Vanilo is an E-commerce framework that is built on top of the Laravel framework. It is aimed at striking a balance between ease of use and adaptability. It’s goal is to aid Laravel developers to quickly build their e-commerce shop.
Vanilo allows developers to extend the functionality to provide more features to their shop or to enhance the protection of the shop from various threats. Since Vanilo does not have a built-in security mechanism to fight fraud, developers often need to use a fraud validation service to do so. Luckily, it is easy to achieve with the FraudLabs Pro API. The FraudLabs Pro API provides real-time validation against the online orders, so that the shop owner will be able to take action immediately.
In this tutorial, we are going to show how to call the FraudLabs Pro Screen Order API to validate the order, and also return an error if the validation status is REJECT. If you are interested to get more information about the API, you can always refer to its documentation.
Before we get started, make sure that you have a FraudLabs Pro API key with you. If you don’t, you can always register for a free API key to get started. This tutorial will also assume that you had already installed and setup the Vanilo framework in your machine. If you haven’t, the simplest way to get it is to clone the demo repository from the Vanilo GitHub, and follow the installation instruction in their readme file.
Steps to use FraudLabs Pro API in Vanilo
- Open the CheckoutController.php in
app/Http/Controllers/, and find the submit function. Find the line of this code$order->save();, and add the following code after that line of code:
try {
$payloads = [
'key' => env('FRAUDLABSPRO_API_KEY'), // API Key from .env
'ip' => $request->ip(), // Customer's IP
'last_name' => $order->billpayer->lastname,
'first_name' => $order->billpayer->firstname,
'email' => $order->billpayer->email ?? 'unknown@example.com',
'amount' => $order->total(),
'currency' => $order->currency,
'user_order_id' => $order->id,
'bill_country' => $order->billpayer->address->country_id,
'bill_city' => $order->billpayer->address->city,
'bill_zip_code' => $order->billpayer->address->postalcode,
'bill_addr' => $order->billpayer->address->address,
];
$response = Http::post('https://api.fraudlabspro.com/v2/order/screen', $payloads);
// Log response
Log::info('FraudLabs Pro Response:', $response->json());
$result = $response->json();
$status = $result['fraudlabspro_status'];
// Decision based on the fraudlabspro_status
if ($status == 'REJECT') {
// Log the issue and throw an exception
Log::warning('Order rejected', [
'order_id' => $order->id,
'fraudlabspro_status' => $status,
]);
return redirect()->route('checkout.show')->withErrors([
'fraud_detection' => 'Order is been rejected. Please try again later.'
]);
}
} catch (\Exception $e) {
Log::error('FraudLabs Pro API Error', ['message' => $e->getMessage()]);
throw new HttpResponseException(response()->json([
'message' => 'Order validation failed due to an error.',
'error' => $e->getMessage(),
], 500));
}
- On top of the controller file, add the following codes after the last line of the use statement:
use Illuminate\Support\Facades\Http; // For HTTP requests use Illuminate\Support\Facades\Log; // For logging
- Open the show.blade.php file located at resources/views/checkout/. In the file, add the following code at the position of before this code
@if ($checkout):
@if ($errors->has('fraud_detection'))
<div class="alert alert-danger">
<ul>
<li>{{ $errors->first('fraud_detection') }}</li>
</ul>
</div>
@endif
- Finally, add your FraudLabs Pro API key in your .env file like this:
FRAUDLABSPRO_API_KEY=YOUR_API_KEY. Now your e-commerce shop should be able to validate the order and reject the transaction if fraudulent. For example, here is how it may look like if the API found the order to be suspicious and thus reject it:
