From 7e4034ba24599249a2959310ba24cc11db151900 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 11:37:54 +0000
Subject: [PATCH 1/5] Initial plan


From bd9063bd01980129ce8c3650f9effde99b8cbc1d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 11:47:21 +0000
Subject: [PATCH 2/5] feat: Add database schema and email templates for COD
 payment

- Add COD-specific fields to Order model (codFee, phoneVerified, deliveryAttempts, codCollectionStatus, codCollectedAt)
- Create migration for COD fields
- Add COD confirmation email template with Bengali and English support
- Add sendCODConfirmationEmail service function
- Update email template imports

Co-authored-by: rafiqul4 <124497017+rafiqul4@users.noreply.github.com>
---
 .../migration.sql                             |   6 +
 prisma/schema.prisma                          |   7 +
 src/lib/email-service.ts                      |  43 ++++
 src/lib/email-templates.ts                    | 210 ++++++++++++++++++
 4 files changed, 266 insertions(+)
 create mode 100644 prisma/migrations/20251211120000_add_cod_fields/migration.sql

diff --git a/prisma/migrations/20251211120000_add_cod_fields/migration.sql b/prisma/migrations/20251211120000_add_cod_fields/migration.sql
new file mode 100644
index 00000000..25a4fe8f
--- /dev/null
+++ b/prisma/migrations/20251211120000_add_cod_fields/migration.sql
@@ -0,0 +1,6 @@
+-- AlterTable
+ALTER TABLE "Order" ADD COLUMN "codFee" DOUBLE PRECISION,
+ADD COLUMN "phoneVerified" BOOLEAN NOT NULL DEFAULT false,
+ADD COLUMN "deliveryAttempts" INTEGER NOT NULL DEFAULT 0,
+ADD COLUMN "codCollectionStatus" TEXT,
+ADD COLUMN "codCollectedAt" TIMESTAMP(3);
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index e189ca62..12ede03b 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -774,6 +774,13 @@ model Order {
   
   ipAddress   String?
   
+  // COD-specific fields
+  codFee              Float? // Cash on Delivery fee
+  phoneVerified       Boolean @default(false) // Phone verification status
+  deliveryAttempts    Int @default(0) // Number of delivery attempts
+  codCollectionStatus String? // PENDING, COLLECTED, FAILED, PARTIAL
+  codCollectedAt      DateTime? // When cash was collected
+  
   items    OrderItem[]
   
   createdAt DateTime @default(now())
diff --git a/src/lib/email-service.ts b/src/lib/email-service.ts
index e95d1cfe..d2694d82 100644
--- a/src/lib/email-service.ts
+++ b/src/lib/email-service.ts
@@ -20,6 +20,7 @@ import {
   roleRejectedEmail,
   roleModificationRequestedEmail,
   orderConfirmationEmail,
+  codConfirmationEmail,
 } from './email-templates';
 
 const resend = new Resend(process.env.RESEND_API_KEY);
@@ -421,3 +422,45 @@ export async function sendOrderConfirmationEmail(
     return { success: false, error: 'Failed to send email' };
   }
 }
+
+/**
+ * Send COD order confirmation email
+ */
+export async function sendCODConfirmationEmail(
+  to: string,
+  orderData: {
+    customerName: string;
+    orderNumber: string;
+    orderTotal: string;
+    codFee: string;
+    orderItems: Array<{ name: string; quantity: number; price: string }>;
+    shippingAddress: { address: string; city: string; state?: string; postalCode: string; country: string };
+    estimatedDelivery: string;
+    storeName: string;
+    locale?: 'en' | 'bn';
+  }
+): Promise<SendEmailResult> {
+  try {
+    const locale = orderData.locale || 'en';
+    const subject = locale === 'bn' 
+      ? `অর্ডার কনফার্মেশন #${orderData.orderNumber}` 
+      : `Order Confirmation #${orderData.orderNumber}`;
+
+    const { data, error } = await resend.emails.send({
+      from: FROM_EMAIL,
+      to,
+      subject,
+      html: codConfirmationEmail({ ...orderData, appUrl: APP_URL, locale }),
+    });
+
+    if (error) {
+      console.error('Failed to send COD confirmation email:', error);
+      return { success: false, error: error.message };
+    }
+
+    return { success: true, id: data?.id };
+  } catch (error) {
+    console.error('Email service error:', error);
+    return { success: false, error: 'Failed to send email' };
+  }
+}
diff --git a/src/lib/email-templates.ts b/src/lib/email-templates.ts
index afb3234d..6dc8f624 100644
--- a/src/lib/email-templates.ts
+++ b/src/lib/email-templates.ts
@@ -787,3 +787,213 @@ export function orderConfirmationEmail({
 </html>
   `.trim();
 }
+
+/**
+ * COD (Cash on Delivery) Order Confirmation Email Template
+ * Supports both Bengali and English languages
+ */
+export function codConfirmationEmail({
+  customerName,
+  orderNumber,
+  orderTotal,
+  codFee,
+  orderItems,
+  shippingAddress,
+  estimatedDelivery,
+  storeName,
+  locale = 'en',
+  appUrl = 'https://stormcom.app',
+}: {
+  customerName: string;
+  orderNumber: string;
+  orderTotal: string;
+  codFee: string;
+  orderItems: Array<{ name: string; quantity: number; price: string }>;
+  shippingAddress: { address: string; city: string; state?: string; postalCode: string; country: string };
+  estimatedDelivery: string;
+  storeName: string;
+  locale?: 'en' | 'bn';
+  appUrl?: string;
+}): string {
+  // Escape user-provided content to prevent XSS attacks
+  const safeCustomerName = escapeHtml(customerName);
+  const safeOrderNumber = escapeHtml(orderNumber);
+  const safeStoreName = escapeHtml(storeName);
+  const safeAddress = {
+    address: escapeHtml(shippingAddress.address),
+    city: escapeHtml(shippingAddress.city),
+    state: shippingAddress.state ? escapeHtml(shippingAddress.state) : undefined,
+    postalCode: escapeHtml(shippingAddress.postalCode),
+    country: escapeHtml(shippingAddress.country),
+  };
+
+  const itemsHtml = orderItems
+    .map(
+      (item) => `
+    <tr>
+      <td style="padding: 8px; border-bottom: 1px solid #eee;">${escapeHtml(item.name)}</td>
+      <td style="padding: 8px; border-bottom: 1px solid #eee; text-align: center;">${item.quantity}</td>
+      <td style="padding: 8px; border-bottom: 1px solid #eee; text-align: right;">${escapeHtml(item.price)}</td>
+    </tr>
+  `
+    )
+    .join('');
+
+  // Bengali version
+  if (locale === 'bn') {
+    return `
+<!DOCTYPE html>
+<html lang="bn">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>অর্ডার কনফার্মেশন - ${safeStoreName}</title>
+  <style>${baseStyles}</style>
+</head>
+<body>
+  <div class="container">
+    <div class="header">
+      <div class="logo">${safeStoreName}</div>
+    </div>
+    <div class="content">
+      <h1>আপনার অর্ডার সফলভাবে সম্পন্ন হয়েছে! 🎉</h1>
+      <p>প্রিয় ${safeCustomerName},</p>
+      <p>আমরা আপনার অর্ডার পেয়েছি এবং এটি প্রসেস করা হচ্ছে। বিস্তারিত তথ্য নিচে দেওয়া হলো:</p>
+      
+      <div class="info-box">
+        <h3 style="margin-top: 0;">অর্ডার বিবরণ</h3>
+        <p><strong>অর্ডার নম্বর:</strong> ${safeOrderNumber}</p>
+        <p><strong>পেমেন্ট পদ্ধতি:</strong> <span style="color: #d97706;">ক্যাশ অন ডেলিভারি (হোম ডেলিভারি পেমেন্ট)</span></p>
+        <p><strong>মোট টাকা:</strong> ${orderTotal}</p>
+        <p style="margin-bottom: 0;"><strong>ডেলিভারি চার্জ:</strong> ${codFee}</p>
+      </div>
+
+      <h3>গুরুত্বপূর্ণ নির্দেশনা</h3>
+      <div class="info-box" style="background-color: #fef3c7; border-color: #fbbf24;">
+        <ul style="margin: 0; padding-left: 20px;">
+          <li><strong>আপনার পণ্য ডেলিভারি নেওয়ার সময় নগদ টাকা পরিশোধ করুন</strong></li>
+          <li>পণ্য ভালোভাবে চেক করার পর টাকা দিন</li>
+          <li>ডেলিভারি ম্যান থেকে অবশ্যই রসিদ নিন</li>
+          <li>সঠিক টাকা রাখার চেষ্টা করুন</li>
+        </ul>
+      </div>
+
+      <p><strong>আনুমানিক ডেলিভারি:</strong> ${escapeHtml(estimatedDelivery)}</p>
+
+      <h3>অর্ডার আইটেম</h3>
+      <table style="width: 100%; border-collapse: collapse; margin: 20px 0;">
+        <thead>
+          <tr style="background-color: #f8fafc;">
+            <th style="padding: 8px; text-align: left; border-bottom: 2px solid #e2e8f0;">পণ্য</th>
+            <th style="padding: 8px; text-align: center; border-bottom: 2px solid #e2e8f0;">পরিমাণ</th>
+            <th style="padding: 8px; text-align: right; border-bottom: 2px solid #e2e8f0;">মূল্য</th>
+          </tr>
+        </thead>
+        <tbody>
+          ${itemsHtml}
+        </tbody>
+      </table>
+
+      <h3>ডেলিভারি ঠিকানা</h3>
+      <div class="info-box">
+        <p style="margin: 0;">
+          ${safeAddress.address}<br>
+          ${safeAddress.city}${safeAddress.state ? `, ${safeAddress.state}` : ''} ${safeAddress.postalCode}<br>
+          ${safeAddress.country}
+        </p>
+      </div>
+      
+      <p>পণ্য পাঠানোর পর আমরা আপনাকে আরেকটি ইমেইল পাঠাবো। কোন সমস্যা হলে আমাদের সাপোর্ট টিমের সাথে যোগাযোগ করুন।</p>
+      
+      <p style="text-align: center; margin-top: 30px;">
+        <a href="${appUrl}" class="button">দোকান ভিজিট করুন</a>
+      </p>
+    </div>
+    <div class="footer">
+      <p>© ${new Date().getFullYear()} ${safeStoreName}। সর্বস্বত্ব সংরক্ষিত।</p>
+      <p>কোন সমস্যা হলে যোগাযোগ করুন: <strong>01XXX-XXXXXX</strong> (হোয়াটসঅ্যাপ সাপোর্ট উপলব্ধ)</p>
+    </div>
+  </div>
+</body>
+</html>
+    `.trim();
+  }
+
+  // English version
+  return `
+<!DOCTYPE html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Order Confirmation - ${safeStoreName}</title>
+  <style>${baseStyles}</style>
+</head>
+<body>
+  <div class="container">
+    <div class="header">
+      <div class="logo">${safeStoreName}</div>
+    </div>
+    <div class="content">
+      <h1>Your Order Has Been Confirmed! 🎉</h1>
+      <p>Dear ${safeCustomerName},</p>
+      <p>We've received your order and it's being processed. Here are the details:</p>
+      
+      <div class="info-box">
+        <h3 style="margin-top: 0;">Order Details</h3>
+        <p><strong>Order Number:</strong> ${safeOrderNumber}</p>
+        <p><strong>Payment Method:</strong> <span style="color: #d97706;">Cash on Delivery</span></p>
+        <p><strong>Total Amount:</strong> ${orderTotal}</p>
+        <p style="margin-bottom: 0;"><strong>COD Fee:</strong> ${codFee}</p>
+      </div>
+
+      <h3>Important Instructions</h3>
+      <div class="info-box" style="background-color: #fef3c7; border-color: #fbbf24;">
+        <ul style="margin: 0; padding-left: 20px;">
+          <li><strong>Pay cash when you receive your products</strong></li>
+          <li>Inspect products carefully before payment</li>
+          <li>Get a receipt from the delivery person</li>
+          <li>Please keep exact cash ready</li>
+        </ul>
+      </div>
+
+      <p><strong>Estimated Delivery:</strong> ${escapeHtml(estimatedDelivery)}</p>
+
+      <h3>Order Items</h3>
+      <table style="width: 100%; border-collapse: collapse; margin: 20px 0;">
+        <thead>
+          <tr style="background-color: #f8fafc;">
+            <th style="padding: 8px; text-align: left; border-bottom: 2px solid #e2e8f0;">Product</th>
+            <th style="padding: 8px; text-align: center; border-bottom: 2px solid #e2e8f0;">Quantity</th>
+            <th style="padding: 8px; text-align: right; border-bottom: 2px solid #e2e8f0;">Price</th>
+          </tr>
+        </thead>
+        <tbody>
+          ${itemsHtml}
+        </tbody>
+      </table>
+
+      <h3>Shipping Address</h3>
+      <div class="info-box">
+        <p style="margin: 0;">
+          ${safeAddress.address}<br>
+          ${safeAddress.city}${safeAddress.state ? `, ${safeAddress.state}` : ''} ${safeAddress.postalCode}<br>
+          ${safeAddress.country}
+        </p>
+      </div>
+      
+      <p>We'll send you another email when your order ships. If you have any questions, please contact our support team.</p>
+      
+      <p style="text-align: center; margin-top: 30px;">
+        <a href="${appUrl}" class="button">Visit Store</a>
+      </p>
+    </div>
+    <div class="footer">
+      <p>© ${new Date().getFullYear()} ${safeStoreName}. All rights reserved.</p>
+      <p>For support, contact: <strong>01XXX-XXXXXX</strong> (WhatsApp available)</p>
+    </div>
+  </div>
+</body>
+</html>
+  `.trim();
+}

