whop 1.0.0 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9645be1e4507621dd2c72c4703f31b5145a9b52ccf5b06069165b58a543730c5
-  data.tar.gz: 69670ad752cdb9b4135ff02dfae501e3adc01556aa3d24a0b625b36674bcdaa5
+  metadata.gz: b66a5c1ff726bf0d3142a0d2f3263f990c114f1de42c05dfe3d564d63719e702
+  data.tar.gz: c36bc051232dafa141659f0a11df945f5ce06aa8b852ae37504b752d72ed2cfc
 SHA512:
-  metadata.gz: 85298153f9224db542ed3b3aac8b1095c47b7992d7705614cdd71958dd0a6ecc9820593cfec65fed539933b5919cee0107f95e0a2eac6a1fe2293c30ad05e470
-  data.tar.gz: d41161106975b44aeb0d68fcea0ebb8b9bcc8277f0993bc953a5cb43831b8647f9e90e6f3b1b47cbdc39f3337dce634dd8a0bb001a84d551cf5e6d2e580fa418
+  metadata.gz: 13b4f042216946a03e922f4c7642c6b8a478b3ea95b9c3e727a39e756f989ad7ae6cf248e7dfa74a3101637ea3eef5c9e89acf80d7cd4a322067c0eb4e529cf2
+  data.tar.gz: 417ab6ac4239fbe3bbbdccb3a7bf41326e847152318658449fc92fd74e28b2999ac556a8a27656322235eaf74e3ecafe384191a074a1030b15a6fa07ebef72b6

data/README.md

@@ -1,56 +1,178 @@
-# whop-rails
+# whop
 
-Rails 7+ gem to build embedded Whop apps: token verification, access checks, API client, webhooks, and generators. Mirrors Whop's Next.js app template.
+Build Whop-embedded apps on Rails. This gem mirrors the official Next.js template: verify Whop user tokens, gate access to experiences/companies, handle webhooks, scaffold app views, and call Whop APIs.
 
-## Install
+## Highlights
 
-Add to Gemfile:
+- Token verification (server-side JWT) and controller helpers
+- Access checks (experience/company/access pass)
+- Webhooks engine with signature validation and generators
+- Rails generators for app views (Experience/Dashboard/Discover)
+- Thin HTTP + GraphQL client, with `with_company`/`with_user` scoping
+- Dev conveniences: `whop-dev-user-token`, tolerant webhook verifier
+
+## Requirements
+
+- Ruby 3.2+
+- Rails 7.0+ (Rails 8 supported)
+
+## Installation
+
+1) Add to Gemfile and install
 
 ```ruby
-gem "whop-rails", path: "."
+gem "whop", "~> 1.0"
 ```
 
-Generate initializer and mount webhooks:
-
 ```bash
+bundle install
 bin/rails g whop:install
 ```
 
-Set env vars:
+The installer:
+- Creates `config/initializers/whop.rb` (reads env vars)
+- Mounts `/whop/webhooks`
+- Adds `config/initializers/whop_iframe.rb` so Whop can embed your app (CSP frame-ancestors for `*.whop.com` and removes `X-Frame-Options`).
+
+2) Configure environment variables
 
 - `WHOP_APP_ID`
 - `WHOP_API_KEY`
 - `WHOP_WEBHOOK_SECRET`
-- (optional) `WHOP_AGENT_USER_ID`, `WHOP_COMPANY_ID`
+- Optional: `WHOP_AGENT_USER_ID`, `WHOP_COMPANY_ID`
 
