chore(): rename website/src -> website/server and website/public -> website/client (#7199)

2025-12-19 15:48:04 +01:00 · 2016-05-13 15:35:12 +02:00
parent 486b93a3c9
commit 199732539f
504 changed files with 202 additions and 202 deletions
--- a/website/server/controllers/top-level/payments/stripe.js
+++ b/website/server/controllers/top-level/payments/stripe.js
@@ -0,0 +1,169 @@
+import stripeModule from 'stripe';
+import shared from '../../../../../common';
+import {
+  BadRequest,
+  NotAuthorized,
+} from '../../../libs/api-v3/errors';
+import { model as Coupon } from '../../../models/coupon';
+import payments from '../../../libs/api-v3/payments';
+import nconf from 'nconf';
+import { model as User } from '../../../models/user';
+import cc from 'coupon-code';
+import {
+  authWithHeaders,
+  authWithUrl,
+} from '../../../middlewares/api-v3/auth';
+
+const stripe = stripeModule(nconf.get('STRIPE_API_KEY'));
+
+let api = {};
+
+/**
+ * @apiIgnore Payments are considered part of the private API
+ * @api {post} /stripe/checkout Stripe checkout
+ * @apiVersion 3.0.0
+ * @apiName StripeCheckout
+ * @apiGroup Payments
+ *
+ * @apiParam {string} id Body parameter - The token
+ * @apiParam {string} email Body parameter - the customer email
+ * @apiParam {string} gift Query parameter - stringified json object, gift
+ * @apiParam {string} sub Query parameter - subscription, possible values are: basic_earned, basic_3mo, basic_6mo, google_6mo, basic_12mo
+ * @apiParam {string} coupon Query parameter - coupon for the matching subscription, required only for certain subscriptions
+ *
+ * @apiSuccess {Object} data Empty object
+ **/
+api.checkout = {
+  method: 'POST',
+  url: '/stripe/checkout',
+  middlewares: [authWithHeaders()],
+  async handler (req, res) {
+    let token = req.body.id;
+    let user = res.locals.user;
+    let gift = req.query.gift ? JSON.parse(req.query.gift) : undefined;
+    let sub = req.query.sub ? shared.content.subscriptionBlocks[req.query.sub] : false;
+    let coupon;
+    let response;
+
+    if (!token) throw new BadRequest('Missing req.body.id');
+
+    if (sub) {
+      if (sub.discount) {
+        if (!req.query.coupon) throw new BadRequest(res.t('couponCodeRequired'));
+        coupon = await Coupon.findOne({_id: cc.validate(req.query.coupon), event: sub.key});
+        if (!coupon) throw new BadRequest(res.t('invalidCoupon'));
+      }
+
+      response = await stripe.customers.create({
+        email: req.body.email,
+        metadata: { uuid: user._id },
+        card: token,
+        plan: sub.key,
+      });
+    } else {
+      let amount = 500; // $5
+
+      if (gift) {
+        if (gift.type === 'subscription') {
+          amount = `${shared.content.subscriptionBlocks[gift.subscription.key].price * 100}`;
+        } else {
+          amount = `${gift.gems.amount / 4 * 100}`;
+        }
+      }
+
+      response = await stripe.charges.create({
+        amount,
+        currency: 'usd',
+        card: token,
+      });
+    }
+
+    if (sub) {
+      await payments.createSubscription({
+        user,
+        customerId: response.id,
+        paymentMethod: 'Stripe',
+        sub,
+      });
+    } else {
+      let method = 'buyGems';
+      let data = {
+        user,
+        customerId: response.id,
+        paymentMethod: 'Stripe',
+        gift,
+      };
+
+      if (gift) {
+        let member = await User.findById(gift.uuid);
+        gift.member = member;
+        if (gift.type === 'subscription') method = 'createSubscription';
+        data.paymentMethod = 'Gift';
+      }
+
+      await payments[method](data);
+    }
+
+    res.respond(200, {});
+  },
+};
+
+/**
+ * @apiIgnore Payments are considered part of the private API
+ * @api {post} /stripe/subscribe/edit Edit Stripe subscription
+ * @apiVersion 3.0.0
+ * @apiName StripeSubscribeEdit
+ * @apiGroup Payments
+ *
+ * @apiParam {string} id Body parameter - The token
+ *
+ * @apiSuccess {Object} data Empty object
+ **/
+api.subscribeEdit = {
+  method: 'POST',
+  url: '/stripe/subscribe/edit',
+  middlewares: [authWithHeaders()],
+  async handler (req, res) {
+    let token = req.body.id;
+    let user = res.locals.user;
+    let customerId = user.purchased.plan.customerId;
+
+    if (!customerId) throw new NotAuthorized(res.t('missingSubscription'));
+    if (!token) throw new BadRequest('Missing req.body.id');
+
+    let subscriptions = await stripe.customers.listSubscriptions(customerId);
+    let subscriptionId = subscriptions.data[0].id;
+    await stripe.customers.updateSubscription(customerId, subscriptionId, { card: token });
+
+    res.respond(200, {});
+  },
+};
+
+/**
+ * @apiIgnore Payments are considered part of the private API
+ * @api {get} /stripe/subscribe/cancel Cancel Stripe subscription
+ * @apiVersion 3.0.0
+ * @apiName StripeSubscribeCancel
+ * @apiGroup Payments
+ **/
+api.subscribeCancel = {
+  method: 'GET',
+  url: '/stripe/subscribe/cancel',
+  middlewares: [authWithUrl],
+  async handler (req, res) {
+    let user = res.locals.user;
+    if (!user.purchased.plan.customerId) throw new NotAuthorized(res.t('missingSubscription'));
+
+    let customer = await stripe.customers.retrieve(user.purchased.plan.customeerId);
+    await stripe.customers.del(user.purchased.plan.customerId);
+    await payments.cancelSubscriptoin({
+      user,
+      nextBill: customer.subscription.current_period_end * 1000, // timestamp in seconds
+      paymentMethod: 'Stripe',
+    });
+
+    res.redirect('/');
+  },
+};
+
+module.exports = api;