From fa51568b712b5ead5118426c88573b6320dd6bf5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 12:06:23 +0000
Subject: [PATCH 3/5] feat: Implement COD backend service and vendor dashboard
 components

- Create CODService with order creation, phone validation, fraud prevention
- Add COD collection tracking functionality with inventory restoration
- Implement COD order creation API endpoint (/api/orders/cod)
- Implement COD status update API endpoint (/api/orders/[id]/cod-status)
- Create CODCollectionActions component for vendor dashboard
- Add Bangladesh phone validation regex
- Calculate COD fees dynamically (BDT 50 for orders <500)
- Support first-time customer limits and fraud prevention
- Fix type errors and lint issues in new code

Co-authored-by: rafiqul4 <124497017+rafiqul4@users.noreply.github.com>
---
 src/app/api/orders/[id]/cod-status/route.ts   | 126 +++++
 src/app/api/orders/cod/route.ts               |  98 ++++
 src/components/checkout/cod-payment.tsx       | 259 +++++++++
 .../checkout/payment-method-step.tsx          | 147 +++--
 .../orders/cod-collection-actions.tsx         | 293 ++++++++++
 src/lib/services/cod.service.ts               | 528 ++++++++++++++++++
 6 files changed, 1399 insertions(+), 52 deletions(-)
 create mode 100644 src/app/api/orders/[id]/cod-status/route.ts
 create mode 100644 src/app/api/orders/cod/route.ts
 create mode 100644 src/components/checkout/cod-payment.tsx
 create mode 100644 src/components/orders/cod-collection-actions.tsx
 create mode 100644 src/lib/services/cod.service.ts