-## Usage
+Tip (dev): use dotenv
+
+```bash
+echo "WHOP_APP_ID=app_xxx
+WHOP_API_KEY=sk_xxx
+WHOP_WEBHOOK_SECRET=whsec_xxx
+WHOP_AGENT_USER_ID=user_xxx
+WHOP_COMPANY_ID=biz_xxx" > .env
+```
+
+## App Views (routes that Whop calls)
+
+Set these in the Whop dashboard (Hosting → App Views):
+
+- Experience View: `/experiences/[experienceId]`
+- Dashboard View: `/dashboard/[companyId]`
+- Discover View: `/discover`
+
+Generate the pages (dynamic IDs provided by Whop; no args needed):
+
+```bash
+bin/rails g whop:scaffold:all
+# or individually
+bin/rails g whop:scaffold:company
+bin/rails g whop:scaffold:experience
+```
+
+The scaffolds include access gating and safe resource fetches (render even if the REST fetch 404s in early dev).
+
+## Controller helpers
 
 ```ruby
 class ExperiencesController < ApplicationController
   include Whop::ControllerHelpers
-  before_action -> { require_whop_access!(experience_id: params[:id]) }
+  before_action -> { require_whop_access!(experience_id: params[:experienceId] || params[:id]) }
 
   def show
     user_id = whop_user_id
-    experience = Whop.client.experiences.get(params[:id])
-    render locals: { user_id:, experience: }
+    exp_id = params[:experienceId] || params[:id]
+    experience = begin
+      Whop.client.experiences.get(exp_id)
+    rescue StandardError
+      { "id" => exp_id }
+    end
+    render :show, locals: { user_id:, experience: }
   end
 end
 ```
 
-Webhooks:
+Dev token override (development only): send `whop-dev-user-token` as a header or query param; if it looks like a JWT it will be verified, otherwise it is treated as a raw `user_id`.
+
+## Webhooks
+
+Mounted at `/whop/webhooks`. Signature validation uses `WHOP_WEBHOOK_SECRET`.
+
+Generate a handler job:
 
 ```bash
 bin/rails g whop:webhooks:handler payment_succeeded
-# POST /whop/webhooks -> verifies signature, enqueues Whop::PaymentSucceededJob
 ```
 
-## Example app template
+Test locally:
 
 ```bash
-rails new whop_app -m examples/rails_app/template.rb --skip-jbuilder --skip-action-mailbox --skip-action-text --skip-active-storage
+cat > payload.json <<'JSON'
+{ "action": "payment.succeeded", "data": { "id": "pay_123", "user_id": "user_123", "final_amount": 1000, "amount_after_fees": 950, "currency": "USD" } }
+JSON
+SIG=$(ruby -ropenssl -e 's=ENV.fetch("WHOP_WEBHOOK_SECRET"); p=File.read("payload.json"); puts "sha256=#{OpenSSL::HMAC.hexdigest("SHA256", s, p)}"')
+curl -i -X POST http://localhost:3000/whop/webhooks \
+  -H "Content-Type: application/json" \
+  -H "X-Whop-Signature: $SIG" \
+  --data-binary @payload.json
+```
+
+## Using the client
+
+```ruby
+# With app/company context from env
+Whop.client.users.get("user_xxx")
+Whop.client.experiences.get("exp_xxx")
+Whop.client.with_company("biz_xxx").companies.get("biz_xxx")
+
+# GraphQL (persisted operations)
+Whop.api.access.check_if_user_has_access_to_experience(userId: "user_xxx", experienceId: "exp_xxx")
+
+# Users
+Whop.api.users.get_current_user
+Whop.api.users.get_user(userId: "user_xxx")
+Whop.api.users.list_user_socials(userId: "user_xxx", first: 10)
+Whop.api.users.ban_user(input: { userId: "user_xxx", reason: "abuse" })
+
+# Payments
+Whop.api.payments.create_checkout_session(input: { planId: "plan_xxx", successUrl: "https://...", cancelUrl: "https://..." })
+Whop.api.payments.charge_user(input: { userId: "user_xxx", amount: 1000, currency: "USD" })
+Whop.api.payments.list_receipts_for_company(companyId: "biz_xxx", first: 20)
+
+# Invoices
+Whop.api.invoices.create_invoice(input: { companyId: "biz_xxx", memberId: "mem_xxx", planId: "plan_xxx" })
+Whop.api.invoices.get_invoice(invoiceId: "inv_xxx", companyId: "biz_xxx")
+
+# Promo Codes
+Whop.api.promo_codes.create_promo_code(input: { planId: "plan_xxx", code: "WELCOME10", percentOff: 10 })
+Whop.api.promo_codes.get_promo_code(code: "WELCOME10", planId: "plan_xxx")
+
+# Apps
+Whop.api.apps.create_app(input: { name: "My App" })
+Whop.api.apps.list_apps(first: 20)
+Whop.api.apps.create_app_build(input: { appId: "app_xxx", version: "1.0.0" })
+
+# Webhooks (server-only)
+Whop.api.webhooks.create_webhook(input: { url: "https://example.com/webhook", events: ["payment_succeeded"], apiVersion: "v2" })
+Whop.api.webhooks.list_webhooks(first: 20)
+
+# Messages
+Whop.api.messages.find_or_create_chat(input: { userId: "user_xxx" })
+Whop.api.messages.send_message_to_chat(experienceId: "exp_xxx", message: "Hello!")
+
+# Notifications
+Whop.api.notifications.send_push_notification(input: { userId: "user_xxx", title: "Hi", body: "Welcome" })
 ```
 
