@deiondz/better-auth-razorpay 2.0.5 → 2.0.7

package/api/create-or-update-subscription.ts

@@ -1,254 +0,0 @@
-import { createAuthEndpoint, sessionMiddleware } from 'better-auth/api'
-import type Razorpay from 'razorpay'
-import {
-  createOrUpdateSubscriptionSchema,
-  handleRazorpayError,
-  type RazorpayPlan,
-  type RazorpayPluginOptions,
-  type RazorpaySubscription,
-  type RazorpayUserRecord,
-  type SubscriptionRecord,
-} from '../lib'
-
-async function resolvePlans(
-  plans: RazorpayPlan[] | (() => Promise<RazorpayPlan[]>)
-): Promise<RazorpayPlan[]> {
-  return typeof plans === 'function' ? plans() : plans
-}
-
-function toLocalStatus(razorpayStatus: string): SubscriptionRecord['status'] {
-  const map: Record<string, SubscriptionRecord['status']> = {
-    created: 'created',
-    authenticated: 'pending',
-    active: 'active',
-    pending: 'pending',
-    halted: 'halted',
-    cancelled: 'cancelled',
-    completed: 'completed',
-    expired: 'expired',
-  }
-  return map[razorpayStatus] ?? 'pending'
-}
-
-/**
- * POST /api/auth/razorpay/subscription/create-or-update
- * Creates a new subscription or updates an existing one (plan/quantity).
- * Returns checkoutUrl for Razorpay payment page, or updated subscription for updates.
- */
-export const createOrUpdateSubscription = (
-  razorpay: Razorpay,
-  options: Pick<
-    RazorpayPluginOptions,
-    'subscription' | 'createCustomerOnSignUp'
-  >
-) =>
-  createAuthEndpoint(
-    '/razorpay/subscription/create-or-update',
-    { method: 'POST', use: [sessionMiddleware] },
-    async (ctx) => {
-      try {
-        const body = createOrUpdateSubscriptionSchema.parse(ctx.body)
-        const subOpts = options.subscription
-        if (!subOpts?.enabled) {
-          return {
-            success: false,
-            error: { code: 'SUBSCRIPTION_DISABLED', description: 'Subscription feature is disabled' },
-          }
-        }
-
-        const plans = await resolvePlans(subOpts.plans)
-        const plan = plans.find((p) => p.name === body.plan)
-        if (!plan) {
-          return {
-            success: false,
-            error: { code: 'PLAN_NOT_FOUND', description: `Plan "${body.plan}" not found` },
-          }
-        }
-
-        const planId = body.annual && plan.annualPlanId ? plan.annualPlanId : plan.monthlyPlanId
-        const userId = ctx.context.session?.user?.id
-        if (!userId) {
-          return {
-            success: false,
-            error: { code: 'UNAUTHORIZED', description: 'User not authenticated' },
-          }
-        }
-
-        const user = (await ctx.context.adapter.findOne({
-          model: 'user',
-          where: [{ field: 'id', value: userId }],
-        })) as RazorpayUserRecord | null
-        if (!user) {
-          return {
-            success: false,
-            error: { code: 'USER_NOT_FOUND', description: 'User not found' },
-          }
-        }
-
-        if (subOpts.requireEmailVerification && user.email) {
-          // If your Better Auth setup has emailVerified, check it here
-          // const verified = (user as { emailVerified?: boolean }).emailVerified
-          // if (!verified) return { success: false, error: { code: 'EMAIL_NOT_VERIFIED', ... } }
-        }
-
-        if (subOpts.authorizeReference) {
-          const allowed = await subOpts.authorizeReference({
-            user: user as { id: string; email?: string; name?: string; [key: string]: unknown },
-            referenceId: userId,
-            action: 'create-or-update',
-          })
-          if (!allowed) {
-            return {
-              success: false,
-              error: { code: 'FORBIDDEN', description: 'Not authorized to manage this subscription' },
-            }
-          }
-        }
-
-        const now = new Date()
-        const generateId = ctx.context.generateId as
-          | ((options: { model: string; size?: number }) => string | false)
-          | undefined
-        const generated =
-          typeof generateId === 'function'
-            ? generateId({ model: 'subscription' })
-            : undefined
-        const localId =
-          (typeof generated === 'string' ? generated : undefined) ??
-          `sub_${Date.now()}_${Math.random().toString(36).slice(2, 9)}`
-
-        // Update existing subscription (by local id)
-        if (body.subscriptionId) {
-          const existing = (await ctx.context.adapter.findOne({
-            model: 'subscription',
-            where: [{ field: 'id', value: body.subscriptionId }],
-          })) as SubscriptionRecord | null
-          if (!existing) {
-            return {
-              success: false,
