reji 1.0.0

data/Rakefile

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'rubygems'
+require 'bundler/setup'
+require 'bundler/gem_tasks'
+
+require 'rake'
+require 'rspec/core/rake_task'
+
+namespace :dummy do
+  require_relative 'spec/dummy/application'
+  Dummy::Application.load_tasks
+end
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new('spec') do |task|
+  task.verbose = false
+end
+
+desc 'Run the specs and acceptance tests'
+task default: %w(spec)

data/app/controllers/reji/payment_controller.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Reji
+  class PaymentController < ActionController::Base
+    before_action :verify_redirect_url
+
+    def show
+      @stripe_key = Reji.configuration.key
+
+      @payment = Reji::Payment.new(
+        Stripe::PaymentIntent.retrieve(
+          params[:id], Reji.stripe_options
+        )
+      )
+
+      @redirect = params[:redirect]
+
+      render template: 'payment'
+    end
+
+    private
+
+    def verify_redirect_url
+      return if params[:redirect].blank?
+
+      url = URI(params[:redirect])
+
+      raise ActionController::Forbidden.new('Redirect host mismatch.') if url.host.blank? || url.host != URI(request.original_url).host
+    end
+  end
+end

data/app/controllers/reji/webhook_controller.rb

@@ -0,0 +1,170 @@
+# frozen_string_literal: true
+
+module Reji
+  class WebhookController < ActionController::Base
+    before_action :verify_webhook_signature
+
+    def handle_webhook
+      payload = JSON.parse(request.body.read)
+
+      type = payload['type']
+
+      return self.missing_method if type.nil?
+
+      method = "handle_#{payload['type'].gsub('.', '_')}"
+
+      self.respond_to?(method, true) ?
+        self.send(method, payload) :
+        self.missing_method
+    end
+
+    protected
+
+    # Handle customer subscription updated.
+    def handle_customer_subscription_updated(payload)
+      user = self.get_user_by_stripe_id(payload.dig('data', 'object', 'customer'))
+
+      return self.success_method if user.nil?
+
+      data = payload.dig('data', 'object')
+
+      return self.success_method if data.nil?
+
+      user.subscriptions
+        .select { |subscription| subscription.stripe_id == data['id'] }
+        .each do |subscription|
+          if data['status'] == 'incomplete_expired'
+            subscription.items.destroy_all
+            subscription.destroy
+
+            return self.success_method
+          end
+
+          # Plan...
+          subscription.stripe_plan = data.dig('plan', 'id')
+
+          # Quantity...
+          subscription.quantity = data['quantity']
+
+          # Trial ending date...
+          unless data['trial_end'].nil?
+            if subscription.trial_ends_at.nil? || subscription.trial_ends_at.to_i != data['trial_end']
+              subscription.trial_ends_at = Time.at(data['trial_end'])
+            end
+          end
+
+          # Cancellation date...
+          unless data['cancel_at_period_end'].nil?
+            if data['cancel_at_period_end']
+              subscription.ends_at = subscription.on_trial ?
+                subscription.trial_ends_at :
+                Time.at(data['cancel_at_period_end'])
+            else
+              subscription.ends_at = nil
+            end
+          end
+
+          # Status...
+          unless data['status'].nil?
+            subscription.stripe_status = data['status']
+          end
+
+          subscription.save
+
+          # Update subscription items...
+          if data.key?('items')
+            plans = []
+
+            items = data.dig('items', 'data')
+
+            unless items.blank?
+              items.each do |item|
+                plans << item.dig('plan', 'id')
+
+                subscription_item = subscription.items.find_or_create_by({:stripe_id => item['id']}) do |subscription_item|
+                  subscription_item.stripe_plan = item.dig('plan', 'id')
+                  subscription_item.quantity = item['quantity']
+                end
+              end
+            end
+
+            # Delete items that aren't attached to the subscription anymore...
+            subscription.items.where('stripe_plan NOT IN (?)', plans).destroy_all
+          end
+        end
+
+      self.success_method
+    end
+
+    # Handle a cancelled customer from a Stripe subscription.
+    def handle_customer_subscription_deleted(payload)
+      user = self.get_user_by_stripe_id(payload.dig('data', 'object', 'customer'))
+
+      unless user.nil?
+        user.subscriptions
+          .select { |subscription| subscription.stripe_id == payload.dig('data', 'object', 'id') }
+          .each { |subscription| subscription.mark_as_cancelled }
+      end
+
+      self.success_method
+    end
+
+    # Handle customer updated.
+    def handle_customer_updated(payload)
+      user = self.get_user_by_stripe_id(payload.dig('data', 'object', 'id'))
+
+      user.update_default_payment_method_from_stripe unless user.nil?
+
+      self.success_method
+    end
+
+    # Handle deleted customer.
+    def handle_customer_deleted(payload)
+      user = self.get_user_by_stripe_id(payload.dig('data', 'object', 'id'))
+
+      unless user.nil?
+        user.subscriptions.each { |subscription| subscription.skip_trial.mark_as_cancelled }
+
+        user.update({
+          :stripe_id => nil,
+          :trial_ends_at => nil,
+          :card_brand => nil,
+          :card_last_four => nil,
+        })
+      end
+
+      self.success_method
+    end
+
+    # Get the billable entity instance by Stripe ID.
+    def get_user_by_stripe_id(stripe_id)
+      Reji.find_billable(stripe_id)
+    end
+
+    # Handle successful calls on the controller.
+    def success_method
+      render plain: 'Webhook Handled', status: 200
+    end
+
+    # Handle calls to missing methods on the controller.
+    def missing_method
+      head :ok
+    end
+
+    private
+
+    def verify_webhook_signature
+      return if Reji.configuration.webhook[:secret].blank?
+
+      begin
+        Stripe::Webhook.construct_event(
+          request.body.read,
+          request.env['HTTP_STRIPE_SIGNATURE'],
+          Reji.configuration.webhook[:secret],
+        )
+      rescue Stripe::SignatureVerificationError => e
+        raise AccessDeniedHttpError.new(e.message)
+      end
+    end
+  end
+end