+## Local preview in Whop
+
+- Run Rails: `bin/rails s`
+- In Whop dev tools, set environment to `localhost`
+- For tunneling, add your ngrok domain to `frame_ancestors` in `whop_iframe.rb`
+
+## Versioning & support
+
+- Add `gem "whop", "~> 1.0"` to stay within v1.x.
+- Issues and PRs welcome.
+
 ## License
 
 MIT

data/lib/whop/access.rb

@@ -5,31 +5,73 @@ module Whop
       @client = client
     end
 
+    QUERY_EXPERIENCE = <<~GRAPHQL
+      query checkIfUserHasAccessToExperience($experienceId: ID!, $userId: ID) {
+        hasAccessToExperience(experienceId: $experienceId, userId: $userId) {
+          hasAccess
+          accessLevel
+        }
+      }
+    GRAPHQL
+
+    QUERY_ACCESS_PASS = <<~GRAPHQL
+      query checkIfUserHasAccessToAccessPass($accessPassId: ID!, $userId: ID) {
+        hasAccessToAccessPass(accessPassId: $accessPassId, userId: $userId) {
+          hasAccess
+          accessLevel
+        }
+      }
+    GRAPHQL
+
+    QUERY_COMPANY = <<~GRAPHQL
+      query checkIfUserHasAccessToCompany($companyId: ID!, $userId: ID) {
+        hasAccessToCompany(companyId: $companyId, userId: $userId) {
+          hasAccess
+          accessLevel
+        }
+      }
+    GRAPHQL
+
     def user_has_access_to_experience?(user_id:, experience_id:)
-      data = @client.graphql("CheckIfUserHasAccessToExperience", { userId: user_id, experienceId: experience_id })
+      data = @client.graphql_query(
+        "checkIfUserHasAccessToExperience",
+        QUERY_EXPERIENCE,
+        { userId: user_id, experienceId: experience_id }
+      )
       extract_access_boolean(data)
     end
 
     def user_has_access_to_access_pass?(user_id:, access_pass_id:)
-      data = @client.graphql("CheckIfUserHasAccessToAccessPass", { userId: user_id, accessPassId: access_pass_id })
+      data = @client.graphql_query(
+        "checkIfUserHasAccessToAccessPass",
+        QUERY_ACCESS_PASS,
+        { userId: user_id, accessPassId: access_pass_id }
+      )
       extract_access_boolean(data)
     end
 
     def user_has_access_to_company?(user_id:, company_id:)
-      data = @client.graphql("CheckIfUserHasAccessToCompany", { userId: user_id, companyId: company_id })
+      data = @client.graphql_query(
+        "checkIfUserHasAccessToCompany",
+        QUERY_COMPANY,
+        { userId: user_id, companyId: company_id }
+      )
       extract_access_boolean(data)
     end
 
     private
 
     def extract_access_boolean(graphql_result)
-      if graphql_result.is_a?(Hash)
-        data = graphql_result["data"] || graphql_result
-        key = %w[hasAccessToExperience hasAccessToAccessPass hasAccessToCompany].find { |k| data.key?(k) rescue false }
-        payload = key ? data[key] : data
-        return payload["hasAccess"] if payload.is_a?(Hash) && payload.key?("hasAccess")
-      end
-      !!graphql_result
+      return false unless graphql_result.is_a?(Hash)
+      data = graphql_result["data"] || graphql_result
+      return false unless data.is_a?(Hash)
+
+      key = %w[hasAccessToExperience hasAccessToAccessPass hasAccessToCompany].find { |k| data.key?(k) rescue false }
+      payload = key ? data[key] : data
+
+      return payload["hasAccess"] if payload.is_a?(Hash) && payload.key?("hasAccess")
+      return payload if payload == true || payload == false
+      false
     end
   end
 end