-              error: { code: 'SUBSCRIPTION_NOT_FOUND', description: 'Subscription not found' },
-            }
-          }
-          if (existing.referenceId !== userId) {
-            return {
-              success: false,
-              error: { code: 'FORBIDDEN', description: 'Subscription does not belong to you' },
-            }
-          }
-          // For "update" we could call Razorpay subscription update API if needed.
-          // Here we treat update as "create new" is not required by GitHub README; they return "updated subscription".
-          const rpSub = existing.razorpaySubscriptionId
-            ? ((await razorpay.subscriptions.fetch(existing.razorpaySubscriptionId)) as RazorpaySubscription)
-            : null
-          if (rpSub) {
-            return {
-              success: true,
-              data: {
-                checkoutUrl: rpSub.short_url,
-                subscription: {
-                  id: existing.id,
-                  plan: existing.plan,
-                  status: existing.status,
-                  razorpaySubscriptionId: existing.razorpaySubscriptionId,
-                  cancelAtPeriodEnd: existing.cancelAtPeriodEnd,
-                  periodEnd: existing.periodEnd,
-                  seats: existing.seats,
-                },
-              },
-            }
-          }
-        }
-
-        // Create new subscription
-        const totalCount = body.annual ? 1 : 12
-        const subscriptionPayload: Parameters<Razorpay['subscriptions']['create']>[0] = {
-          plan_id: planId,
-          total_count: totalCount,
-          quantity: body.seats,
-          customer_notify: true,
-          notes: { referenceId: userId, planName: plan.name },
-        }
-
-        if (subOpts.getSubscriptionCreateParams) {
-          const tempSub: SubscriptionRecord = {
-            id: '',
-            plan: plan.name,
-            referenceId: userId,
-            status: 'created',
-            cancelAtPeriodEnd: false,
-            seats: body.seats,
-            createdAt: now,
-            updatedAt: now,
-          }
-          const extra = await subOpts.getSubscriptionCreateParams({
-            user: user as { id: string; email?: string; name?: string; [key: string]: unknown },
-            session: ctx.context.session,
-            plan,
-            subscription: tempSub,
-          })
-          if (extra?.params?.notes && typeof extra.params.notes === 'object') {
-            subscriptionPayload.notes = { ...subscriptionPayload.notes, ...extra.params.notes }
-          }
-          if (extra?.params && typeof extra.params === 'object') {
-            Object.assign(subscriptionPayload, extra.params)
-          }
-        }
-
-        const rpSubscription = (await razorpay.subscriptions.create(
-          subscriptionPayload
-        )) as RazorpaySubscription
-
-        const subscriptionRecord: Omit<SubscriptionRecord, 'id'> & { id: string } = {
-          id: localId,
-          plan: plan.name,
-          referenceId: userId,
-          razorpayCustomerId: user.razorpayCustomerId ?? null,
-          razorpaySubscriptionId: rpSubscription.id,
-          status: toLocalStatus(rpSubscription.status),
-          trialStart: null,
-          trialEnd: null,
-          periodStart: rpSubscription.current_start
-            ? new Date(rpSubscription.current_start * 1000)
-            : null,
-          periodEnd: rpSubscription.current_end
-            ? new Date(rpSubscription.current_end * 1000)
-            : null,
-          cancelAtPeriodEnd: false,
-          seats: body.seats,
-          groupId: null,
-          createdAt: now,
-          updatedAt: now,
-        }
-
-        await ctx.context.adapter.create({
-          model: 'subscription',
-          data: subscriptionRecord,
-        })
-
-        if (subOpts.onSubscriptionCreated) {
-          await subOpts.onSubscriptionCreated({
-            razorpaySubscription: rpSubscription,
-            subscription: subscriptionRecord as SubscriptionRecord,
-            plan,
-          })
-        }
-
-        const checkoutUrl = body.disableRedirect
-          ? rpSubscription.short_url
-          : body.successUrl
-            ? `${rpSubscription.short_url}?redirect=${encodeURIComponent(body.successUrl)}`
-            : rpSubscription.short_url
-
-        return {
-          success: true,
-          data: {
-            checkoutUrl,
-            subscriptionId: localId,
-            razorpaySubscriptionId: rpSubscription.id,
-          },
-        }
-      } catch (error) {
-        return handleRazorpayError(error)
-      }
-    }
-  )