diff --git a/src/app/api/orders/[id]/cod-status/route.ts b/src/app/api/orders/[id]/cod-status/route.ts
new file mode 100644
index 00000000..469a836a
--- /dev/null
+++ b/src/app/api/orders/[id]/cod-status/route.ts
@@ -0,0 +1,126 @@
+/**
+ * COD Collection Status Update API
+ * PUT /api/orders/[id]/cod-status
+ * 
+ * Updates the collection status of a COD order (COLLECTED or FAILED)
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { authOptions } from '@/lib/auth';
+import { CODService } from '@/lib/services/cod.service';
+import { prisma } from '@/lib/prisma';
+import { z } from 'zod';
+
+// Request validation schema
+const updateCODStatusSchema = z.object({
+  status: z.enum(['COLLECTED', 'FAILED']),
+  collectedAmount: z.number().positive().optional(),
+  failureReason: z.string().optional(),
+  notes: z.string().optional(),
+});
+
+export async function PUT(
+  req: NextRequest,
+  { params }: { params: { id: string } }
+) {
+  try {
+    // Get session - must be authenticated
+    const session = await getServerSession(authOptions);
+    if (!session?.user?.id) {
+      return NextResponse.json(
+        { success: false, error: 'Unauthorized' },
+        { status: 401 }
+      );
+    }
+
+    const orderId = params.id;
+
+    // Parse and validate request body
+    const body = await req.json();
+    const validatedData = updateCODStatusSchema.parse(body);
+
+    // Get order and verify access
+    const order = await prisma.order.findUnique({
+      where: { id: orderId },
+      include: {
+        store: {
+          include: {
+            organization: {
+              include: {
+                memberships: {
+                  where: { userId: session.user.id },
+                },
+              },
+            },
+            staff: {
+              where: { userId: session.user.id },
+            },
+          },
+        },
+      },
+    });
+
+    if (!order) {
+      return NextResponse.json(
+        { success: false, error: 'Order not found' },
+        { status: 404 }
+      );
+    }
+
+    // Check if user has access to this store
+    const hasOrgAccess = order.store.organization.memberships.length > 0;
+    const hasStaffAccess = order.store.staff.length > 0;
+
+    if (!hasOrgAccess && !hasStaffAccess) {
+      return NextResponse.json(
+        { success: false, error: 'Forbidden - No access to this store' },
+        { status: 403 }
+      );
+    }
+
+    // Update COD collection status
+    const updatedOrder = await CODService.updateCollectionStatus({
+      orderId,
+      status: validatedData.status,
+      collectedAmount: validatedData.collectedAmount,
+      failureReason: validatedData.failureReason,
+      notes: validatedData.notes,
+    });
+
+    return NextResponse.json({
+      success: true,
+      order: {
+        id: updatedOrder!.id,
+        orderNumber: updatedOrder!.orderNumber,
+        status: updatedOrder!.status,
+        paymentStatus: updatedOrder!.paymentStatus,
+        codCollectionStatus: updatedOrder!.codCollectionStatus,
+        codCollectedAt: updatedOrder!.codCollectedAt,
+      },
+    });
+  } catch (error) {
+    console.error('COD status update error:', error);
+
+    // Handle validation errors
+    if (error instanceof z.ZodError) {
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Validation failed',
+          details: error.issues,
+        },
+        { status: 400 }
+      );
+    }
+
+    // Handle business logic errors
+    return NextResponse.json(
+      {
+        success: false,
+        error: error instanceof Error ? error.message : 'Failed to update COD status',
+      },
+      { status: 400 }
+    );
+  }
+}
diff --git a/src/app/api/orders/cod/route.ts b/src/app/api/orders/cod/route.ts
new file mode 100644
index 00000000..42fea496
--- /dev/null
+++ b/src/app/api/orders/cod/route.ts
@@ -0,0 +1,98 @@
+/**
+ * COD Order Creation API
+ * POST /api/orders/cod
+ * 
+ * Creates a Cash on Delivery order with phone verification and fraud checks
+ */
+
+import { NextRequest, NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { authOptions } from '@/lib/auth';
+import { CODService } from '@/lib/services/cod.service';
+import { z } from 'zod';
+
+// Request validation schema
+const createCODOrderSchema = z.object({
+  storeId: z.string().min(1, 'Store ID is required'),
+  customerEmail: z.string().email('Invalid email address'),
+  customerName: z.string().min(1, 'Customer name is required'),
+  customerPhone: z.string().min(10, 'Phone number is required'),
+  shippingAddress: z.object({
+    address: z.string().min(1, 'Address is required'),
+    city: z.string().min(1, 'City is required'),
+    state: z.string().optional(),
+    postalCode: z.string().min(1, 'Postal code is required'),
+    country: z.string().min(1, 'Country is required'),
+  }),
+  billingAddress: z.string().optional(),
+  items: z.array(
+    z.object({
+      productId: z.string(),
+      variantId: z.string().optional(),
+      quantity: z.number().int().positive(),
+    })
+  ).min(1, 'At least one item is required'),
+  subtotal: z.number().positive('Subtotal must be positive'),
+  taxAmount: z.number().nonnegative('Tax amount must be non-negative').default(0),
+  shippingAmount: z.number().nonnegative('Shipping amount must be non-negative').default(0),
+  discountAmount: z.number().nonnegative('Discount amount must be non-negative').default(0),
+  codFee: z.number().nonnegative('COD fee must be non-negative'),
+  notes: z.string().optional(),
+  locale: z.enum(['en', 'bn']).optional().default('en'),
+  idempotencyKey: z.string().optional(),
+});
+
+export async function POST(req: NextRequest) {
+  try {
+    // Get session (optional for guest checkout)
+    const session = await getServerSession(authOptions);
+    
+    // Parse and validate request body
+    const body = await req.json();
+    const validatedData = createCODOrderSchema.parse(body);
+
+    // Create COD order
+    const order = await CODService.createCODOrder({
+      ...validatedData,
+      userId: session?.user?.id,
+    });
+
+    return NextResponse.json(
+      {
+        success: true,
+        order: {
+          id: order.id,
+          orderNumber: order.orderNumber,
+          status: order.status,
+          totalAmount: order.totalAmount,
+          codFee: order.codFee,
+          estimatedDelivery: order.estimatedDelivery,
+        },
+      },
+      { status: 201 }
+    );
+  } catch (error) {
+    console.error('COD order creation error:', error);
+
+    // Handle validation errors
+    if (error instanceof z.ZodError) {
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Validation failed',
+          details: error.issues,
+        },
+        { status: 400 }
+      );
+    }
+
+    // Handle business logic errors
+    return NextResponse.json(
+      {
+        success: false,
+        error: error instanceof Error ? error.message : 'Failed to create COD order',
+      },
+      { status: 400 }
+    );
+  }
+}
diff --git a/src/components/checkout/cod-payment.tsx b/src/components/checkout/cod-payment.tsx
new file mode 100644
index 00000000..8f051716
--- /dev/null
+++ b/src/components/checkout/cod-payment.tsx
@@ -0,0 +1,259 @@
+/**
+ * Cash on Delivery Payment Component
+ * Handles COD payment option for Bangladesh market
+ */
+
+'use client';
+
+import { useState } from 'react';
+import { Banknote, Phone, Calendar, AlertCircle } from 'lucide-react';
+import { Button } from '@/components/ui/button';
+import { Card, CardContent } from '@/components/ui/card';
+import { Input } from '@/components/ui/input';
+import { Label } from '@/components/ui/label';
+import { Checkbox } from '@/components/ui/checkbox';
+import { Alert, AlertDescription } from '@/components/ui/alert';
+import { Separator } from '@/components/ui/separator';
+
+interface CodPaymentProps {
+  subtotal: number;
+  shipping: number;
+  tax: number;
+  onPlaceOrder: (phoneNumber: string) => void;
+  isSubmitting: boolean;
+}
+
+// Bangladesh phone validation: +880 or 880 or 01XXXXXXXXX
+const BD_PHONE_REGEX = /^(\+880|880|0)?1[3-9]\d{8}$/;
+
+// COD fee: BDT 50 for orders < 500, free for >= 500
+const COD_FEE_THRESHOLD = 500;
+const COD_FEE_AMOUNT = 50;
+
+export function CodPayment({
+  subtotal,
+  shipping,
+  tax,
+  onPlaceOrder,
+  isSubmitting,
+}: CodPaymentProps) {
+  const [phoneNumber, setPhoneNumber] = useState('');
+  const [termsAccepted, setTermsAccepted] = useState(false);
+  const [phoneError, setPhoneError] = useState('');
+
+  // Calculate COD fee
+  const codFee = subtotal < COD_FEE_THRESHOLD ? COD_FEE_AMOUNT : 0;
+  const total = subtotal + shipping + tax + codFee;
+
+  // Calculate estimated delivery date (5-7 days from now)
+  const estimatedDeliveryStart = new Date();
+  estimatedDeliveryStart.setDate(estimatedDeliveryStart.getDate() + 5);
+  const estimatedDeliveryEnd = new Date();
+  estimatedDeliveryEnd.setDate(estimatedDeliveryEnd.getDate() + 7);
+
+  const formatDate = (date: Date) => {
+    return date.toLocaleDateString('en-US', {
+      month: 'short',
+      day: 'numeric',
+    });
+  };
+
+  const validatePhone = (value: string) => {
+    if (!value) {
+      setPhoneError('Phone number is required');
+      return false;
+    }
+    
+    if (!BD_PHONE_REGEX.test(value)) {
+      setPhoneError('Please enter a valid Bangladesh phone number (e.g., 01XXXXXXXXX)');
+      return false;
+    }
+    
+    setPhoneError('');
+    return true;
+  };
+
+  const handlePhoneChange = (e: React.ChangeEvent<HTMLInputElement>) => {
+    const value = e.target.value;
+    setPhoneNumber(value);
+    
+    // Clear error when user types
+    if (phoneError) {
+      setPhoneError('');
+    }
+  };
+
+  const handlePhoneBlur = () => {
+    if (phoneNumber) {
+      validatePhone(phoneNumber);
+    }
+  };
+
+  const handlePlaceOrder = () => {
+    if (validatePhone(phoneNumber) && termsAccepted) {
+      onPlaceOrder(phoneNumber);
+    }
+  };
+
+  const isValid = BD_PHONE_REGEX.test(phoneNumber) && termsAccepted;
+
+  return (
+    <div className="space-y-6">
+      {/* COD Information */}
+      <Alert className="border-amber-200 bg-amber-50">
+        <AlertCircle className="h-4 w-4 text-amber-600" />
+        <AlertDescription className="text-amber-900">
+          <div className="space-y-1">
+            <p className="font-medium">নগদে পণ্য গ্রহণের সময় পেমেন্ট করুন</p>
+            <p className="text-sm">Pay cash when you receive the products at your doorstep</p>
+          </div>
+        </AlertDescription>
+      </Alert>
+
+      {/* COD Fee Notice */}
+      {codFee > 0 && (
+        <Alert className="border-amber-200 bg-amber-50">
+          <Banknote className="h-4 w-4 text-amber-600" />
+          <AlertDescription className="text-amber-900">
+            <p className="text-sm">
+              ৳{COD_FEE_AMOUNT} COD charge applies for orders under ৳{COD_FEE_THRESHOLD}.
+              Orders ৳{COD_FEE_THRESHOLD} and above have free COD.
+            </p>
+          </AlertDescription>
+        </Alert>
+      )}
+
+      {/* Phone Number Input */}
+      <Card>
+        <CardContent className="pt-6">
+          <div className="space-y-4">
+            <div className="space-y-2">
+              <Label htmlFor="cod-phone" className="flex items-center gap-2">
+                <Phone className="h-4 w-4 text-muted-foreground" />
+                <span>Contact Phone Number</span>
+                <span className="text-xs text-muted-foreground">(যোগাযোগের ফোন নম্বর)</span>
+              </Label>
+              <Input
+                id="cod-phone"
+                type="tel"
+                placeholder="01XXXXXXXXX"
+                value={phoneNumber}
+                onChange={handlePhoneChange}
+                onBlur={handlePhoneBlur}
+                className={phoneError ? 'border-red-500' : ''}
+                aria-invalid={!!phoneError}
+                aria-describedby={phoneError ? 'phone-error' : undefined}
+              />
+              {phoneError && (
+                <p id="phone-error" className="text-sm text-red-500 flex items-center gap-1">
+                  <AlertCircle className="h-3 w-3" />
+                  {phoneError}
+                </p>
+              )}
+              <p className="text-xs text-muted-foreground">
+                Enter your Bangladesh mobile number (01XXXXXXXXX format)
+              </p>
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Estimated Delivery */}
+      <Card>
+        <CardContent className="pt-6">
+          <div className="flex items-start gap-3">
+            <Calendar className="h-5 w-5 text-muted-foreground mt-0.5" />
+            <div className="space-y-1">
+              <p className="text-sm font-medium">Estimated Delivery</p>
+              <p className="text-sm text-muted-foreground">
+                {formatDate(estimatedDeliveryStart)} - {formatDate(estimatedDeliveryEnd)} (5-7 business days)
+              </p>
+              <p className="text-xs text-muted-foreground">
+                আনুমানিক ডেলিভারি: ৫-৭ কার্যদিবস
+              </p>
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Order Breakdown */}
+      <Card>
+        <CardContent className="pt-6">
+          <div className="space-y-2">
+            <div className="flex justify-between text-sm">
+              <span>Subtotal (সাবটোটাল)</span>
+              <span>৳{subtotal.toFixed(2)}</span>
+            </div>
+            <div className="flex justify-between text-sm">
+              <span>Shipping (শিপিং)</span>
+              <span>৳{shipping.toFixed(2)}</span>
+            </div>
+            <div className="flex justify-between text-sm">
+              <span>Tax (ট্যাক্স)</span>
+              <span>৳{tax.toFixed(2)}</span>
+            </div>
+            {codFee > 0 && (
+              <div className="flex justify-between text-sm text-amber-700">
+                <span>COD Fee (নগদ পেমেন্ট চার্জ)</span>
+                <span>৳{codFee.toFixed(2)}</span>
+              </div>
+            )}
+            <Separator />
+            <div className="flex justify-between text-lg font-bold">
+              <span>Total (মোট)</span>
+              <span>৳{total.toFixed(2)}</span>
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Terms and Conditions */}
+      <Card>
+        <CardContent className="pt-6">
+          <div className="flex items-start space-x-3">
+            <Checkbox
+              id="cod-terms"
+              checked={termsAccepted}
+              onCheckedChange={(checked) => setTermsAccepted(checked === true)}
+              aria-label="Accept terms and conditions"
+            />
+            <div className="space-y-1 leading-none">
+              <Label
+                htmlFor="cod-terms"
+                className="text-sm font-medium leading-relaxed cursor-pointer"
+              >
+                আমি প্রোডাক্ট রিসিভ করার সময় টাকা প্রদান করব
+              </Label>
+              <p className="text-xs text-muted-foreground">
+                I agree to pay cash upon receiving the products
+              </p>
+            </div>
+          </div>
+        </CardContent>
+      </Card>
+
+      {/* Place Order Button */}
+      <Button
+        className="w-full"
+        size="lg"
+        onClick={handlePlaceOrder}
+        disabled={!isValid || isSubmitting}
+      >
+        {isSubmitting ? (
+          <>Processing...</>
+        ) : (
+          <>
+            Place Order (অর্ডার করুন) - ৳{total.toFixed(2)}
+          </>
+        )}
+      </Button>
+
+      {/* Security Notice */}
+      <p className="text-xs text-center text-muted-foreground">
+        আপনার অর্ডার নিশ্চিত করার জন্য আপনি আমাদের শর্তাবলী এবং গোপনীয়তা নীতির সাথে সম্মত হচ্ছেন
+        <br />
+        By placing your order, you agree to our Terms of Service and Privacy Policy
+      </p>
+    </div>
+  );
+}
diff --git a/src/components/checkout/payment-method-step.tsx b/src/components/checkout/payment-method-step.tsx
index 2d1d1277..df7beafc 100644
--- a/src/components/checkout/payment-method-step.tsx
+++ b/src/components/checkout/payment-method-step.tsx
@@ -6,13 +6,14 @@
 'use client';
 