data/lib/whop/client.rb

@@ -25,28 +25,68 @@ module Whop
 
     # REST helpers
     def get(path, params: nil)
-      response = connection.get(path) do |req|
-        req.params.update(params) if params
+      with_error_mapping do
+        response = connection.get(path) do |req|
+          req.params.update(params) if params
+        end
+        parse_response!(response)
       end
-      parse_response!(response)
     end
 
     def post(path, json: nil)
-      response = connection.post(path) do |req|
-        req.headers["Content-Type"] = "application/json"
-        req.body = JSON.generate(json) if json
+      with_error_mapping do
+        response = connection.post(path) do |req|
+          req.headers["Content-Type"] = "application/json"
+          req.body = JSON.generate(json) if json
+        end
+        parse_response!(response)
       end
-      parse_response!(response)
     end
 
     # GraphQL (persisted operations by operationName)
     def graphql(operation_name, variables = {})
-      response = Faraday.post("#{config.api_base_url}/public-graphql") do |req|
-        apply_common_headers(req.headers)
-        req.headers["Content-Type"] = "application/json"
-        req.body = JSON.generate({ operationName: operation_name, variables: variables })
+      with_error_mapping do
+        response = Faraday.post("#{config.api_base_url}/public-graphql") do |req|
+          apply_common_headers(req.headers)
+          req.headers["Content-Type"] = "application/json"
+          req.body = JSON.generate({ operationName: operation_name, variables: variables })
+        end
+        parse_response!(response)
+      end
+    end
+
+    # GraphQL with inline query string (non-persisted). Useful when operationId is unavailable.
+    def graphql_query(operation_name, query_string, variables = {})
+      with_error_mapping do
+        response = Faraday.post("#{config.api_base_url}/public-graphql") do |req|
+          apply_common_headers(req.headers)
+          req.headers["Content-Type"] = "application/json"
+          req.body = JSON.generate({ operationName: operation_name, query: query_string, variables: variables })
+        end
+        parse_response!(response)
       end
-      parse_response!(response)
+    end
+
+    # Simple GraphQL auto-pagination helper.
+    # Expects a query that returns { pageInfo: { hasNextPage, endCursor }, nodes: [...] } under a known path.
+    # Usage:
+    #   Whop.client.graphql_each_page("listReceiptsForCompany", { companyId: "biz" }, path: ["company", "receipts"]) { |node| ... }
+    def graphql_each_page(operation_name, variables, path:, first: 50, &block)
+      raise ArgumentError, "path must be an Array of keys" unless path.is_a?(Array) && !path.empty?
+      cursor = nil
+      loop do
+        page_vars = variables.merge({ first: first })
+        page_vars[:after] = cursor if cursor
+        data = graphql(operation_name, page_vars)
+        segment = dig_hash(data, "data", *path)
+        break unless segment.is_a?(Hash)
+        nodes = segment["nodes"] || []
+        nodes.each { |n| yield n } if block_given?
+        page_info = segment["pageInfo"] || {}
+        break unless page_info["hasNextPage"]
+        cursor = page_info["endCursor"]
+      end
+      nil
     end
 