package/api/get-plans.ts

@@ -1,36 +0,0 @@
-import { createAuthEndpoint } from 'better-auth/api'
-import { handleRazorpayError, type RazorpayPlan, type RazorpayPluginOptions } from '../lib'
-
-async function resolvePlans(
-  plans: RazorpayPlan[] | (() => Promise<RazorpayPlan[]>)
-): Promise<RazorpayPlan[]> {
-  return typeof plans === 'function' ? plans() : plans
-}
-
-/**
- * GET /api/auth/razorpay/get-plans
- * Returns the configured subscription plans (name, monthlyPlanId, annualPlanId, limits, freeTrial).
- * Does not call Razorpay API.
- */
-export const getPlans = (options: Pick<RazorpayPluginOptions, 'subscription'>) =>
-  createAuthEndpoint('/razorpay/get-plans', { method: 'GET' }, async (_ctx) => {
-    try {
-      const subOpts = options.subscription
-      if (!subOpts?.enabled) {
-        return { success: true, data: [] }
-      }
-      const plans = await resolvePlans(subOpts.plans)
-      return {
-        success: true,
-        data: plans.map((p) => ({
-          name: p.name,
-          monthlyPlanId: p.monthlyPlanId,
-          annualPlanId: p.annualPlanId,
-          limits: p.limits,
-          freeTrial: p.freeTrial ? { days: p.freeTrial.days } : undefined,
-        })),
-      }
-    } catch (error) {
-      return handleRazorpayError(error)
-    }
-  })

package/api/index.ts

@@ -1,7 +0,0 @@
-export { cancelSubscription } from './cancel-subscription'
-export { createOrUpdateSubscription } from './create-or-update-subscription'
-export { getPlans } from './get-plans'
-export { listSubscriptions } from './list-subscriptions'
-export { restoreSubscription } from './restore-subscription'
-export { verifyPayment } from './verify-payment'
-export { webhook } from './webhook'

package/api/list-subscriptions.ts

@@ -1,79 +0,0 @@
-import { createAuthEndpoint, sessionMiddleware } from 'better-auth/api'
-import {
-  handleRazorpayError,
-  listSubscriptionsSchema,
-  type RazorpayPluginOptions,
-  type SubscriptionRecord,
-} from '../lib'
-
-const ACTIVE_STATUSES: SubscriptionRecord['status'][] = [
-  'active',
-  'trialing',
-  'pending',
-  'created',
-]
-
-/**
- * GET /api/auth/razorpay/subscription/list
- * Lists active and trialing subscriptions for the current user (or referenceId if authorized).
- */
-export const listSubscriptions = (
-  options: Pick<RazorpayPluginOptions, 'subscription'>
-) =>
-  createAuthEndpoint(
-    '/razorpay/subscription/list',
-    { method: 'GET', use: [sessionMiddleware] },
-    async (ctx) => {
-      try {
-        const query = listSubscriptionsSchema.parse(ctx.query ?? {})
-        const userId = ctx.context.session?.user?.id
-        if (!userId) {
-          return {
-            success: false,
-            error: { code: 'UNAUTHORIZED', description: 'User not authenticated' },
-          }
-        }
-
-        const referenceId = query.referenceId ?? userId
-        if (referenceId !== userId && options.subscription?.authorizeReference) {
-          const user = (await ctx.context.adapter.findOne({
-            model: 'user',
-            where: [{ field: 'id', value: userId }],
-          })) as { id: string; email?: string; name?: string } | null
-          if (!user) {
-            return {
-              success: false,
-              error: { code: 'USER_NOT_FOUND', description: 'User not found' },
-            }
-          }
-          const allowed = await options.subscription.authorizeReference({
-            user: user as { id: string; email?: string; name?: string; [key: string]: unknown },
-            referenceId,
-            action: 'list',
-          })
-          if (!allowed) {
-            return {
-              success: false,
-              error: { code: 'FORBIDDEN', description: 'Not authorized to list this user\'s subscriptions' },
-            }
-          }
-        }
-
-        const list = (await ctx.context.adapter.findMany({
-          model: 'subscription',
-          where: [{ field: 'referenceId', value: referenceId }],
-        })) as SubscriptionRecord[] | null
-
-        const subscriptions = (list ?? []).filter((s) =>
-          ACTIVE_STATUSES.includes(s.status)
-        )
-
-        return {
-          success: true,
-          data: subscriptions,
-        }
-      } catch (error) {
-        return handleRazorpayError(error)
-      }
-    }
-  )

