Bug : create_order is not idempotent

[ao7777]

AWS uses retry to perform fault tolerance. To ensure correctness under retry, functions should be idempotent (AWS lambda requires that users should write idempotent functions.
However, the function create_order is not idempotent. Specifically, if the function fails after store_order finishes and is retried, the function will invoke store_order again and create a new order. This will create multiple new orders under retry.

Please let me know if this is an idempotence bug or the function does not need to be idempotent.

[nmoutschen]

Hey @ao7777 !

In an end-user scenario, that function is only invoked through AWS AppSync, which won't retry the Lambda function. However, an end-user could make multiple HTTP calls that could create multiple orders by accident.

There are actually two issues here:

• The first one is that the mock 3rd party payment processor service (payment-3p) should not just check that a payment token is valid, but reserve it. This way, multiple orders couldn't use the same payment token.
• The second one is idempotency of the order request itself. This could be done without adding an idempotency token by checking if that user created an order recently with the same items and payment token.