     # Resources
@@ -86,8 +126,9 @@ module Whop
     def parse_response!(response)
       body = response.body
       json = parse_body_safely(body)
-      if response.status.to_i >= 400
-        raise Error, "Whop API error (#{response.status}): #{json.inspect}"
+      status = response.status.to_i
+      if status >= 400
+        raise map_status_error(status, json)
       end
       json
     end
@@ -163,13 +204,59 @@ module Whop
 
     def extract_access_boolean(graphql_result)
       # Attempt to locate the access payload; tolerate schema variants
-      if graphql_result.is_a?(Hash)
-        data = graphql_result["data"] || graphql_result
-        key = %w[hasAccessToExperience hasAccessToAccessPass hasAccessToCompany].find { |k| data.key?(k) rescue false }
-        payload = key ? data[key] : data
-        return payload["hasAccess"] if payload.is_a?(Hash) && payload.key?("hasAccess")
+      return false unless graphql_result.is_a?(Hash)
+      data = graphql_result["data"] || graphql_result
+      return false unless data.is_a?(Hash)
+
+      key = %w[hasAccessToExperience hasAccessToAccessPass hasAccessToCompany].find { |k| data.key?(k) rescue false }
+      payload = key ? data[key] : data
+      return payload["hasAccess"] if payload.is_a?(Hash) && payload.key?("hasAccess")
+      return payload if payload == true || payload == false
+      false
+    end
+  end
+end
+
+module Whop
+  class Client
+    private
+
+    def with_error_mapping
+      yield
+    rescue Faraday::TimeoutError => e
+      raise APITimeoutError.new("Request timed out", cause: e)
+    rescue Faraday::ConnectionFailed => e
+      raise APIConnectionError.new("Connection failed", cause: e)
+    rescue Faraday::SSLError => e
+      raise APIConnectionError.new("SSL error", cause: e)
+    rescue Faraday::Error => e
+      raise APIConnectionError.new(e.message, cause: e)
+    end
+
+    def map_status_error(status, body)
+      message = body.is_a?(String) ? body : body.inspect
+      case status.to_i
+      when 400 then BadRequestError.new(status, message, body: body)
+      when 401 then AuthenticationError.new(status, message, body: body)
+      when 403 then PermissionDeniedError.new(status, message, body: body)
+      when 404 then NotFoundError.new(status, message, body: body)
+      when 409 then ConflictError.new(status, message, body: body)
+      when 422 then UnprocessableEntityError.new(status, message, body: body)
+      when 429 then RateLimitError.new(status, message, body: body)
+      else
+        if status.to_i >= 500
+          InternalServerError.new(status, message, body: body)
+        else
+          APIStatusError.new(status, message, body: body)
+        end
+      end
+    end
+
+    def dig_hash(obj, *keys)
+      keys.reduce(obj) do |acc, key|
+        return nil unless acc.is_a?(Hash)
+        acc[key]
       end
-      !!graphql_result
     end
   end
 end

data/lib/whop/controller_helpers.rb

@@ -5,7 +5,7 @@ module Whop
     def whop_user_id
       # Primary: verified JWT from header
       token = request.headers["x-whop-user-token"] || request.headers["X-Whop-User-Token"]
-      if token.present?
+      if token && !token.to_s.empty?
         payload = Whop::Token.verify_from_jwt(token)
         app_id = payload["aud"]
         raise Whop::Error, "Invalid app audience" if app_id != (ENV["WHOP_APP_ID"] || Whop.config.app_id)
@@ -15,9 +15,9 @@ module Whop
       # Development fallback: support whop-dev-user-token (header or param)
       if defined?(Rails) && Rails.env.development?
         dev_token = request.get_header("HTTP_WHOP_DEV_USER_TOKEN") || request.headers["whop-dev-user-token"] || params["whop-dev-user-token"] || params[:whop_dev_user_token]
-        if dev_token.present?
+        if dev_token && !dev_token.to_s.empty?
           # If looks like JWT, try to verify; otherwise treat as direct user_id
-          if dev_token.include?(".")
+          if dev_token.to_s.include?(".")
             payload = Whop::Token.verify_from_jwt(dev_token)
             return payload["sub"]
           else
@@ -29,6 +29,27 @@ module Whop
       nil
     end
 
+    # Alias for readability
+    def current_whop_user_id
+      whop_user_id
+    end
+
+    # Ensure a valid Whop user token is present, otherwise raise
+    def require_whop_user!
+      uid = whop_user_id
+      raise Whop::Error, "Missing Whop user token" if uid.nil?
+      uid
+    end
+
+    # Convenience: fetch the current Whop user resource
+    # Uses REST to minimize coupling with GraphQL schema evolution
+    def current_whop_user
+      uid = require_whop_user!
+      Whop.client.users.get(uid)
+    rescue StandardError
+      nil
+    end
+
     def require_whop_access!(experience_id: nil, access_pass_id: nil, company_id: nil)
       uid = whop_user_id
       raise Whop::Error, "Missing Whop user token" if uid.nil?