package/api/restore-subscription.ts

@@ -1,79 +0,0 @@
-import { createAuthEndpoint, sessionMiddleware } from 'better-auth/api'
-import type Razorpay from 'razorpay'
-import {
-  handleRazorpayError,
-  restoreSubscriptionSchema,
-  type SubscriptionRecord,
-} from '../lib'
-
-/**
- * POST /api/auth/razorpay/subscription/restore
- * Restores a subscription that was scheduled to cancel at period end.
- */
-export const restoreSubscription = (razorpay: Razorpay) =>
-  createAuthEndpoint(
-    '/razorpay/subscription/restore',
-    { method: 'POST', use: [sessionMiddleware] },
-    async (ctx) => {
-      try {
-        const body = restoreSubscriptionSchema.parse(ctx.body)
-        const userId = ctx.context.session?.user?.id
-        if (!userId) {
-          return {
-            success: false,
-            error: { code: 'UNAUTHORIZED', description: 'User not authenticated' },
-          }
-        }
-
-        const record = (await ctx.context.adapter.findOne({
-          model: 'subscription',
-          where: [{ field: 'id', value: body.subscriptionId }],
-        })) as SubscriptionRecord | null
-
-        if (!record) {
-          return {
-            success: false,
-            error: { code: 'SUBSCRIPTION_NOT_FOUND', description: 'Subscription not found' },
-          }
-        }
-        if (record.referenceId !== userId) {
-          return {
-            success: false,
-            error: { code: 'FORBIDDEN', description: 'Subscription does not belong to you' },
-          }
-        }
-
-        const rpId = record.razorpaySubscriptionId
-        if (!rpId) {
-          return {
-            success: false,
-            error: { code: 'INVALID_STATE', description: 'No Razorpay subscription linked' },
-          }
-        }
-
-        // Razorpay: resume a paused subscription (or cancel scheduled cancellation)
-        const subscription = await razorpay.subscriptions.resume(rpId)
-
-        await ctx.context.adapter.update({
-          model: 'subscription',
-          where: [{ field: 'id', value: body.subscriptionId }],
-          update: {
-            data: {
-              cancelAtPeriodEnd: false,
-              updatedAt: new Date(),
-            },
-          },
-        })
-
-        return {
-          success: true,
-          data: {
-            id: (subscription as { id: string }).id,
-            status: (subscription as { status: string }).status,
-          },
-        }
-      } catch (error) {
-        return handleRazorpayError(error)
-      }
-    }
-  )

package/api/verify-payment.ts

@@ -1,87 +0,0 @@
-import { createHmac } from 'node:crypto'
-import { createAuthEndpoint, sessionMiddleware } from 'better-auth/api'
-import {
-  handleRazorpayError,
-  verifyPaymentSchema,
-  type SubscriptionRecord,
-} from '../lib'
-
-/**
- * POST /api/auth/razorpay/verify-payment
- * Verifies payment signature after Razorpay subscription checkout completion.
- * Requires razorpayKeySecret to be set in plugin options.
- */
-export const verifyPayment = (keySecret: string) =>
-  createAuthEndpoint(
-    '/razorpay/verify-payment',
-    { method: 'POST', use: [sessionMiddleware] },
-    async (ctx) => {
-      try {
-        const body = verifyPaymentSchema.parse(ctx.body)
-        const { razorpay_payment_id, razorpay_subscription_id, razorpay_signature } = body
-
-        const generatedSignature = createHmac('sha256', keySecret)
-          .update(`${razorpay_payment_id}|${razorpay_subscription_id}`)
-          .digest('hex')
-
-        if (generatedSignature !== razorpay_signature) {
-          return {
-            success: false,
-            error: {
-              code: 'SIGNATURE_VERIFICATION_FAILED',
-              description: 'Payment signature verification failed',
-            },
-          }
-        }
-
-        const userId = ctx.context.session?.user?.id
-        if (!userId) {
-          return {
-            success: false,
-            error: { code: 'UNAUTHORIZED', description: 'User not authenticated' },
-          }
-        }
-
-        const record = (await ctx.context.adapter.findOne({
-          model: 'subscription',
-          where: [{ field: 'razorpaySubscriptionId', value: razorpay_subscription_id }],
-        })) as SubscriptionRecord | null
-
-        if (!record) {
-          return {
-            success: false,
-            error: { code: 'SUBSCRIPTION_NOT_FOUND', description: 'Subscription not found' },
-          }
-        }
-
-        if (record.referenceId !== userId) {
-          return {
-            success: false,
-            error: { code: 'FORBIDDEN', description: 'Subscription does not belong to you' },
-          }
-        }
-
-        await ctx.context.adapter.update({
-          model: 'subscription',
-          where: [{ field: 'razorpaySubscriptionId', value: razorpay_subscription_id }],
-          update: {
-            data: {
-              status: 'pending',
-              updatedAt: new Date(),
-            },
-          },
-        })
-
-        return {
-          success: true,
-          data: {
-            message: 'Payment verified successfully',
-            payment_id: razorpay_payment_id,
-            subscription_id: razorpay_subscription_id,
-          },
-        }
-      } catch (error) {
-        return handleRazorpayError(error)
-      }
-    }
-  )