 import { useState } from 'react';
-import { Loader2, CreditCard, Building2 } from 'lucide-react';
+import { Loader2, CreditCard, Building2, Banknote } from 'lucide-react';
 import { Button } from '@/components/ui/button';
 import { Card, CardContent } from '@/components/ui/card';
 import { RadioGroup, RadioGroupItem } from '@/components/ui/radio-group';
 import { Label } from '@/components/ui/label';
 import { Separator } from '@/components/ui/separator';
 import type { ShippingAddress } from '@/app/checkout/page';
+import { CodPayment } from './cod-payment';
 
 interface PaymentMethodStepProps {
   shippingAddress: ShippingAddress;
@@ -29,8 +30,9 @@ export function PaymentMethodStep({
 }: PaymentMethodStepProps) {
   const [paymentMethod, setPaymentMethod] = useState<string>('card');
   const [isSubmitting, setIsSubmitting] = useState(false);
+  const [codPhoneNumber, setCodPhoneNumber] = useState<string>('');
 
-  const handlePlaceOrder = async () => {
+  const handlePlaceOrder = async (phoneNumber?: string) => {
     setIsSubmitting(true);
 
     try {
@@ -84,6 +86,8 @@ export function PaymentMethodStep({
       //   body: JSON.stringify({
       //     paymentIntentId: paymentIntent.id,
       //     shippingAddress,
+      //     paymentMethod,
+      //     ...(paymentMethod === 'cod' && phoneNumber ? { codPhoneNumber: phoneNumber } : {}),
       //   }),
       // });
       
@@ -175,6 +179,26 @@ export function PaymentMethodStep({
               </div>
             </CardContent>
           </Card>
+
+          <Card>
+            <CardContent className="pt-6">
+              <div className="flex items-center space-x-4">
+                <RadioGroupItem value="cod" id="cod" />
+                <Label
+                  htmlFor="cod"
+                  className="flex items-center gap-3 flex-1 cursor-pointer"
+                >
+                  <Banknote className="h-5 w-5 text-muted-foreground" />
+                  <div>
+                    <p className="font-medium">ক্যাশ অন ডেলিভারি</p>
+                    <p className="text-xs text-muted-foreground">
+                      Cash on Delivery - Pay when you receive
+                    </p>
+                  </div>
+                </Label>
+              </div>
+            </CardContent>
+          </Card>
         </RadioGroup>
       </div>
 
@@ -215,62 +239,81 @@ export function PaymentMethodStep({
         </Card>
       )}
 
+      {paymentMethod === 'cod' && (
+        <CodPayment
+          subtotal={99.98}
+          shipping={10.00}
+          tax={8.80}
+          onPlaceOrder={(phoneNumber) => {
+            setCodPhoneNumber(phoneNumber);
+            handlePlaceOrder(phoneNumber);
+          }}
+          isSubmitting={isSubmitting}
+        />
+      )}
+
       {/* Order Total */}
-      <Card>
-        <CardContent className="pt-6">
-          <div className="space-y-2">
-            <div className="flex justify-between text-sm">
-              <span>Subtotal</span>
-              <span>$99.98</span>
-            </div>
-            <div className="flex justify-between text-sm">
-              <span>Shipping</span>
-              <span>$10.00</span>
-            </div>
-            <div className="flex justify-between text-sm">
-              <span>Tax</span>
-              <span>$8.80</span>
-            </div>
-            <Separator />
-            <div className="flex justify-between text-lg font-bold">
-              <span>Total</span>
-              <span>$118.78</span>
+      {paymentMethod !== 'cod' && (
+        <Card>
+          <CardContent className="pt-6">
+            <div className="space-y-2">
+              <div className="flex justify-between text-sm">
+                <span>Subtotal</span>
+                <span>$99.98</span>
+              </div>
+              <div className="flex justify-between text-sm">
+                <span>Shipping</span>
+                <span>$10.00</span>
+              </div>
+              <div className="flex justify-between text-sm">
+                <span>Tax</span>
+                <span>$8.80</span>
+              </div>
+              <Separator />
+              <div className="flex justify-between text-lg font-bold">
+                <span>Total</span>
+                <span>$118.78</span>
+              </div>
             </div>
-          </div>
-        </CardContent>
-      </Card>
+          </CardContent>
+        </Card>
+      )}
 
       {/* Actions */}
-      <div className="flex gap-3">
-        <Button
-          variant="outline"
-          className="flex-1"
-          onClick={onBack}
-          disabled={isSubmitting || isProcessing}
-        >
-          Back to Shipping
-        </Button>
-        <Button
-          className="flex-1"
-          onClick={handlePlaceOrder}
-          disabled={isSubmitting || isProcessing}
-        >
-          {isSubmitting ? (
-            <>
-              <Loader2 className="mr-2 h-4 w-4 animate-spin" />
-              Processing Payment...
-            </>
-          ) : (
-            'Place Order'
-          )}
-        </Button>
-      </div>
+      {paymentMethod !== 'cod' && (
+        <div className="flex gap-3">
+          <Button
+            variant="outline"
+            className="flex-1"
+            onClick={onBack}
+            disabled={isSubmitting || isProcessing}
+          >
+            Back to Shipping
+          </Button>
+          <Button
+            className="flex-1"
+            onClick={() => handlePlaceOrder()}
+            disabled={isSubmitting || isProcessing}
+          >
+            {isSubmitting ? (
+              <>
+                <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+                Processing Payment...
+              </>
+            ) : (
+              'Place Order'
+            )}
+          </Button>
+        </div>
+      )}
 
