mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-16 22:27:26 +01:00
filter stripe webhooks for correct server (#15320)
Co-authored-by: Kalista Payne <sabrecat@gmail.com>
This commit is contained in:
Phillip Thelen
GitHub
@@ -51,6 +51,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
gift: undefined,
|
gift: undefined,
|
||||||
sub: undefined,
|
sub: undefined,
|
||||||
gemsBlock: gemsBlockKey,
|
gemsBlock: gemsBlockKey,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
expect(gems.validateGiftMessage).to.not.be.called;
|
expect(gems.validateGiftMessage).to.not.be.called;
|
||||||
@@ -101,6 +102,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
gift: JSON.stringify(gift),
|
gift: JSON.stringify(gift),
|
||||||
sub: undefined,
|
sub: undefined,
|
||||||
gemsBlock: undefined,
|
gemsBlock: undefined,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
expect(gems.validateGiftMessage).to.be.calledOnce;
|
expect(gems.validateGiftMessage).to.be.calledOnce;
|
||||||
@@ -155,6 +157,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
gift: JSON.stringify(gift),
|
gift: JSON.stringify(gift),
|
||||||
sub: undefined,
|
sub: undefined,
|
||||||
gemsBlock: undefined,
|
gemsBlock: undefined,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
expect(oneTimePayments.getOneTimePaymentInfo).to.be.calledOnce;
|
expect(oneTimePayments.getOneTimePaymentInfo).to.be.calledOnce;
|
||||||
@@ -192,6 +195,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
userId: user._id,
|
userId: user._id,
|
||||||
gift: undefined,
|
gift: undefined,
|
||||||
sub: JSON.stringify(sub),
|
sub: JSON.stringify(sub),
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
expect(subscriptions.checkSubData).to.be.calledOnce;
|
expect(subscriptions.checkSubData).to.be.calledOnce;
|
||||||
@@ -258,6 +262,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
userId: user._id,
|
userId: user._id,
|
||||||
gift: undefined,
|
gift: undefined,
|
||||||
sub: JSON.stringify(sub),
|
sub: JSON.stringify(sub),
|
||||||
|
server_url: BASE_URL,
|
||||||
groupId,
|
groupId,
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -328,8 +333,9 @@ describe('Stripe - Checkout', () => {
|
|||||||
user.purchased.plan.customerId = customerId;
|
user.purchased.plan.customerId = customerId;
|
||||||
|
|
||||||
const metadata = {
|
const metadata = {
|
||||||
userId: user._id,
|
|
||||||
type: 'edit-card-user',
|
type: 'edit-card-user',
|
||||||
|
userId: user._id,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
const res = await createEditCardCheckoutSession({ user }, stripe);
|
const res = await createEditCardCheckoutSession({ user }, stripe);
|
||||||
@@ -418,6 +424,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
const metadata = {
|
const metadata = {
|
||||||
userId: user._id,
|
userId: user._id,
|
||||||
type: 'edit-card-group',
|
type: 'edit-card-group',
|
||||||
|
server_url: BASE_URL,
|
||||||
groupId,
|
groupId,
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -455,6 +462,7 @@ describe('Stripe - Checkout', () => {
|
|||||||
userId: anotherUser._id,
|
userId: anotherUser._id,
|
||||||
type: 'edit-card-group',
|
type: 'edit-card-group',
|
||||||
groupId,
|
groupId,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
const res = await createEditCardCheckoutSession({ user: anotherUser, groupId }, stripe);
|
const res = await createEditCardCheckoutSession({ user: anotherUser, groupId }, stripe);
|
||||||
|
|||||||
@@ -16,6 +16,7 @@ import * as subscriptions from '../../../../../../website/server/libs/payments/s
|
|||||||
const { i18n } = common;
|
const { i18n } = common;
|
||||||
|
|
||||||
describe('Stripe - Webhooks', () => {
|
describe('Stripe - Webhooks', () => {
|
||||||
|
const BASE_URL = nconf.get('BASE_URL');
|
||||||
const stripe = stripeModule('test');
|
const stripe = stripeModule('test');
|
||||||
const endpointSecret = nconf.get('STRIPE_WEBHOOKS_ENDPOINT_SECRET');
|
const endpointSecret = nconf.get('STRIPE_WEBHOOKS_ENDPOINT_SECRET');
|
||||||
const headers = {};
|
const headers = {};
|
||||||
@@ -284,7 +285,9 @@ describe('Stripe - Webhooks', () => {
|
|||||||
const session = {};
|
const session = {};
|
||||||
|
|
||||||
beforeEach(() => {
|
beforeEach(() => {
|
||||||
session.metadata = {};
|
session.metadata = {
|
||||||
|
server_url: BASE_URL,
|
||||||
|
};
|
||||||
event = { type: eventType, data: { object: session } };
|
event = { type: eventType, data: { object: session } };
|
||||||
constructEventStub = sandbox.stub(stripe.webhooks, 'constructEvent');
|
constructEventStub = sandbox.stub(stripe.webhooks, 'constructEvent');
|
||||||
constructEventStub.returns(event);
|
constructEventStub.returns(event);
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ export async function createCheckoutSession (options, stripeInc) {
|
|||||||
userId: user._id,
|
userId: user._id,
|
||||||
gift: gift ? JSON.stringify(gift) : undefined,
|
gift: gift ? JSON.stringify(gift) : undefined,
|
||||||
sub: sub ? JSON.stringify(sub) : undefined,
|
sub: sub ? JSON.stringify(sub) : undefined,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
let lineItems;
|
let lineItems;
|
||||||
@@ -141,6 +142,7 @@ export async function createEditCardCheckoutSession (options, stripeInc) {
|
|||||||
const metadata = {
|
const metadata = {
|
||||||
type,
|
type,
|
||||||
userId: user._id,
|
userId: user._id,
|
||||||
|
server_url: BASE_URL,
|
||||||
};
|
};
|
||||||
|
|
||||||
let customerId;
|
let customerId;
|
||||||
|
|||||||
@@ -19,6 +19,8 @@ import { applySubscription, handlePaymentMethodChange } from './subscriptions';
|
|||||||
|
|
||||||
const endpointSecret = nconf.get('STRIPE_WEBHOOKS_ENDPOINT_SECRET');
|
const endpointSecret = nconf.get('STRIPE_WEBHOOKS_ENDPOINT_SECRET');
|
||||||
|
|
||||||
|
const BASE_URL = nconf.get('BASE_URL');
|
||||||
|
|
||||||
export async function handleWebhooks (options, stripeInc) {
|
export async function handleWebhooks (options, stripeInc) {
|
||||||
const { body, headers } = options;
|
const { body, headers } = options;
|
||||||
|
|
||||||
@@ -67,6 +69,10 @@ export async function handleWebhooks (options, stripeInc) {
|
|||||||
const session = event.data.object;
|
const session = event.data.object;
|
||||||
const { metadata } = session;
|
const { metadata } = session;
|
||||||
|
|
||||||
|
if (metadata.server_url !== BASE_URL) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
if (metadata.type === 'edit-card-group' || metadata.type === 'edit-card-user') {
|
if (metadata.type === 'edit-card-group' || metadata.type === 'edit-card-user') {
|
||||||
await handlePaymentMethodChange(session);
|
await handlePaymentMethodChange(session);
|
||||||
} else if (metadata.type === 'subscription') {
|
} else if (metadata.type === 'subscription') {
|
||||||
|
|||||||
Reference in New Issue
Block a user