@app.route("/api/order_cancel", methods=["POST"]) @login_required def api_order_cancel(): user_id = session["user_id"] data = request.get_json(force=True) order_id = data.get("order_id") cancel_reason = data.get("cancel_reason") bank = data.get("bankCode") # JS에서 보내는 이름에 맞춤 acc_name = data.get("accName") acc_no = data.get("accNo") print(">>> 받은 데이터:", data) # 주문 조회 conn = sqlite3.connect(DB_PURCHASES_PATH) c = conn.cursor() c.execute(""" SELECT payment_method, payment_key, price FROM purchases WHERE order_id=? AND user_id=? """, (order_id, user_id)) row = c.fetchone() conn.close() if not row: return jsonify({"success": False, "message": "주문을 찾을 수 없습니다."}) payment_method, payment_key, price = row # 공통 payload payload = {"cancelReason": cancel_reason} # 가상계좌일 경우만 계좌정보 필수 if payment_method == "virtual": if not (bank and acc_name and acc_no): return jsonify({ "success": False, "message": "가상계좌 환불은 은행/예금주/계좌번호가 필요합니다." }) payload["refundReceiveAccount"] = { "bank": bank, "accountNumber": acc_no, "holderName": acc_name } # 토스 결제 취소 API 호출 url = f"https://api.tosspayments.com/v1/payments/{payment_key}/cancel" headers = { "Authorization": "Basic " + base64.b64encode(f"{TOSS_SECRET_KEY}:".encode()).decode(), "Content-Type": "application/json" } try: resp = requests.post(url, headers=headers, json=payload) resp_data = resp.json() if resp.status_code != 200: return jsonify({ "success": False, "message": resp_data.get("message", "환불 실패") }) except Exception as e: return jsonify({"success": False, "message": str(e)}) # 환불 완료 처리 conn = sqlite3.connect(DB_PURCHASES_PATH) c = conn.cursor() c.execute("UPDATE purchases SET status='취소완료' WHERE order_id=?", (order_id,)) conn.commit() conn.close() return jsonify({"success": True})