       {/* Security Notice */}
-      <p className="text-xs text-center text-muted-foreground">
-        By placing your order, you agree to our Terms of Service and Privacy Policy.
-        Your payment information is encrypted and secure.
-      </p>
+      {paymentMethod !== 'cod' && (
+        <p className="text-xs text-center text-muted-foreground">
+          By placing your order, you agree to our Terms of Service and Privacy Policy.
+          Your payment information is encrypted and secure.
+        </p>
+      )}
     </div>
   );
 }
diff --git a/src/components/orders/cod-collection-actions.tsx b/src/components/orders/cod-collection-actions.tsx
new file mode 100644
index 00000000..ffa73633
--- /dev/null
+++ b/src/components/orders/cod-collection-actions.tsx
@@ -0,0 +1,293 @@
+/**
+ * COD Collection Actions Component
+ * 
+ * Vendor dashboard component for managing COD order collection status
+ * Allows vendors to mark orders as collected or failed
+ */
+
+'use client';
+
+import { useState } from 'react';
+import { Button } from '@/components/ui/button';
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from '@/components/ui/dialog';
+import {
+  Alert,
+  AlertDescription,
+  AlertTitle,
+} from '@/components/ui/alert';
+import { Badge } from '@/components/ui/badge';
+import { Textarea } from '@/components/ui/textarea';
+import { Label } from '@/components/ui/label';
+import { CheckCircle2, XCircle, Banknote, AlertCircle } from 'lucide-react';
+import { toast } from 'sonner';
+
+export type CODCollectionStatus = 'PENDING' | 'COLLECTED' | 'FAILED';
+
+interface CODCollectionActionsProps {
+  orderId: string;
+  orderNumber: string;
+  amount: number;
+  codFee: number;
+  currentStatus: CODCollectionStatus;
+  deliveryAttempts?: number;
+  onStatusUpdate?: () => void;
+}
+
+export function CODCollectionActions({
+  orderId,
+  orderNumber,
+  amount,
+  codFee,
+  currentStatus,
+  deliveryAttempts = 0,
+  onStatusUpdate,
+}: CODCollectionActionsProps) {
+  const [showDialog, setShowDialog] = useState(false);
+  const [action, setAction] = useState<'COLLECTED' | 'FAILED' | null>(null);
+  const [loading, setLoading] = useState(false);
+  const [notes, setNotes] = useState('');
+
+  const totalAmount = amount + codFee;
+
+  const handleAction = async () => {
+    if (!action) return;
+
+    setLoading(true);
+
+    try {
+      const response = await fetch(`/api/orders/${orderId}/cod-status`, {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          status: action,
+          collectedAmount: action === 'COLLECTED' ? totalAmount : undefined,
+          failureReason:
+            action === 'FAILED' ? 'Customer refused to pay' : undefined,
+          notes: notes || undefined,
+        }),
+      });
+
+      if (!response.ok) {
+        const error = await response.json();
+        throw new Error(error.error || 'Failed to update collection status');
+      }
+
+      const data = await response.json();
+      void data; // Unused, but response is valid
+
+      const title = action === 'COLLECTED' ? 'Cash Collected' : 'Delivery Failed';
+      const description =
+        action === 'COLLECTED'
+          ? `Successfully recorded cash collection for order ${orderNumber}`
+          : `Order ${orderNumber} marked as failed. Inventory has been restored.`;
+      
+      toast.success(title, { description });
+
+      setShowDialog(false);
+      setNotes('');
+      onStatusUpdate?.();
+    } catch (error) {
+      console.error('COD status update error:', error);
+      toast.error('Error', {
+        description: error instanceof Error ? error.message : 'Failed to update collection status',
+      });
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  // Render status badge for completed orders
+  if (currentStatus === 'COLLECTED') {
+    return (
+      <div className="space-y-2">
+        <Badge variant="default" className="gap-1 bg-green-600 hover:bg-green-700">
+          <CheckCircle2 className="h-3 w-3" />
+          Cash Collected
+        </Badge>
+        <p className="text-xs text-muted-foreground">
+          Payment received: ৳{totalAmount.toFixed(2)}
+        </p>
+      </div>
+    );
+  }
+
+  if (currentStatus === 'FAILED') {
+    return (
+      <div className="space-y-2">
+        <Badge variant="destructive" className="gap-1">
+          <XCircle className="h-3 w-3" />
+          Delivery Failed
+        </Badge>
+        <p className="text-xs text-muted-foreground">
+          Inventory has been restored
+        </p>
+      </div>
+    );
+  }
+
+  // Render action buttons for pending orders
+  return (
+    <>
+      <div className="space-y-3">
+        {/* COD Order Alert */}
+        <Alert className="border-amber-500 bg-amber-50 dark:bg-amber-950">
+          <Banknote className="h-4 w-4 text-amber-600" />
+          <AlertTitle className="text-amber-900 dark:text-amber-100">
+            Cash on Delivery Order
+          </AlertTitle>
+          <AlertDescription className="text-amber-800 dark:text-amber-200 text-sm">
+            Collect ৳{totalAmount.toFixed(2)} from customer upon delivery
+            {codFee > 0 && (
+              <span className="block mt-1">
+                (Subtotal: ৳{amount.toFixed(2)} + COD Fee: ৳{codFee.toFixed(2)})
+              </span>
+            )}
+          </AlertDescription>
+        </Alert>
+
+        {/* Delivery Attempts Warning */}
+        {deliveryAttempts > 0 && (
+          <Alert variant="destructive">
+            <AlertCircle className="h-4 w-4" />
+            <AlertDescription className="text-sm">
+              Delivery attempts: {deliveryAttempts}/3
+              {deliveryAttempts >= 2 && (
+                <span className="block mt-1 font-medium">
+                  Warning: Final attempt - order will be canceled if failed
+                </span>
+              )}
+            </AlertDescription>
+          </Alert>
+        )}
+
+        {/* Action Buttons */}
+        <div className="flex gap-2">
+          <Button
+            variant="default"
+            className="flex-1 bg-green-600 hover:bg-green-700"
+            onClick={() => {
+              setAction('COLLECTED');
+              setShowDialog(true);
+            }}
+          >
+            <CheckCircle2 className="mr-2 h-4 w-4" />
+            Mark as Collected
+          </Button>
+          <Button
+            variant="destructive"
+            className="flex-1"
+            onClick={() => {
+              setAction('FAILED');
+              setShowDialog(true);
+            }}
+          >
+            <XCircle className="mr-2 h-4 w-4" />
+            Delivery Failed
+          </Button>
+        </div>
+      </div>
+
+      {/* Confirmation Dialog */}
+      <Dialog open={showDialog} onOpenChange={setShowDialog}>
+        <DialogContent>
+          <DialogHeader>
+            <DialogTitle>
+              {action === 'COLLECTED'
+                ? 'Confirm Cash Collection'
+                : 'Confirm Delivery Failure'}
+            </DialogTitle>
+            <DialogDescription>
+              {action === 'COLLECTED' ? (
+                <>
+                  Confirm that you have collected{' '}
+                  <strong className="text-foreground">
+                    ৳{totalAmount.toFixed(2)}
+                  </strong>{' '}
+                  cash from the customer for order{' '}
+                  <strong className="text-foreground">{orderNumber}</strong>.
+                  <br />
+                  <br />
+                  This will mark the order as completed and the payment as
+                  received.
+                </>
+              ) : (
+                <>
+                  Mark order{' '}
+                  <strong className="text-foreground">{orderNumber}</strong> as
+                  failed delivery.
+                  <br />
+                  <br />
+                  <strong className="text-destructive">
+                    Inventory will be restored automatically
+                  </strong>{' '}
+                  and the order will be canceled.
+                </>
+              )}
+            </DialogDescription>
+          </DialogHeader>
+
+          {/* Notes Textarea */}
+          <div className="space-y-2">
+            <Label htmlFor="notes">
+              Notes {action === 'FAILED' && '(Reason for failure)'}
+            </Label>
+            <Textarea
+              id="notes"
+              placeholder={
+                action === 'COLLECTED'
+                  ? 'Optional notes about the collection...'
+                  : 'Reason for delivery failure (e.g., customer not available, wrong address)...'
+              }
+              value={notes}
+              onChange={(e) => setNotes(e.target.value)}
+              rows={3}
+            />
+          </div>
+
+          <DialogFooter>
+            <Button
+              variant="outline"
+              onClick={() => {
+                setShowDialog(false);
+                setNotes('');
+              }}
+              disabled={loading}
+            >
+              Cancel
+            </Button>
+            <Button
+              onClick={handleAction}
+              disabled={loading}
+              variant={action === 'COLLECTED' ? 'default' : 'destructive'}
+            >
+              {loading ? (
+                <>Processing...</>
+              ) : (
+                <>
+                  {action === 'COLLECTED' ? (
+                    <>
+                      <CheckCircle2 className="mr-2 h-4 w-4" />
+                      Confirm Collection
+                    </>
+                  ) : (
+                    <>
+                      <XCircle className="mr-2 h-4 w-4" />
+                      Confirm Failure
+                    </>
+                  )}
+                </>
+              )}
+            </Button>
+          </DialogFooter>
+        </DialogContent>
+      </Dialog>
+    </>
+  );
+}
diff --git a/src/lib/services/cod.service.ts b/src/lib/services/cod.service.ts
new file mode 100644
index 00000000..9801335b
--- /dev/null
+++ b/src/lib/services/cod.service.ts
@@ -0,0 +1,528 @@
+/**
+ * COD (Cash on Delivery) Service
+ * 
+ * Handles COD-specific order processing, phone verification, fraud prevention,
+ * and collection tracking for Bangladesh market.
+ */
+
+import { prisma } from '@/lib/prisma';
+import { sendCODConfirmationEmail } from '@/lib/email-service';
+import { OrderStatus, PaymentStatus, PaymentMethod } from '@prisma/client';
+
+// ============================================================================
+// TYPES AND INTERFACES
+// ============================================================================
+
+export interface CreateCODOrderInput {
+  storeId: string;
+  userId?: string; // Optional for guest checkout
+  customerEmail: string;
+  customerName: string;
+  customerPhone: string;
+  shippingAddress: {
+    address: string;
+    city: string;
+    state?: string;
+    postalCode: string;
+    country: string;
+  };
+  billingAddress?: string;
+  items: Array<{
+    productId: string;
+    variantId?: string;
+    quantity: number;
+  }>;
+  subtotal: number;
+  taxAmount: number;
+  shippingAmount: number;
+  discountAmount: number;
+  codFee: number;
+  notes?: string;
+  locale?: 'en' | 'bn';
+  idempotencyKey?: string;
+}
+
+export interface CODCollectionUpdate {
+  orderId: string;
+  status: 'COLLECTED' | 'FAILED';
+  collectedAmount?: number;
+  failureReason?: string;
+  notes?: string;
+}
+
+// ============================================================================
+// COD SERVICE
+// ============================================================================
+
+export class CODService {
+  /**
+   * Validate Bangladesh phone number format
+   */
+  static validateBangladeshPhone(phone: string): boolean {
+    const bdPhoneRegex = /^(\+880|880|0)?1[3-9]\d{8}$/;
+    return bdPhoneRegex.test(phone.replace(/\s+/g, ''));
+  }
+
+  /**
+   * Calculate COD fee based on order subtotal
+   * BDT 50 for orders < 500, free for >= 500
+   */
+  static calculateCODFee(subtotal: number): number {
+    return subtotal < 500 ? 50 : 0;
+  }
+
+  /**
+   * Check if customer is eligible for COD
+   * Returns { eligible: boolean, reason?: string }
+   */
+  static async checkCODEligibility(
+    customerEmail: string,
+    totalAmount: number
+  ): Promise<{ eligible: boolean; reason?: string }> {
+    // Check for failed deliveries in the last 30 days
+    const thirtyDaysAgo = new Date();
+    thirtyDaysAgo.setDate(thirtyDaysAgo.getDate() - 30);
+
+    const failedCODOrders = await prisma.order.count({
+      where: {
+        customerEmail,
+        paymentMethod: PaymentMethod.CASH_ON_DELIVERY,
+        status: OrderStatus.CANCELED,
+        codCollectionStatus: 'FAILED',
+        createdAt: {
+          gte: thirtyDaysAgo,
+        },
+      },
+    });
+
+    // Block if 2+ failed deliveries in last 30 days
+    if (failedCODOrders >= 2) {
+      return {
+        eligible: false,
+        reason: 'COD not available due to previous failed deliveries',
+      };
+    }
+
+    // Check if first-time customer
+    const previousOrders = await prisma.order.count({
