
+    return orders, count