krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-17 14:47:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'stripe-webhook' into develop

Browse Source
This commit is contained in:
Sabe Jones
2017-03-28 16:11:13 +00:00
parent 6aad018eb2 fd9f3a32c4
commit 30f514e46f
5 changed files with 331 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

236
test/api/v3/unit/libs/stripePayments.test.js
View File

@@ -10,6 +10,8 @@ import { model as Coupon } from '../../../../../website/server/models/coupon';
import stripePayments from '../../../../../website/server/libs/stripePayments';
import payments from '../../../../../website/server/libs/payments';
import common from '../../../../../website/common';
import logger from '../../../../../website/server/libs/logger';
import { v4 as uuid } from 'uuid';
const i18n = common.i18n;
@@ -759,4 +761,238 @@ describe('Stripe Payments', () => {
expect(updatedGroup.purchased.plan.quantity).to.eql(4);
});
});
describe('handleWebhooks', () => {
describe('all events', () => {
const eventType = 'account.updated';
const event = {id: 123};
const eventRetrieved = {type: eventType};
beforeEach(() => {
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves(eventRetrieved);
sinon.stub(logger, 'error');
});
afterEach(() => {
stripe.events.retrieve.restore();
logger.error.restore();
});
it('logs an error if an unsupported webhook event is passed', async () => {
const error = new Error(`Missing handler for Stripe webhook ${eventType}`);
await stripePayments.handleWebhooks({requestBody: event}, stripe);
expect(logger.error).to.have.been.called.once;
expect(logger.error).to.have.been.calledWith(error, {event: eventRetrieved});
});
it('retrieves and validates the event from Stripe', async () => {
await stripePayments.handleWebhooks({requestBody: event}, stripe);
expect(stripe.events.retrieve).to.have.been.called.once;
expect(stripe.events.retrieve).to.have.been.calledWith(event.id);
});
});
describe('customer.subscription.deleted', () => {
const eventType = 'customer.subscription.deleted';
beforeEach(() => {
sinon.stub(stripe.customers, 'del').returnsPromise().resolves({});
sinon.stub(payments, 'cancelSubscription').returnsPromise().resolves({});
});
afterEach(() => {
stripe.customers.del.restore();
payments.cancelSubscription.restore();
});
it('does not do anything if event.request is null (subscription cancelled manually)', async () => {
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
request: null,
});
await stripePayments.handleWebhooks({requestBody: {}}, stripe);
expect(stripe.events.retrieve).to.have.been.called.once;
expect(stripe.customers.del).to.not.have.been.called;
expect(payments.cancelSubscription).to.not.have.been.called;
stripe.events.retrieve.restore();
});
describe('user subscription', () => {
it('throws an error if the user is not found', async () => {
const customerId = 456;
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
data: {
object: {
plan: {
id: 'basic_earned',
},
customer: customerId,
},
},
});
await expect(stripePayments.handleWebhooks({requestBody: {}}, stripe)).to.eventually.be.rejectedWith({
message: i18n.t('userNotFound'),
httpCode: 404,
name: 'NotFound',
});
expect(stripe.customers.del).to.not.have.been.called;
expect(payments.cancelSubscription).to.not.have.been.called;
stripe.events.retrieve.restore();
});
it('deletes the customer on Stripe and calls payments.cancelSubscription', async () => {