+      where: { customerEmail },
+    });
+
+    const isFirstTime = previousOrders === 0;
+
+    // First-time customer limit: BDT 10,000
+    if (isFirstTime && totalAmount > 10000) {
+      return {
+        eligible: false,
+        reason: 'COD limit exceeded for first-time customers (max BDT 10,000)',
+      };
+    }
+
+    return { eligible: true };
+  }
+
+  /**
+   * Create COD order with phone verification and fraud checks
+   */
+  static async createCODOrder(input: CreateCODOrderInput) {
+    // 1. Validate phone number
+    if (!this.validateBangladeshPhone(input.customerPhone)) {
+      throw new Error('Invalid Bangladesh phone number format');
+    }
+
+    // 2. Calculate total amount
+    const totalAmount =
+      input.subtotal +
+      input.taxAmount +
+      input.shippingAmount +
+      input.codFee -
+      input.discountAmount;
+
+    // 3. Check COD eligibility
+    const eligibility = await this.checkCODEligibility(
+      input.customerEmail,
+      totalAmount
+    );
+
+    if (!eligibility.eligible) {
+      throw new Error(eligibility.reason || 'COD not available');
+    }
+
+    // 4. Create order in transaction
+    const order = await prisma.$transaction(async (tx) => {
+      // Check idempotency
+      if (input.idempotencyKey) {
+        const existing = await tx.order.findFirst({
+          where: {
+            storeId: input.storeId,
+            idempotencyKey: input.idempotencyKey,
+          },
+          include: { items: true },
+        });
+        if (existing) {
+          console.log(`Duplicate COD order prevented: ${input.idempotencyKey}`);
+          return existing;
+        }
+      }
+
+      // Validate items and fetch prices
+      const enrichedItems = [];
+      for (const item of input.items) {
+        let product, variant, price, sku, productName, variantName;
+
+        if (item.variantId) {
+          variant = await tx.productVariant.findUnique({
+            where: { id: item.variantId },
+            include: { product: true },
+          });
+
+          if (!variant) {
+            throw new Error(`Variant not found: ${item.variantId}`);
+          }
+
+          if (variant.product.storeId !== input.storeId) {
+            throw new Error(
+              `Product ${item.productId} does not belong to store ${input.storeId}`
+            );
+          }
+
+          // Check variant stock
+          if (variant.inventoryQty < item.quantity) {
+            throw new Error(
+              `Insufficient stock for ${variant.product.name} - ${variant.name}`
+            );
+          }
+
+          product = variant.product;
+          price = variant.price || variant.product.price;
+          sku = variant.sku || variant.product.sku;
+          productName = variant.product.name;
+          variantName = variant.name;
+        } else {
+          product = await tx.product.findUnique({
+            where: { id: item.productId },
+          });
+
+          if (!product) {
+            throw new Error(`Product not found: ${item.productId}`);
+          }
+
+          if (product.storeId !== input.storeId) {
+            throw new Error(
+              `Product ${item.productId} does not belong to store ${input.storeId}`
+            );
+          }
+
+          // Check product stock
+          if (product.inventoryQty < item.quantity) {
+            throw new Error(`Insufficient stock for ${product.name}`);
+          }
+
+          price = product.price;
+          sku = product.sku;
+          productName = product.name;
+          variantName = null;
+        }
+
+        enrichedItems.push({
+          productId: item.productId,
+          variantId: item.variantId,
+          productName,
+          variantName,
+          sku,
+          quantity: item.quantity,
+          price,
+          subtotal: price * item.quantity,
+          taxAmount: 0,
+          discountAmount: 0,
+          totalAmount: price * item.quantity,
+        });
+
+        // Reserve inventory
+        if (item.variantId) {
+          await tx.productVariant.update({
+            where: { id: item.variantId },
+            data: {
+              inventoryQty: { decrement: item.quantity },
+            },
+          });
+        } else {
+          await tx.product.update({
+            where: { id: item.productId },
+            data: {
+              inventoryQty: { decrement: item.quantity },
+            },
+          });
+        }
+
+        // Create inventory log
+        await tx.inventoryLog.create({
+          data: {
+            storeId: input.storeId,
+            productId: item.productId,
+            variantId: item.variantId,
+            previousQty: item.variantId
+              ? variant!.inventoryQty
+              : product!.inventoryQty,
+            newQty: item.variantId
+              ? variant!.inventoryQty - item.quantity
+              : product!.inventoryQty - item.quantity,
+            changeQty: -item.quantity,
+            reason: 'ORDER_CREATED',
+            note: 'COD order inventory reservation',
+            userId: input.userId,
+          },
+        });
+      }
+
+      // Generate order number
+      const today = new Date();
+      const dateStr = today.toISOString().slice(0, 10).replace(/-/g, '');
+      const orderCount = await tx.order.count({
+        where: {
+          storeId: input.storeId,
+          createdAt: {
+            gte: new Date(today.setHours(0, 0, 0, 0)),
+          },
+        },
+      });
+      const orderNumber = `ORD-${dateStr}-${(orderCount + 1).toString().padStart(4, '0')}`;
+
+      // Create order
+      const newOrder = await tx.order.create({
+        data: {
+          storeId: input.storeId,
+          customerId: input.userId,
+          customerEmail: input.customerEmail,
+          customerName: input.customerName,
+          customerPhone: input.customerPhone,
+          orderNumber,
+          status: OrderStatus.PENDING,
+          idempotencyKey: input.idempotencyKey,
+          subtotal: input.subtotal,
+          taxAmount: input.taxAmount,
+          shippingAmount: input.shippingAmount,
+          discountAmount: input.discountAmount,
+          totalAmount,
+          paymentMethod: PaymentMethod.CASH_ON_DELIVERY,
+          paymentStatus: PaymentStatus.PENDING,
+          shippingAddress: JSON.stringify(input.shippingAddress),
+          billingAddress: input.billingAddress,
+          notes: input.notes,
+          // COD-specific fields
+          codFee: input.codFee,
+          phoneVerified: true, // Marked as verified if phone format is valid
+          deliveryAttempts: 0,
+          codCollectionStatus: 'PENDING',
+          estimatedDelivery: new Date(Date.now() + 5 * 24 * 60 * 60 * 1000), // 5 days
+          items: {
+            create: enrichedItems,
+          },
+        },
+        include: {
+          items: {
+            include: {
+              product: { select: { name: true, sku: true } },
+              variant: { select: { name: true, sku: true } },
+            },
+          },
+          store: { select: { name: true } },
+        },
+      });
+
+      return newOrder;
+    });
+
+    // 5. Send COD confirmation email
+    try {
+      // Get store name
+      const store = await prisma.store.findUnique({
+        where: { id: order.storeId },
+        select: { name: true },
+      });
+
+      const shippingAddress = JSON.parse(order.shippingAddress || '{}');
+      const estimatedDelivery = order.estimatedDelivery
+        ? order.estimatedDelivery.toLocaleDateString(
+            input.locale === 'bn' ? 'bn-BD' : 'en-US',
+            {
+              year: 'numeric',
+              month: 'long',
+              day: 'numeric',
+            }
+          )
+        : 'Within 5-7 business days';
+
+      await sendCODConfirmationEmail(order.customerEmail!, {
+        customerName: order.customerName || 'Customer',
+        orderNumber: order.orderNumber,
+        orderTotal: `৳${totalAmount.toFixed(2)}`,
+        codFee: `৳${input.codFee.toFixed(2)}`,
+        orderItems: order.items.map((item) => ({
+          name: item.productName + (item.variantName ? ` - ${item.variantName}` : ''),
+          quantity: item.quantity,
+          price: `৳${item.price.toFixed(2)}`,
+        })),
+        shippingAddress,
+        estimatedDelivery,
+        storeName: store?.name || 'StormCom',
+        locale: input.locale,
+      });
+    } catch (emailError) {
+      console.error('Failed to send COD confirmation email:', emailError);
+      // Don't throw error - order is already created
+    }
+
+    return order;
+  }
+
+  /**
+   * Update COD collection status
+   */
+  static async updateCollectionStatus(update: CODCollectionUpdate) {
+    const order = await prisma.order.findUnique({
+      where: { id: update.orderId },
+      include: { items: true },
+    });
+
+    if (!order) {
+      throw new Error('Order not found');
+    }
+
+    if (order.paymentMethod !== PaymentMethod.CASH_ON_DELIVERY) {
+      throw new Error('Order is not a COD order');
+    }
+
+    // Update order based on collection status
+    if (update.status === 'COLLECTED') {
+      await prisma.order.update({
+        where: { id: update.orderId },
+        data: {
+          status: OrderStatus.DELIVERED,
+          paymentStatus: PaymentStatus.PAID,
+          codCollectionStatus: 'COLLECTED',
+          codCollectedAt: new Date(),
+          deliveredAt: new Date(),
+          adminNote: update.notes,
+        },
+      });
+    } else if (update.status === 'FAILED') {
+      // Restore inventory on failed delivery
+      await prisma.$transaction(async (tx) => {
+        // Update order status
+        await tx.order.update({
+          where: { id: update.orderId },
+          data: {
+            status: OrderStatus.CANCELED,
+            paymentStatus: PaymentStatus.FAILED,
+            codCollectionStatus: 'FAILED',
+            cancelReason: update.failureReason || 'Delivery failed - customer refused to pay',
+            canceledAt: new Date(),
+            adminNote: update.notes,
+          },
+        });
+
+        // Restore inventory for each item
+        for (const item of order.items) {
+          if (item.variantId) {
+            const variant = await tx.productVariant.findUnique({
+              where: { id: item.variantId },
+            });
+
+            await tx.productVariant.update({
+              where: { id: item.variantId },
+              data: {
+                inventoryQty: { increment: item.quantity },
+              },
+            });
+
+            // Log inventory restoration
+            await tx.inventoryLog.create({
+              data: {
+                storeId: order.storeId,
+                productId: item.productId!,
+                variantId: item.variantId,
+                previousQty: variant!.inventoryQty,
+                newQty: variant!.inventoryQty + item.quantity,
+                changeQty: item.quantity,
+                reason: 'ORDER_CANCELED',
+                note: 'COD delivery failed - inventory restored',
+                orderId: order.id,
+              },
+            });
+          } else {
+            const product = await tx.product.findUnique({
+              where: { id: item.productId! },
+            });
+
+            await tx.product.update({
+              where: { id: item.productId! },
+              data: {
+                inventoryQty: { increment: item.quantity },
+              },
+            });
+
+            // Log inventory restoration
+            await tx.inventoryLog.create({
+              data: {
+                storeId: order.storeId,
+                productId: item.productId!,
+                variantId: null,
+                previousQty: product!.inventoryQty,
+                newQty: product!.inventoryQty + item.quantity,
+                changeQty: item.quantity,
+                reason: 'ORDER_CANCELED',
+                note: 'COD delivery failed - inventory restored',
+                orderId: order.id,
+              },
+            });
+          }
+        }
+      });
+    }
+
+    return await prisma.order.findUnique({
+      where: { id: update.orderId },
+      include: { items: true },
+    });
+  }
+
+  /**
+   * Increment delivery attempts
+   */
+  static async incrementDeliveryAttempt(orderId: string) {
+    return await prisma.order.update({
+      where: { id: orderId },
+      data: {
+        deliveryAttempts: { increment: 1 },
+      },
+    });
+  }
+
+  /**
+   * Get COD orders pending collection for a store
+   */
+  static async getPendingCollections(storeId: string) {
+    return await prisma.order.findMany({
+      where: {
+        storeId,
+        paymentMethod: PaymentMethod.CASH_ON_DELIVERY,
+        codCollectionStatus: 'PENDING',
+        status: {
+          in: [OrderStatus.PENDING, OrderStatus.PROCESSING, OrderStatus.SHIPPED],
+        },
+      },
+      include: {
+        items: {
+          include: {
+            product: { select: { name: true } },
+            variant: { select: { name: true } },
+          },
+        },
+      },
+      orderBy: {
+        createdAt: 'desc',
+      },
+    });
+  }
+}

