A production-ready payment API that solves the critical problem of payment fingerprint harvesting while maintaining publicly shareable booking links. Built with Deno, TypeScript, and enterprise-grade security controls.

• Token-Based Booking Access: 256-bit secure tokens replace direct booking ID access
• Dual Authentication: API key + nonce requirement for payment operations
• Single-Use Nonces: IP-bound, 15-minute expiry with automatic invalidation
• Environment Protection: Server requires critical secrets to start
• Comprehensive Rate Limiting: Per-endpoint throttling prevents abuse

# Required environment variables
export PAYMENT_USERNAME=your_payment_gateway_username
export PAYMENT_PASSWORD=your_payment_gateway_password
export MERCHANT_CODE=your_merchant_code
export API_KEY=your_secure_api_key

deno run --allow-net --allow-read --allow-env --allow-import --allow-write --allow-ffi main.ts

Server starts on http://localhost:5000 with:

• 🌐 12 endpoints (5 public, 7 authenticated)
• 📋 Interactive API documentation at /api/docs
• 🛡️ Multi-layered security with comprehensive logging

📖 Complete Documentation - Detailed architecture, security flows, and API reference

• Problem & Solution: Why this architecture prevents fingerprint harvesting
• Security Model: Multi-layered protection mechanisms
• API Reference: Complete endpoint documentation with examples
• Frontend Integration: Required client-side functions and flow examples
• File Structure: Purpose of each component in the system

// Generate secure booking token (Admin)
POST /api/generate-booking-token
Authorization: Bearer {api_key}

// Access booking with token (Public)
GET /booking/{token}

// 1. Generate nonce
POST /api/create-payment-nonce
Body: { bookingId: "booking_123" }

// 2. Create payment fingerprint (Dual Auth Required)
POST /api/create-payment-hash
Authorization: Bearer {api_key}
X-Payment-Nonce: {nonce}

// 3. Refresh session after failures
POST /api/v1/payment/refresh
Body: { bookingId: "booking_123" }

✅ Token-based booking access prevents ID enumeration
✅ Dual authentication (API key + nonce) for payment operations
✅ Environment secret validation prevents unauthorized deployment
✅ Rate limiting (5-20 req/min per endpoint) blocks abuse
✅ Single-use nonces with IP binding and 15-minute expiry
✅ Dynamic schema validation from OpenAPI specifications
✅ Comprehensive audit logging with structured security events

┌─────────────────┐    ┌──────────────────┐    ┌─────────────────┐
│   Public User   │    │   Admin/Client   │    │ Payment Gateway │
└─────────┬───────┘    └─────────┬────────┘    └─────────┬───────┘
          │                      │                       │
          │ GET /booking/{token} │                       │
          ├─────────────────────►│                       │
          │                      │ Dual Auth Required    │
          │                      ├──────────────────────►│
          │                      │ Payment Fingerprint   │
          │                      │◄──────────────────────┤
          │ Secure Payment Form  │                       │
          │◄─────────────────────┤                       │
          │                      │                       │

• Prevents mass fingerprint harvesting through dual authentication
• Blocks booking enumeration attacks with secure tokens
• Eliminates replay attacks using single-use nonces
• Provides comprehensive audit trails for compliance

• Maintains shareable booking links without compromising security
• Reduces payment failures from fingerprint abuse
• Enables public access while protecting sensitive operations
• Supports compliance with industry security standards

src/
├── gateway/apiGateway.ts      # Centralized routing & security control
├── handlers/                  # Endpoint handlers (booking, payment, etc.)
├── middleware/               # Security middleware (CORS, rate limiting)
├── services/                 # Core business logic (auth, nonce, payment)
└── utils/                    # Utilities (logging, validation, OpenAPI)

All endpoints tested and verified:

• Booking token generation and access
• Payment nonce and fingerprint creation
• Security controls and rate limiting
• Error handling and validation

• Environment variables configured
• CORS origins set for production domains
• SSL/TLS certificates installed
• Monitoring and alerting configured
• Database backup strategy implemented
• Security event logging enabled

Built with Enterprise Security • Production Ready • Fully Documented