const customerId = '456';
let subscriber = new User();
subscriber.purchased.plan.customerId = customerId;
subscriber.purchased.plan.paymentMethod = 'Stripe';
await subscriber.save();
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
data: {
object: {
plan: {
id: 'basic_earned',
},
customer: customerId,
},
},
});
await stripePayments.handleWebhooks({requestBody: {}}, stripe);
expect(stripe.customers.del).to.have.been.calledOnce;
expect(stripe.customers.del).to.have.been.calledWith(customerId);
expect(payments.cancelSubscription).to.have.been.calledOnce;
let cancelSubscriptionOpts = payments.cancelSubscription.lastCall.args[0];
expect(cancelSubscriptionOpts.user._id).to.equal(subscriber._id);
expect(cancelSubscriptionOpts.paymentMethod).to.equal('Stripe');
expect(cancelSubscriptionOpts.groupId).to.be.undefined;
stripe.events.retrieve.restore();
});
});
describe('group plan subscription', () => {
it('throws an error if the group is not found', async () => {
const customerId = 456;
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
data: {
object: {
plan: {
id: 'group_monthly',
},
customer: customerId,
},
},
});
await expect(stripePayments.handleWebhooks({requestBody: {}}, stripe)).to.eventually.be.rejectedWith({
message: i18n.t('groupNotFound'),
httpCode: 404,
name: 'NotFound',
});
expect(stripe.customers.del).to.not.have.been.called;
expect(payments.cancelSubscription).to.not.have.been.called;
stripe.events.retrieve.restore();
});
it('throws an error if the group leader is not found', async () => {
const customerId = 456;
let subscriber = generateGroup({
name: 'test group',
type: 'guild',
privacy: 'public',
leader: uuid(),
});
subscriber.purchased.plan.customerId = customerId;
subscriber.purchased.plan.paymentMethod = 'Stripe';
await subscriber.save();
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
data: {
object: {
plan: {
id: 'group_monthly',
},
customer: customerId,
},
},
});
await expect(stripePayments.handleWebhooks({requestBody: {}}, stripe)).to.eventually.be.rejectedWith({
message: i18n.t('userNotFound'),
httpCode: 404,
name: 'NotFound',
});
expect(stripe.customers.del).to.not.have.been.called;
expect(payments.cancelSubscription).to.not.have.been.called;
stripe.events.retrieve.restore();
});
it('deletes the customer on Stripe and calls payments.cancelSubscription', async () => {
const customerId = '456';
let leader = new User();
await leader.save();
let subscriber = generateGroup({
name: 'test group',
type: 'guild',
privacy: 'public',
leader: leader._id,
});
subscriber.purchased.plan.customerId = customerId;
subscriber.purchased.plan.paymentMethod = 'Stripe';
await subscriber.save();
sinon.stub(stripe.events, 'retrieve').returnsPromise().resolves({
id: 123,
type: eventType,
data: {
object: {
plan: {
id: 'group_monthly',
},
customer: customerId,
},
},
});
await stripePayments.handleWebhooks({requestBody: {}}, stripe);
expect(stripe.customers.del).to.have.been.calledOnce;
expect(stripe.customers.del).to.have.been.calledWith(customerId);
expect(payments.cancelSubscription).to.have.been.calledOnce;
let cancelSubscriptionOpts = payments.cancelSubscription.lastCall.args[0];
expect(cancelSubscriptionOpts.user._id).to.equal(leader._id);
expect(cancelSubscriptionOpts.paymentMethod).to.equal('Stripe');
expect(cancelSubscriptionOpts.groupId).to.equal(subscriber._id);
stripe.events.retrieve.restore();
});
});
});
});
});