From fbfd0f4430ef70b4c331bf5e2e28ab202fa23922 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 12:09:08 +0000
Subject: [PATCH 4/5] fix: Update COD status API to support Next.js 16 async
 params

- Fix async params handling in cod-status route
- Update parameter destructuring to match Next.js 16 API
- Build now passes successfully

Co-authored-by: rafiqul4 <124497017+rafiqul4@users.noreply.github.com>
---
 src/app/api/orders/[id]/cod-status/route.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/app/api/orders/[id]/cod-status/route.ts b/src/app/api/orders/[id]/cod-status/route.ts
index 469a836a..67bbfcc1 100644
--- a/src/app/api/orders/[id]/cod-status/route.ts
+++ b/src/app/api/orders/[id]/cod-status/route.ts
@@ -22,7 +22,7 @@ const updateCODStatusSchema = z.object({
 
 export async function PUT(
   req: NextRequest,
-  { params }: { params: { id: string } }
+  context: { params: Promise<{ id: string }> }
 ) {
   try {
     // Get session - must be authenticated
@@ -34,6 +34,7 @@ export async function PUT(
       );
     }
 
+    const params = await context.params;
     const orderId = params.id;
 
     // Parse and validate request body

From 4521e0925bfc1badee7e34ce1a5064e110d5bf76 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 11 Dec 2025 12:11:12 +0000
Subject: [PATCH 5/5] docs: Add comprehensive COD implementation guide

- Complete API documentation for COD endpoints
- Usage examples for all components
- Configuration guide for fees and limits
- Testing checklist and troubleshooting guide
- Database schema documentation
- Security and performance considerations
- Future enhancement suggestions

Co-authored-by: rafiqul4 <124497017+rafiqul4@users.noreply.github.com>
---
 docs/COD_IMPLEMENTATION_GUIDE.md | 568 +++++++++++++++++++++++++++++++
 1 file changed, 568 insertions(+)
 create mode 100644 docs/COD_IMPLEMENTATION_GUIDE.md

