Request password confirmation before placing order - Magento

0
votes

On our Magento CE 1.7 store, we allow customers in a 'trade' customer group to place orders and pay on Purchase Order.

We need to implement an additional layer of security - that when customers arrive at the order review step of the checkout process, just prior to placing the order via the Purchase Order payment method, there needs to be a prompt that requests their account login password (even though they are logged in). They need to correctly enter their account password to be able to then place the order.

It's quite a difficult prospect I know - Does anyone know if this would be relatively possible, or any existing modules that offer this functionality?

Thanks in advance!

1
magentomagento-1.7
nothing difficult here ... but what have you tried ?Jscti
Hi, Im pretty new - just looking into the solution to determine the best - looking for guidance from someone who may have done similar?Marc

1 Answers

0
votes

You probably could do this using event/observer, but the way I would do this is using a custom payment method that basically duplicate Purchaseorder

See /app/code/core/Mage/Payment/Model/Method/Purchaseorder.php

class Mage_Payment_Model_Method_Purchaseorder extends Mage_Payment_Model_Method_Abstract
{

    .....


    /**
     * Validate payment method information object
     *
     * @return Mage_Payment_Model_Abstract
     */
    public function validate()
    {
         $paymentInfo = $this->getInfoInstance();

         validate customer password there

         if($paymentInfo->getOrder()->getCustomerId()){

            //see login() in /app/code/core/Mage/Customer/Model/Session.php
            $customer = Mage::getModel('customer/customer')
                ->setWebsiteId(Mage::app()->getStore()->getWebsiteId());
            //May need to change to the order store id and not Mage::app()->getStore()->getWebsiteId()

            //get password enter on PO screen
            $password = $paymentInfo->getPassword()

            if ($customer->authenticate($paymentInfo->getOrder()->getCustomerEmail(), $password)) {
                return true;
            }
            return false;
         }
         else{
            //customer not login
            return false;
         }

         /**
          * to validate payment method is allowed for billing country or not
          */
         if ($paymentInfo instanceof Mage_Sales_Model_Order_Payment) {
             $billingCountry = $paymentInfo->getOrder()->getBillingAddress()->getCountryId();
         } else {
             $billingCountry = $paymentInfo->getQuote()->getBillingAddress()->getCountryId();
         }
         if (!$this->canUseForCountry($billingCountry)) {
             Mage::throwException(Mage::helper('payment')->__('Selected payment type is not allowed for billing country.'));
         }
         return $this;
    }

    /**
     * Assign data to info model instance
     *
     * @param   mixed $data
     * @return  Mage_Payment_Model_Method_Purchaseorder
     */
    public function assignData($data)
    {
        if (!($data instanceof Varien_Object)) {
            $data = new Varien_Object($data);
        }

        $this->getInfoInstance()->setPoNumber($data->getPoNumber());
        $this->getInfoInstance()->setPassword($data->getPassword());
        return $this;
    }


}

Take a look @ How to create a payment method