16
website/common/script/content/subscriptionBlocks.js
View File

@@ -3,35 +3,47 @@ import each from 'lodash/each';
let subscriptionBlocks = {
basic_earned: {
target: 'user',
canSubscribe: true,
months: 1,
price: 5,
},
basic_3mo: {
target: 'user',
canSubscribe: true,
months: 3,
price: 15,
},
basic_6mo: {
target: 'user',
canSubscribe: true,
months: 6,
price: 30,
},
google_6mo: {
target: 'user',
canSubscribe: true,
months: 6,
price: 24,
discount: true,
original: 30,
},
basic_12mo: {
target: 'user',
canSubscribe: true,
months: 12,
price: 48,
},
group_monthly: {
type: 'group',
target: 'group',
canSubscribe: true,
months: 1,
price: 9,
quantity: 3, // Default quantity for Stripe - The same as having 3 user subscriptions
},
group_plan_auto: {
type: 'group',
target: 'user',
canSubscribe: false,
months: 0,
price: 0,
quantity: 1,

10
website/server/controllers/top-level/payments/stripe.js
View File

@@ -87,4 +87,14 @@ api.subscribeCancel = {
},
};
api.handleWebhooks = {
method: 'POST',
url: '/stripe/webhooks',
async handler (req, res) {
await stripePayments.handleWebhooks({requestBody: req.body});
return res.respond(200, {});
},
};
module.exports = api;

71
website/server/libs/stripePayments.js
View File

@@ -2,7 +2,7 @@ import stripeModule from 'stripe';
import nconf from 'nconf';
import cc from 'coupon-code';
import moment from 'moment';
import logger from './logger';
import {
BadRequest,
NotAuthorized,
@@ -270,4 +270,73 @@ api.chargeForAdditionalGroupMember = async function chargeForAdditionalGroupMemb
group.purchased.plan.quantity = group.memberCount + plan.quantity - 1;
};
/**
* Handle webhooks from stripes
*
* @param options
* @param options.user The user object who is purchasing
* @param options.groupId The id of the group purchasing a subscription
*
* @return undefined
*/
api.handleWebhooks = async function handleWebhooks (options, stripeInc) {
let {requestBody} = options;
// @TODO: We need to mock this, but curently we don't have correct Dependency Injection. And the Stripe Api doesn't seem to be a singleton?
let stripeApi = stripe;
if (stripeInc) stripeApi = stripeInc;
// Verify the event by fetching it from Stripe
const event = await stripeApi.events.retrieve(requestBody.id);
switch (event.type) {
case 'customer.subscription.deleted': {
// event.request === null means that the user itself cancelled the subscrioption,
// the cancellation on our side has been already handled
if (event.request === null) break;
const subscription = event.data.object;
const customerId = subscription.customer;
const isGroupSub = shared.content.subscriptionBlocks[subscription.plan.id].target === 'group';
let user;
let groupId;
if (isGroupSub) {
let groupFields = basicGroupFields.concat(' purchased');
let group = await Group.findOne({
'purchased.plan.customerId': customerId,
'purchased.plan.paymentMethod': this.constants.PAYMENT_METHOD,
}).select(groupFields).exec();
if (!group) throw new NotFound(i18n.t('groupNotFound'));
groupId = group._id;
user = await User.findById(group.leader).exec();
} else {
user = await User.findOne({
'purchased.plan.customerId': customerId,
'purchased.plan.paymentMethod': this.constants.PAYMENT_METHOD,
}).exec();
}
if (!user) throw new NotFound(i18n.t('userNotFound'));
await stripeApi.customers.del(customerId);
await payments.cancelSubscription({
user,
groupId,
paymentMethod: this.constants.PAYMENT_METHOD,
});
break;
}
default: {
logger.error(new Error(`Missing handler for Stripe webhook ${event.type}`), {event});
}
}
};
module.exports = api;

2
website/views/options/settings/subscription.jade
View File

@@ -31,7 +31,7 @@ script(id='partials/options.settings.subscription.html',type='text/ng-template',
div(ng-if='!user.purchased.plan.customerId || (user.purchased.plan.customerId && user.purchased.plan.dateTerminated)')
h4(ng-if='(user.purchased.plan.customerId && user.purchased.plan.dateTerminated)')= env.t("resubscribe")
.form-group.reduce-top-margin
.radio(ng-repeat='block in Content.subscriptionBlocks | toArray | omit: "discount==true" | orderBy:"months"', ng-if="block.type !== 'group'")
.radio(ng-repeat='block in Content.subscriptionBlocks | toArray | omit: "discount==true" | orderBy:"months"', ng-if="block.target !== 'group' && block.canSubscribe === true")
label
input(type="radio", name="subRadio", ng-value="block.key", ng-model='_subscription.key')
span(ng-show='block.original')