diff --git a/docs/COD_IMPLEMENTATION_GUIDE.md b/docs/COD_IMPLEMENTATION_GUIDE.md
new file mode 100644
index 00000000..da4df18d
--- /dev/null
+++ b/docs/COD_IMPLEMENTATION_GUIDE.md
@@ -0,0 +1,568 @@
+# Cash on Delivery (COD) Implementation Guide
+
+## Overview
+
+This document provides comprehensive documentation for the Cash on Delivery (COD) payment feature implemented for the Bangladesh market.
+
+## Features
+
+### Customer-Facing Features
+- **COD Payment Option**: Radio button selection in checkout with Bengali label "ক্যাশ অন ডেলিভারি"
+- **Phone Validation**: Bangladesh phone number format validation (+880 or 01XXXXXXXXX)
+- **COD Fee Calculation**: 
+  - BDT 50 for orders < 500
+  - Free for orders >= 500
+- **Terms & Conditions**: Bengali/English checkbox acceptance
+- **Order Confirmation Email**: Bilingual (Bengali + English) with delivery instructions
+
+### Vendor-Facing Features
+- **COD Order Badge**: Visual indicator for COD orders in dashboard
+- **Collection Status Tracking**: PENDING → COLLECTED/FAILED
+- **Mark as Collected**: Button to confirm cash collection
+- **Delivery Failed**: Button to mark failed delivery with inventory restoration
+- **Delivery Attempts Counter**: Shows attempts/3 with warnings
+
+### Fraud Prevention
+- **Phone Verification**: Valid Bangladesh number required
+- **First-Time Customer Limit**: Max BDT 10,000 for first order
+- **Repeat Offender Blocking**: Block after 2+ failed deliveries in 30 days
+- **Order Eligibility Check**: Automatic validation before order creation
+
+## Database Schema
+
+### Order Model Extensions
+
+```prisma
+model Order {
+  // ... existing fields ...
+  
+  // COD-specific fields
+  codFee              Float?     // Cash on Delivery fee
+  phoneVerified       Boolean @default(false)  // Phone verification status
+  deliveryAttempts    Int @default(0)  // Number of delivery attempts
+  codCollectionStatus String?    // PENDING, COLLECTED, FAILED, PARTIAL
+  codCollectedAt      DateTime?  // When cash was collected
+}
+```
+
+### Migration
+
+Location: `prisma/migrations/20251211120000_add_cod_fields/migration.sql`
+
+```sql
+ALTER TABLE "Order" ADD COLUMN "codFee" DOUBLE PRECISION,
+ADD COLUMN "phoneVerified" BOOLEAN NOT NULL DEFAULT false,
+ADD COLUMN "deliveryAttempts" INTEGER NOT NULL DEFAULT 0,
+ADD COLUMN "codCollectionStatus" TEXT,
+ADD COLUMN "codCollectedAt" TIMESTAMP(3);
+```
+
+## API Endpoints
+
+### Create COD Order
+
+**POST** `/api/orders/cod`
+
+Creates a new COD order with phone verification and fraud checks.
+
+**Request Body:**
+```json
+{
+  "storeId": "string",
+  "customerEmail": "string",
+  "customerName": "string",
+  "customerPhone": "string",  // +880 or 01XXXXXXXXX format
+  "shippingAddress": {
+    "address": "string",
+    "city": "string",
+    "state": "string (optional)",
+    "postalCode": "string",
+    "country": "string"
+  },
+  "billingAddress": "string (optional)",
+  "items": [
+    {
+      "productId": "string",
+      "variantId": "string (optional)",
+      "quantity": number
+    }
+  ],
+  "subtotal": number,
+  "taxAmount": number,
+  "shippingAmount": number,
+  "discountAmount": number,
+  "codFee": number,
+  "notes": "string (optional)",
+  "locale": "en | bn (optional)",
+  "idempotencyKey": "string (optional)"
+}
+```
+
+**Response (Success):**
+```json
+{
+  "success": true,
+  "order": {
+    "id": "string",
+    "orderNumber": "string",
+    "status": "PENDING",
+    "totalAmount": number,
+    "codFee": number,
+    "estimatedDelivery": "ISO 8601 date"
+  }
+}
+```
+
+**Response (Error):**
+```json
+{
+  "success": false,
+  "error": "Error message",
+  "details": [] // Validation errors if applicable
+}
+```
+
+**Possible Errors:**
+- "Invalid Bangladesh phone number format"
+- "COD not available due to previous failed deliveries"
+- "COD limit exceeded for first-time customers (max BDT 10,000)"
+- "Insufficient stock for {product name}"
+
+### Update COD Collection Status
+
+**PUT** `/api/orders/[id]/cod-status`
+
+Updates the collection status of a COD order (vendor only).
+
+**Request Body:**
+```json
+{
+  "status": "COLLECTED | FAILED",
+  "collectedAmount": number (optional),
+  "failureReason": "string (optional)",
+  "notes": "string (optional)"
+}
+```
+
+**Response (Success):**
+```json
+{
+  "success": true,
+  "order": {
+    "id": "string",
+    "orderNumber": "string",
+    "status": "DELIVERED | CANCELED",
+    "paymentStatus": "PAID | FAILED",
+    "codCollectionStatus": "COLLECTED | FAILED",
+    "codCollectedAt": "ISO 8601 date | null"
+  }
+}
+```
+
+**Authorization:** Requires vendor access (organization membership or staff assignment).
+
+## Frontend Components
+
+### COD Payment Component
+
+**Location:** `src/components/checkout/cod-payment.tsx`
+
+**Props:**
+```typescript
+interface CODPaymentProps {
+  subtotal: number;
+  shipping: number;
+  tax: number;
+  onOrderPlaced?: (orderId: string) => void;
+}
+```
+
+**Features:**
+- Phone number input with Bangladesh validation
+- Real-time phone validation feedback
+- COD fee calculation display
+- Terms & conditions checkbox (Bengali/English)
+- Order breakdown (subtotal + shipping + tax + COD fee)
+- "Place Order" button (disabled until valid)
+
+### COD Collection Actions Component
+
+**Location:** `src/components/orders/cod-collection-actions.tsx`
+
+**Props:**
+```typescript
+interface CODCollectionActionsProps {
+  orderId: string;
+  orderNumber: string;
+  amount: number;
+  codFee: number;
+  currentStatus: 'PENDING' | 'COLLECTED' | 'FAILED';
+  deliveryAttempts?: number;
+  onStatusUpdate?: () => void;
+}
+```
+
+**Features:**
+- Visual status badges (green for collected, red for failed)
+- COD amount display with fee breakdown
+- Delivery attempts warning (shows X/3)
+- Mark as Collected button with confirmation dialog
+- Delivery Failed button with notes input
+- Automatic inventory restoration on failure
+
+### Payment Method Step Update
+
+**Location:** `src/components/checkout/payment-method-step.tsx`
+
+**Changes:**
+- Added COD radio option with Banknote icon
+- Conditional rendering of COD payment component
+- Integrated with existing checkout flow
+
+## Backend Services
+
+### COD Service
+
+**Location:** `src/lib/services/cod.service.ts`
+
+**Main Methods:**
+
+#### `validateBangladeshPhone(phone: string): boolean`
+Validates phone number against Bangladesh format.
+- Format: `+880` or `880` or `0` + `1` + `[3-9]` + 8 digits
+- Example valid: +8801712345678, 01712345678
+
+#### `calculateCODFee(subtotal: number): number`
+Calculates COD fee based on order subtotal.
+- Returns 50 if subtotal < 500
+- Returns 0 if subtotal >= 500
+
+#### `checkCODEligibility(customerEmail: string, totalAmount: number)`
+Checks if customer is eligible for COD.
+- Blocks customers with 2+ failed deliveries in last 30 days
+- Limits first-time customers to BDT 10,000
+- Returns `{ eligible: boolean, reason?: string }`
+
+#### `createCODOrder(input: CreateCODOrderInput)`
+Creates COD order with full transaction safety.
+- Validates phone number
+- Checks COD eligibility
+- Validates stock availability
+- Reserves inventory immediately
+- Generates order number (ORD-YYYYMMDD-XXXX)
+- Sends confirmation email
+- Returns created order
+
+#### `updateCollectionStatus(update: CODCollectionUpdate)`
+Updates COD collection status.
+- On COLLECTED: Marks order as DELIVERED, payment as PAID
+- On FAILED: Cancels order, restores inventory, logs restoration
+- Requires vendor authorization
+
+#### `getPendingCollections(storeId: string)`
+Gets all pending COD orders for a store.
+
+## Email Templates
+
+### COD Confirmation Email
+
+**Location:** `src/lib/email-templates.ts` (function `codConfirmationEmail`)
+
+**Template Function:**
+```typescript
+codConfirmationEmail({
+  customerName: string,
+  orderNumber: string,
+  orderTotal: string,
+  codFee: string,
+  orderItems: Array<{ name: string; quantity: number; price: string }>,
+  shippingAddress: { address, city, state?, postalCode, country },
+  estimatedDelivery: string,
+  storeName: string,
+  locale?: 'en' | 'bn',
+  appUrl?: string,
+}): string
+```
+
+**Features:**
+- Bilingual support (Bengali and English)
+- Order details with line items
+- Payment instructions
+- COD fee breakdown
+- Estimated delivery date
+- Support contact information
+- Responsive HTML design
+
+**Send Function:**
+```typescript
+// src/lib/email-service.ts
+sendCODConfirmationEmail(
+  to: string,
+  orderData: { /* same as template props */ }
+): Promise<SendEmailResult>
+```
+
+## Usage Examples
+
+### Customer Placing COD Order
+
+```typescript
+// In checkout page
+import { CODPayment } from '@/components/checkout/cod-payment';
+
+<CODPayment
+  subtotal={99.98}
+  shipping={10.00}
+  tax={8.80}
+  onOrderPlaced={(orderId) => {
+    router.push(`/order/${orderId}/success`);
+  }}
+/>
+```
+
+### Vendor Managing COD Orders
+
+```typescript
+// In order detail page
+import { CODCollectionActions } from '@/components/orders/cod-collection-actions';
+
+{order.paymentMethod === 'CASH_ON_DELIVERY' && (
+  <CODCollectionActions
+    orderId={order.id}
+    orderNumber={order.orderNumber}
+    amount={order.totalAmount - order.codFee}
+    codFee={order.codFee}
+    currentStatus={order.codCollectionStatus}
+    deliveryAttempts={order.deliveryAttempts}
+    onStatusUpdate={() => {
+      // Refresh order data
+      refetch();
+    }}
+  />
+)}
+```
+
+### Creating COD Order Programmatically
+
+```typescript
+import { CODService } from '@/lib/services/cod.service';
+
+// Check eligibility first
+const eligibility = await CODService.checkCODEligibility(
+  customerEmail,
+  totalAmount
+);
+
+if (!eligibility.eligible) {
+  throw new Error(eligibility.reason);
+}
+
+// Calculate COD fee
+const codFee = CODService.calculateCODFee(subtotal);
+
+// Create order
+const order = await CODService.createCODOrder({
+  storeId,
+  userId,
+  customerEmail,
+  customerName,
+  customerPhone: '+8801712345678',
+  shippingAddress: {
+    address: '123 Main St',
+    city: 'Dhaka',
+    postalCode: '1000',
+    country: 'Bangladesh',
+  },
+  items: [
+    { productId: 'prod_123', quantity: 2 },
+  ],
+  subtotal: 450,
+  taxAmount: 0,
+  shippingAmount: 60,
+  discountAmount: 0,
+  codFee: 50,
+  locale: 'bn',
+});
+```
+
+## Configuration
+
+### COD Fee Rules
+
+Current implementation:
+- Orders < BDT 500: BDT 50 fee
+- Orders >= BDT 500: Free
+
+To change, update `CODService.calculateCODFee()` in `src/lib/services/cod.service.ts`:
+
+```typescript
+static calculateCODFee(subtotal: number): number {
+  // Customize fee structure here
+  if (subtotal < 500) return 50;
+  if (subtotal < 1000) return 30;
+  return 0; // Free for orders >= 1000
+}
+```
+
+### Fraud Prevention Limits
+
+Current limits (in `CODService.checkCODEligibility()`):
+- Failed delivery threshold: 2 orders in 30 days
+- First-time customer limit: BDT 10,000
+
+To change:
+```typescript
+// Update these lines in checkCODEligibility()
+if (failedCODOrders >= 2) { // Change threshold here
+  return { eligible: false, reason: '...' };
+}
+
+if (isFirstTime && totalAmount > 10000) { // Change limit here (in BDT)
+  return { eligible: false, reason: '...' };
+}
+```
+
+### Phone Validation Regex
+
+Current regex: `/^(\+880|880|0)?1[3-9]\d{8}$/`
+
+Matches:
+- +8801712345678
+- 8801712345678
+- 01712345678
+
+To change, update in `CODService.validateBangladeshPhone()`.
+
+## Testing
+
+### Manual Testing Checklist
+
+1. **Order Creation**
+   - [ ] Create COD order with valid phone
+   - [ ] Verify COD fee calculated correctly
+   - [ ] Confirm email sent (check console logs)
+   - [ ] Verify inventory reserved
+
+2. **Phone Validation**
+   - [ ] Test valid formats: +8801X, 01X, 8801X
+   - [ ] Test invalid formats: 02X, 8901X, +1234
+   - [ ] Verify error messages display
+
+3. **Fraud Prevention**
+   - [ ] Test first-time customer limit (try > BDT 10,000)
+   - [ ] Create 2 failed deliveries, try 3rd order
+   - [ ] Verify blocked message
+
+4. **Collection Tracking**
+   - [ ] Mark order as collected
+   - [ ] Verify status updates to DELIVERED
+   - [ ] Mark order as failed
+   - [ ] Verify inventory restored
+
+5. **Email Testing**
+   - [ ] Check Bengali email rendering
+   - [ ] Check English email rendering
+   - [ ] Verify all order details present
+   - [ ] Test estimated delivery date format
+
+### Database Testing
+
+```sql
+-- Check COD orders
+SELECT id, orderNumber, paymentMethod, codFee, phoneVerified, 
+       codCollectionStatus, deliveryAttempts
+FROM "Order"
+WHERE paymentMethod = 'CASH_ON_DELIVERY'
+ORDER BY createdAt DESC;
+
+-- Check failed COD orders for a customer
+SELECT COUNT(*) as failed_count
+FROM "Order"
+WHERE customerEmail = 'test@example.com'
+  AND paymentMethod = 'CASH_ON_DELIVERY'
+  AND status = 'CANCELED'
+  AND codCollectionStatus = 'FAILED'
+  AND createdAt >= NOW() - INTERVAL '30 days';
+
+-- Check inventory logs for COD orders
+SELECT il.*, o.orderNumber, o.status
+FROM "InventoryLog" il
+JOIN "Order" o ON il.orderId = o.id
+WHERE o.paymentMethod = 'CASH_ON_DELIVERY'
+ORDER BY il.createdAt DESC;
+```
+
+## Troubleshooting
+
+### Common Issues
+
+#### 1. "Phone verification required for COD orders"
+**Cause:** Invalid phone number format  
+**Solution:** Ensure phone matches Bangladesh format (+8801XXXXXXXXX or 01XXXXXXXXX)
+
+#### 2. "COD not available due to previous failed deliveries"
+**Cause:** Customer has 2+ failed deliveries in last 30 days  
+**Solution:** Customer must wait or contact support
+
+#### 3. "COD limit exceeded for first-time customers"
+**Cause:** First order exceeds BDT 10,000  
+**Solution:** Reduce order amount or use prepaid payment
+
+#### 4. Email not sending
+**Cause:** RESEND_API_KEY not set or invalid  
+**Solution:** Set valid Resend API key in .env.local
+
+#### 5. Inventory not restored on failed delivery
+**Cause:** Transaction failed or error in update  
+**Solution:** Check server logs, manually restore if needed
+
+### Debug Logging
+
+Enable debug logging:
+```typescript
+// In CODService methods
+console.log('COD Order Creation:', {
+  customerEmail,
+  phone: validatedPhone,
+  eligibility,
+  codFee,
+  totalAmount,
+});
+```
+
+## Performance Considerations
+
+- **Transaction Safety**: All order operations use Prisma transactions
+- **Idempotency**: Duplicate orders prevented via idempotencyKey
+- **Inventory Locking**: Inventory decremented in same transaction as order creation
+- **Email Async**: Email sending doesn't block order creation (errors logged but not thrown)
+
+## Security
+
+- **SQL Injection**: Protected via Prisma parameterized queries
+- **XSS**: Email templates use `escapeHtml()` for all user inputs
+- **Authorization**: COD status updates require vendor access
+- **Phone Validation**: Regex validation prevents invalid data
+- **Fraud Prevention**: Multi-layer checks (phone, history, limits)
+
+## Future Enhancements
+
+Potential improvements:
+1. SMS OTP verification for phone numbers
+2. Courier integration (Pathao, Steadfast, RedX)
+3. Partial payment support
+4. COD analytics dashboard
+5. Automated delivery reminders
+6. Customer COD history page
+7. Dynamic COD fee based on location
+8. COD-specific discount restrictions
+9. Real-time delivery tracking
+10. COD commission tracking for vendors
+
+## Support
+
+For issues or questions:
+- Check this documentation
+- Review code comments in source files
+- Check Prisma schema for data structure
+- Test with example data before production use