data/app/views/payment.html.erb

@@ -0,0 +1,228 @@
+<!DOCTYPE html>
+<html lang="<%= I18n.locale %>" class="h-full">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+
+  <title>Payment Confirmation</title>
+
+  <link href="https://unpkg.com/tailwindcss@^1.0/dist/tailwind.min.css" rel="stylesheet">
+
+  <script src="https://cdn.jsdelivr.net/npm/vue@2.6.10/dist/vue.min.js"></script>
+  <script src="https://js.stripe.com/v3"></script>
+</head>
+<body class="font-sans text-gray-600 bg-gray-200 leading-normal p-4 h-full">
+  <div id="app" class="h-full md:flex md:justify-center md:items-center">
+    <div class="w-full max-w-lg">
+      <!-- Status Messages -->
+      <p class="flex items-center mb-4 bg-red-100 border border-red-200 px-5 py-2 rounded-lg text-red-500" v-if="errorMessage">
+        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" class="flex-shrink-0 w-6 h-6">
+          <path class="fill-current text-red-300" d="M12 2a10 10 0 1 1 0 20 10 10 0 0 1 0-20z"/>
+          <path class="fill-current text-red-500" d="M12 18a1.5 1.5 0 1 1 0-3 1.5 1.5 0 0 1 0 3zm1-5.9c-.13 1.2-1.88 1.2-2 0l-.5-5a1 1 0 0 1 1-1.1h1a1 1 0 0 1 1 1.1l-.5 5z"/>
+        </svg>
+
+        <span class="ml-3">@{{ errorMessage }}</span>
+      </p>
+
+      <p class="flex items-center mb-4 bg-green-100 border border-green-200 px-5 py-4 rounded-lg text-green-700" v-if="paymentProcessed && successMessage">
+        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" class="flex-shrink-0 w-6 h-6">
+          <circle cx="12" cy="12" r="10" class="fill-current text-green-300"/>
+          <path class="fill-current text-green-500" d="M10 14.59l6.3-6.3a1 1 0 0 1 1.4 1.42l-7 7a1 1 0 0 1-1.4 0l-3-3a1 1 0 0 1 1.4-1.42l2.3 2.3z"/>
+        </svg>
+
+        <span class="ml-3">@{{ successMessage }}</span>
+      </p>
+
+      <div class="bg-white rounded-lg shadow-xl p-4 sm:py-6 sm:px-10 mb-5">
+        <% if @payment.is_succeeded %>
+          <h1 class="text-xl mt-2 mb-4 text-gray-700">
+            Payment Successful
+          </h1>
+
+          <p class="mb-6">
+            This payment was already successfully confirmed.
+          </p>
+        <% elsif @payment.is_cancelleed %>
+          <h1 class="text-xl mt-2 mb-4 text-gray-700">
+            Payment Cancelled
+          </h1>
+
+          <p class="mb-6">
+            This payment was cancelled.
+          </p>
+        <% else %>
+          <div id="payment-elements" v-if="! paymentProcessed">
+            <!-- Payment Method Form -->
+            <div v-show="requiresPaymentMethod">
+              <!-- Instructions -->
+              <h1 class="text-xl mt-2 mb-4 text-gray-700">
+                Confirm your <%= @payment.amount %> payment
+              </h1>
+
+              <p class="mb-6">
+                Extra confirmation is needed to process your payment. Please confirm your payment by filling out your payment details below.
+              </p>
+
+              <!-- Name -->
+              <label for="cardholder-name" class="inline-block text-sm text-gray-700 font-semibold mb-2">
+                Full name
+              </label>
+
+              <input
+                id="cardholder-name"
+                type="text" placeholder="Jane Doe"
+                required
+                class="inline-block bg-gray-200 border border-gray-400 rounded-lg w-full px-4 py-3 mb-3 focus:outline-none"
+                v-model="name"
+              />
+
+              <!-- Card -->
+              <label for="card-element" class="inline-block text-sm text-gray-700 font-semibold mb-2">
+                Card
+              </label>
+
+              <div id="card-element" class="bg-gray-200 border border-gray-400 rounded-lg p-4 mb-6"></div>
+
+              <!-- Pay Button -->
+              <button
+                id="card-button"
+                class="inline-block w-full px-4 py-3 mb-4 text-white rounded-lg hover:bg-blue-500"
+                :class="{ 'bg-blue-400': paymentProcessing, 'bg-blue-600': ! paymentProcessing }"
+                @click="addPaymentMethod"
+                :disabled="paymentProcessing"
+              >