data/lib/whop/dsl_prelude.rb

@@ -2,21 +2,87 @@ require_relative "dsl"
 
 Whop::DSL.define do
   resource :access do
-    graphql :check_if_user_has_access_to_experience, operation: "CheckIfUserHasAccessToExperience", args: %i[userId experienceId]
-    graphql :check_if_user_has_access_to_access_pass, operation: "CheckIfUserHasAccessToAccessPass", args: %i[userId accessPassId]
-    graphql :check_if_user_has_access_to_company, operation: "CheckIfUserHasAccessToCompany", args: %i[userId companyId]
+    graphql :check_if_user_has_access_to_experience, operation: "checkIfUserHasAccessToExperience", args: %i[userId experienceId]
+    graphql :check_if_user_has_access_to_access_pass, operation: "checkIfUserHasAccessToAccessPass", args: %i[userId accessPassId]
+    graphql :check_if_user_has_access_to_company, operation: "checkIfUserHasAccessToCompany", args: %i[userId companyId]
   end
 
   resource :users do
     rest_get :get, path: "/v5/users/:userId", args: %i[userId]
+    # GraphQL user helpers (mirror TS SDK)
+    graphql :get_current_user, operation: "getCurrentUser", args: []
+    graphql :get_user, operation: "getUser", args: %i[userId]
+    graphql :get_user_ledger_account, operation: "getUserLedgerAccount", args: []
+    graphql :list_user_socials, operation: "listUserSocials", args: %i[userId after before first last]
+    graphql :ban_user, operation: "banUser", args: %i[input]
+    graphql :unban_user, operation: "unbanUser", args: %i[input]
+    graphql :mute_user, operation: "muteUser", args: %i[input]
+    graphql :unmute_user, operation: "unmuteUser", args: %i[input]
   end
 
   resource :experiences do
     rest_get :get, path: "/v5/experiences/:experienceId", args: %i[experienceId]
+    graphql :list_experiences, operation: "listExperiences", args: %i[first after]
+    graphql :get_experience, operation: "getExperience", args: %i[experienceId]
   end
 
   resource :companies do
     rest_get :get, path: "/v5/companies/:companyId", args: %i[companyId]
+    graphql :get_company, operation: "getCompany", args: %i[companyId]
+    graphql :get_company_ledger_account, operation: "getCompanyLedgerAccount", args: %i[companyId]
+    graphql :list_company_members, operation: "listMembers", args: %i[companyId first after]
+  end
+
+  resource :payments do
+    graphql :create_checkout_session, operation: "createCheckoutSession", args: %i[input]
+    graphql :charge_user, operation: "chargeUser", args: %i[input]
+    graphql :pay_user, operation: "payUser", args: %i[input]
+    graphql :list_receipts_for_company, operation: "listReceiptsForCompany", args: %i[companyId first after filter]
+  end
+
+  resource :invoices do
+    graphql :create_invoice, operation: "createInvoice", args: %i[input]
+    graphql :get_invoice, operation: "getInvoice", args: %i[invoiceId companyId]
+    graphql :list_invoices, operation: "listInvoices", args: %i[companyId after before first last]
+  end
+
+  resource :promo_codes do
+    graphql :create_promo_code, operation: "createPromoCode", args: %i[input]
+    graphql :delete_promo_code, operation: "deletePromoCode", args: %i[input]
+    graphql :get_promo_code, operation: "getPromoCode", args: %i[code planId]
+    graphql :list_promo_codes, operation: "listPromoCodes", args: %i[first after]
+  end
+
+  resource :apps do
+    graphql :create_app, operation: "createApp", args: %i[input]
+    graphql :update_app, operation: "updateApp", args: %i[input]
+    graphql :get_app, operation: "getApp", args: %i[appId]
+    graphql :list_apps, operation: "listApps", args: %i[first after]
+    graphql :create_app_build, operation: "createAppBuild", args: %i[input]
+    graphql :promote_app_build, operation: "promoteAppBuild", args: %i[input]
+    graphql :unassign_app_build, operation: "unassignAppBuild", args: %i[input]
+    graphql :update_app_permissions, operation: "updateAppPermissions", args: %i[input]
+  end
+
+  resource :webhooks do
+    graphql :create_webhook, operation: "createWebhook", args: %i[input]
+    graphql :update_webhook, operation: "updateWebhook", args: %i[input]
+    graphql :test_webhook, operation: "testWebhook", args: %i[input]
+    graphql :delete_webhook, operation: "deleteWebhook", args: %i[input]
+    graphql :get_webhook, operation: "getWebhook", args: %i[id]
+    graphql :list_webhooks, operation: "listWebhooks", args: %i[first after]
+  end
+
+  resource :messages do
+    graphql :find_or_create_chat, operation: "findOrCreateChat", args: %i[input]
+    graphql :send_message_to_chat, operation: "sendMessageToChat", args: %i[experienceId message attachments]
+    graphql :send_direct_message_to_user, operation: "sendDirectMessageToUser", args: %i[input]
+    graphql :list_direct_message_conversations, operation: "listDirectMessageConversations", args: %i[first after]
+    graphql :list_messages_from_chat, operation: "listMessagesFromChat", args: %i[experienceId first after]
+  end
+
+  resource :notifications do
+    graphql :send_push_notification, operation: "sendPushNotification", args: %i[input]
   end
 end
 

