mirror of
https://github.com/HabitRPG/habitica.git
synced 2025-12-14 21:27:23 +01:00
6d34319455
* upgrade stripe module * switch stripe api to latest version * fix api version in tests * start upgrading client and server * client: switch to redirect * implement checkout session creation for gems, start implementing webhooks * stripe: start refactoring one time payments * working gems and gift payments * start adding support for subscriptions * stripe: migrate subscriptions and fix cancelling sub * allow upgrading group plans * remove console.log statements * group plans: upgrade from static page / create new one * fix #11885, correct group plan modal title * silence more stripe webhooks * fix group plans redirects * implement editing payment method * start cleaning up code * fix(stripe): update in-code docs, fix eslint issues * subscriptions tests * remove and skip old tests * skip integration tests * fix client build * stripe webhooks: throw error if request fails * subscriptions: correctly pass groupId * remove console.log * stripe: add unit tests for one time payments * wip: stripe checkout tests * stripe createCheckoutSession unit tests * stripe createCheckoutSession unit tests * stripe createCheckoutSession unit tests (editing card) * fix existing webhooks tests * add new webhooks tests * add more webhooks tests * fix lint * stripe integration tests * better error handling when retrieving customer from stripe * client: remove unused strings and improve error handling * payments: limit gift message length (server) * payments: limit gift message length (client) * fix redirects when payment is cancelled * add back "subUpdateCard" string * fix redirects when editing a sub card, use proper names for products, check subs when gifting
118 lines
3.2 KiB
JavaScript
118 lines
3.2 KiB
JavaScript
import shared from '../../../../common';
|
|
import {
|
|
authWithHeaders,
|
|
} from '../../../middlewares/auth';
|
|
import stripePayments from '../../../libs/payments/stripe';
|
|
|
|
const api = {};
|
|
|
|
/**
|
|
* @apiIgnore Payments are considered part of the private API
|
|
* @api {post} /stripe/checkout-session Create a Stripe Checkout Session
|
|
* @apiName StripeCheckout
|
|
* @apiGroup Payments
|
|
*
|
|
* @apiParam (Body) {String} [gemsBlock] If purchasing a gem block, its key
|
|
* @apiParam (Body) {Object} [gift] The gift object
|
|
* @apiParam (Body) {String} [sub] If purchasing a subscription, its key
|
|
* @apiParam (Body) {UUID} [groupId] If purchasing a group plan, the group id
|
|
* @apiParam (Body) {String} [coupon] Subscription Coupon
|
|
*
|
|
* @apiSuccess {String} data.sessionId The created checkout session id
|
|
* */
|
|
api.createCheckoutSession = {
|
|
method: 'POST',
|
|
url: '/stripe/checkout-session',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
const { user } = res.locals;
|
|
const {
|
|
gift, sub: subKey, gemsBlock, coupon, groupId,
|
|
} = req.body;
|
|
|
|
const sub = subKey ? shared.content.subscriptionBlocks[subKey] : false;
|
|
|
|
const session = await stripePayments.createCheckoutSession({
|
|
user, gemsBlock, gift, sub, groupId, coupon,
|
|
});
|
|
|
|
res.respond(200, {
|
|
sessionId: session.id,
|
|
});
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @apiIgnore Payments are considered part of the private API
|
|
* @api {post} /stripe/subscribe/edit Edit Stripe subscription
|
|
* @apiName StripeSubscribeEdit
|
|
* @apiGroup Payments
|
|
*
|
|
* @apiParam (Body) {UUID} [groupId] If editing a group plan, the group id
|
|
*
|
|
* @apiSuccess {String} data.sessionId The created checkout session id
|
|
* */
|
|
api.subscribeEdit = {
|
|
method: 'POST',
|
|
url: '/stripe/subscribe/edit',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
const { groupId } = req.body;
|
|
const { user } = res.locals;
|
|
|
|
const session = await stripePayments.createEditCardCheckoutSession({ groupId, user });
|
|
|
|
res.respond(200, {
|
|
sessionId: session.id,
|
|
});
|
|
},
|
|
};
|
|
|
|
/**
|
|
* @apiIgnore Payments are considered part of the private API
|
|
* @api {get} /stripe/subscribe/cancel Cancel Stripe subscription
|
|
* @apiName StripeSubscribeCancel
|
|
* @apiGroup Payments
|
|
*
|
|
* @apiParam (Body) {UUID} [groupId] If editing a group plan, the group id
|
|
*
|
|
* */
|
|
api.subscribeCancel = {
|
|
method: 'GET',
|
|
url: '/stripe/subscribe/cancel',
|
|
middlewares: [authWithHeaders()],
|
|
async handler (req, res) {
|
|
const { user } = res.locals;
|
|
const { groupId } = req.query;
|
|
|
|
await stripePayments.cancelSubscription({ user, groupId });
|
|
|
|
if (req.query.noRedirect) {
|
|
res.respond(200);
|
|
} else {
|
|
res.redirect('/');
|
|
}
|
|
},
|
|
};
|
|
|
|
// NOTE: due to Stripe requirements on validating webhooks, the body is not json parsed
|
|
// for this route, see website/server/middlewares/index.js
|
|
|
|
/**
|
|
* @apiIgnore Payments are considered part of the private API
|
|
* @api {post} /stripe/webhooks Stripe Webhooks handler
|
|
* @apiName StripeHandleWebhooks
|
|
* @apiGroup Payments
|
|
* */
|
|
api.handleWebhooks = {
|
|
method: 'POST',
|
|
url: '/stripe/webhooks',
|
|
async handler (req, res) {
|
|
await stripePayments.handleWebhooks({ body: req.body, headers: req.headers });
|
|
|
|
return res.respond(200, {});
|
|
},
|
|
};
|
|
|
|
export default api;
|