+                Pay <%= @payment.amount %>
+              </button>
+            </div>
+          </div>
+        <% end %>
+
+        <button @click="goBack" ref="goBackButton" data-redirect="<%= @redirect || '/' %>"
+          class="inline-block w-full px-4 py-3 bg-gray-200 hover:bg-gray-300 text-center text-gray-700 rounded-lg">
+          Go back
+        </button>
+      </div>
+
+      <p class="text-center text-gray-500 text-sm">
+        © <%= Time.now.year %>. All rights reserved.
+      </p>
+    </div>
+  </div>
+
+  <script>
+    window.stripe = Stripe('<%= @stripe_key %>');
+
+    var app = new Vue({
+      el: '#app',
+
+      data: {
+        name: '',
+        cardElement: null,
+        paymentProcessing: false,
+        paymentProcessed: false,
+        requiresPaymentMethod: <%= @payment.requires_payment_method ? 'true' : 'false' %>,
+        requiresAction: <%= @payment.requires_action ? 'true' : 'false' %>,
+        successMessage: '',
+        errorMessage: ''
+      },
+
+      <% if ! @payment.is_succeeded && ! @payment.is_cancelleed && ! @payment.requires_action %>
+      mounted: function () {
+        this.configureStripe();
+      },
+      <% end %>
+
+      methods: {
+        addPaymentMethod: function () {
+          var self = this;
+
+          this.paymentProcessing = true;
+          this.paymentProcessed = false;
+          this.successMessage = '';
+          this.errorMessage = '';
+
+          stripe.confirmCardPayment(
+            '<%= @payment.client_secret %>', {
+              payment_method: {
+                card: this.cardElement,
+                billing_details: { name: this.name }
+              }
+            }
+          ).then(function (result) {
+            self.paymentProcessing = false;
+
+            if (result.error) {
+              if (result.error.code === 'parameter_invalid_empty' &&
+                result.error.param === 'payment_method_data[billing_details][name]') {
+                self.errorMessage = 'Please provide your name.';
+              } else {
+                self.errorMessage = result.error.message;
+              }
+            } else {
+              self.paymentProcessed = true;
+
+              self.successMessage = 'The payment was successful.';
+            }
+          });
+        },
+
+        confirmPaymentMethod: function () {
+          var self = this;
+
+          this.paymentProcessing = true;
+          this.paymentProcessed = false;
+          this.successMessage = '';
+          this.errorMessage = '';
+
+          stripe.confirmCardPayment(
+            '<%= @payment.client_secret %>', {
+              payment_method: '<%= @payment.payment_method %>'
+            }
+          ).then(function (result) {
+            self.paymentProcessing = false;
+
+            if (result.error) {
+              self.errorMessage = result.error.message;
+
+              if (result.error.code === 'payment_intent_authentication_failure') {
+                self.requestPaymentMethod();
+              }
+            } else {
+              self.paymentProcessed = true;
+
+              self.successMessage = 'The payment was successful.';
+            }
+          });
+        },
+
+        requestPaymentMethod: function () {
+          this.configureStripe();
+
+          this.requiresPaymentMethod = true;
+          this.requiresAction = false;
+        },
+
+        configureStripe: function () {
+          const elements = stripe.elements();
+
+          this.cardElement = elements.create('card');
+          this.cardElement.mount('#card-element');
+        },
+
+        goBack: function () {
+          var self = this;
+          var button = this.$refs.goBackButton;
+          var redirect = button.dataset.redirect;
+
+          if (self.successMessage || self.errorMessage) {
+            redirect.searchParams.append('message', self.successMessage ? self.successMessage : self.errorMessage);
+            redirect.searchParams.append('success', !! self.successMessage);
+          }
+
+          window.location.href = redirect;
+        },
+      },
+    })
+  </script>
+</body>
+</html>