data/lib/whop/error.rb

@@ -1,5 +1,41 @@
 module Whop
   class Error < StandardError; end
+
+  # Network and timeout errors
+  class APIConnectionError < Error
+    attr_reader :cause
+    def initialize(message = "API connection error", cause: nil)
+      super(message)
+      @cause = cause
+    end
+  end
+
+  class APITimeoutError < Error
+    attr_reader :cause
+    def initialize(message = "API request timed out", cause: nil)
+      super(message)
+      @cause = cause
+    end
+  end
+
+  # HTTP status-based errors
+  class APIStatusError < Error
+    attr_reader :status, :body
+    def initialize(status, message = nil, body: nil)
+      super(message || "HTTP #{status}")
+      @status = status.to_i
+      @body = body
+    end
+  end
+
+  class BadRequestError < APIStatusError; end       # 400
+  class AuthenticationError < APIStatusError; end   # 401
+  class PermissionDeniedError < APIStatusError; end # 403
+  class NotFoundError < APIStatusError; end         # 404
+  class ConflictError < APIStatusError; end         # 409
+  class UnprocessableEntityError < APIStatusError; end # 422
+  class RateLimitError < APIStatusError; end        # 429
+  class InternalServerError < APIStatusError; end   # >= 500
 end
 
 

data/lib/whop/version.rb

@@ -1,5 +1,5 @@
 module Whop
-  VERSION = "1.0.0"
+  VERSION = "1.0.2"
 end
 
 

data/lib/whop.rb

@@ -34,6 +34,9 @@ module Whop
   end
 end
 
+# Ensure core client constant is available when requiring the gem
+require_relative "whop/client"
+
 if defined?(Rails)
   require_relative "whop/webhooks/engine"
 end
@@ -48,4 +51,7 @@ require_relative "whop/webhooks/signature"
 require_relative "whop/token"
 require_relative "whop/controller_helpers"
 
+# Load access helpers (used by specs and controller helpers)
+require_relative "whop/access"
+
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: whop
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.2
 platform: ruby
 authors:
 - Nikhil Nelson
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-10-17 00:00:00.000000000 Z
+date: 2025-10-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -182,7 +182,10 @@ files:
 homepage: https://github.com/TheSoloHacker47/whop-gem
 licenses:
 - MIT
-metadata: {}
+metadata:
+  source_code_uri: https://github.com/TheSoloHacker47/whop-gem
+  changelog_uri: https://github.com/TheSoloHacker47/whop-gem/blob/main/CHANGELOG.md
+  documentation_uri: https://gemdocs.org/gems/whop/
 post_install_message:
 rdoc_options: []
 require_paths: