chitfund/backend/src/routes/phonepe.js

const express = require('express');
const router = express.Router();
const phonePeController = require('../controllers/phonePeController');
const { requireAuth, requireManager } = require('../middleware/auth');

/**
 * @route   POST /api/payments/phonepe/initiate
 * @desc    Initiate PhonePe payment
 * @access  Private (Members)
 */
router.post('/initiate', requireAuth, phonePeController.initiatePayment);

/**
 * @route   POST /api/payments/phonepe/callback
 * @desc    PhonePe payment callback (webhook)
 * @access  Public (PhonePe server)
 */
router.post('/callback', phonePeController.paymentCallback);

/**
 * @route   POST /api/payments/phonepe/verify
 * @desc    Verify payment status
 * @access  Private
 */
router.post('/verify', requireAuth, phonePeController.verifyPayment);

/**
 * @route   GET /api/payments/phonepe/status/:transactionId
 * @desc    Get payment status
 * @access  Private
 */
router.get('/status/:transactionId', requireAuth, phonePeController.getPaymentStatus);

/**
 * @route   POST /api/payments/phonepe/refund
 * @desc    Initiate refund
 * @access  Private (Managers only)
 */
router.post('/refund', requireManager, phonePeController.initiateRefund);

/**
 * @route   POST /api/payments/phonepe/external-webhook
 * @desc    Handle external UPI payment notifications
 * @access  Public (PhonePe webhook)
 */
router.post('/external-webhook', phonePeController.externalPaymentWebhook);

/**
 * @route   POST /api/payments/phonepe/payment-intent
 * @desc    Generate payment intent with QR code for direct UPI payment
 * @access  Private
 */
router.post('/payment-intent', requireAuth, phonePeController.generatePaymentIntent);

/**
 * @route   GET /api/payments/phonepe/qr/:groupId/:month/:year
 * @desc    Get payment QR code for specific installment
 * @access  Private
 */
router.get('/qr/:groupId/:month/:year', requireAuth, phonePeController.getPaymentQRCode);

module.exports = router;