@deiondz/better-auth-razorpay 2.0.5 → 2.0.8

package/api/webhook.ts

@@ -1,305 +0,0 @@
-import { createHmac } from 'node:crypto'
-import { createAuthEndpoint } from 'better-auth/api'
-import type {
-  OnWebhookEventCallback,
-  RazorpayPluginOptions,
-  RazorpaySubscription,
-  SubscriptionRecord,
-} from '../lib'
-
-export interface WebhookResult {
-  success: boolean
-  message?: string
-}
-
-interface SubscriptionEntity {
-  id: string
-  plan_id: string
-  status: string
-  current_start?: number
-  current_end?: number
-}
-
-interface WebhookAdapter {
-  findOne: (params: {
-    model: string
-    where: { field: string; value: string }[]
-  }) => Promise<unknown>
-  update: (params: {
-    model: string
-    where: { field: string; value: string }[]
-    update: { data: Record<string, unknown> }
-  }) => Promise<unknown>
-}
-
-type EventHandler = (
-  adapter: WebhookAdapter,
-  razorpaySubscriptionId: string,
-  record: SubscriptionRecord,
-  subscription: SubscriptionEntity
-) => Promise<void>
-
-function toLocalStatus(razorpayStatus: string): SubscriptionRecord['status'] {
-  const map: Record<string, SubscriptionRecord['status']> = {
-    created: 'created',
-    authenticated: 'pending',
-    active: 'active',
-    pending: 'pending',
-    halted: 'halted',
-    cancelled: 'cancelled',
-    completed: 'completed',
-    expired: 'expired',
-  }
-  return map[razorpayStatus] ?? 'pending'
-}
-
-const updateSubscriptionRecord = async (
-  adapter: WebhookAdapter,
-  razorpaySubscriptionId: string,
-  data: Record<string, unknown>
-): Promise<void> => {
-  await adapter.update({
-    model: 'subscription',
-    where: [{ field: 'razorpaySubscriptionId', value: razorpaySubscriptionId }],
-    update: { data: { ...data, updatedAt: new Date() } },
-  })
-}
-
-const createStatusHandler = (
-  status: SubscriptionRecord['status'],
-  extraFields?: (sub: SubscriptionEntity) => Record<string, unknown>
-): EventHandler =>
-  async (adapter, razorpaySubscriptionId, record, subscription) => {
-    const periodStart = subscription.current_start
-      ? new Date(subscription.current_start * 1000)
-      : null
-    const periodEnd = subscription.current_end
-      ? new Date(subscription.current_end * 1000)
-      : null
-    await updateSubscriptionRecord(adapter, razorpaySubscriptionId, {
-      status,
-      ...(periodStart !== null && { periodStart }),
-      ...(periodEnd !== null && { periodEnd }),
-      ...(extraFields?.(subscription) ?? {}),
-    })
-  }
-
-const eventHandlers: Record<string, EventHandler> = {
-  'subscription.authenticated': createStatusHandler('pending'),
-  'subscription.activated': createStatusHandler('active'),
-  'subscription.charged': createStatusHandler('active', (sub) => ({
-    periodEnd: sub.current_end ? new Date(sub.current_end * 1000) : undefined,
-  })),
-  'subscription.cancelled': createStatusHandler('cancelled', () => ({ cancelAtPeriodEnd: false })),
-  'subscription.paused': createStatusHandler('halted'),
-  'subscription.resumed': createStatusHandler('active'),
-  'subscription.pending': createStatusHandler('pending'),
-  'subscription.halted': createStatusHandler('halted'),
-  'subscription.expired': createStatusHandler('expired'),
-}
-
-const getRawBody = async (request: Request | undefined, fallbackBody: unknown): Promise<string> => {
-  if (!request) return JSON.stringify(fallbackBody)
-  try {
-    const clonedRequest = request.clone()
-    const text = await clonedRequest.text()
-    return text || JSON.stringify(fallbackBody)
-  } catch {
-    return JSON.stringify(fallbackBody)
-  }
-}
-
-const verifySignature = (rawBody: string, signature: string, secret: string): boolean => {
-  const expectedSignature = createHmac('sha256', secret).update(rawBody).digest('hex')
-  return signature === expectedSignature
-}
-
-const invokeCallback = async (
-  onWebhookEvent: OnWebhookEventCallback,
-  adapter: WebhookAdapter,
-  event: string,
-  subscription: SubscriptionEntity,
-  payload: { payment?: { entity?: { id: string; amount: number; currency?: string } } },
-  userId: string
-): Promise<void> => {
-  const user = (await adapter.findOne({
-    model: 'user',
-    where: [{ field: 'id', value: userId }],
-  })) as { id: string; email?: string; name?: string } | null
-  if (!user) return
-  await onWebhookEvent(
-    {
-      event: event as Parameters<OnWebhookEventCallback>[0]['event'],
-      subscription: {
-        id: subscription.id,
-        plan_id: subscription.plan_id,
-        status: subscription.status,
-        current_start: subscription.current_start,
-        current_end: subscription.current_end,
-      },
-      payment: payload.payment?.entity
-        ? {
-            id: payload.payment.entity.id,
-            amount: payload.payment.entity.amount,
-            currency: payload.payment.entity.currency ?? 'INR',
-          }
-        : undefined,
-    },
-    { userId, user: { id: user.id, email: user.email, name: user.name } }
-  )
-}
-
-/**
- * Handles Razorpay webhook events for subscription lifecycle.
- * Updates the subscription model only (no user subscription fields).
- */
-export const webhook = (
-  webhookSecret: string | undefined,
-  onWebhookEvent: OnWebhookEventCallback | undefined,
-  pluginOptions: Pick<RazorpayPluginOptions, 'subscription' | 'onEvent'>
-) =>
-  createAuthEndpoint('/razorpay/webhook', { method: 'POST' }, async (ctx) => {
-    if (!webhookSecret) {
-      return { success: false, message: 'Webhook secret not configured' }
-    }
-    const signature = ctx.request?.headers.get('x-razorpay-signature')
-    if (!signature) {
-      return { success: false, message: 'Missing webhook signature' }
-    }
-    const rawBody = await getRawBody(ctx.request, ctx.body)
-    if (!verifySignature(rawBody, signature, webhookSecret)) {
-      return { success: false, message: 'Invalid webhook signature' }
-    }
-    return processWebhookEvent(
-      ctx.context.adapter as unknown as WebhookAdapter,
-      rawBody,
-      ctx.body,
-      onWebhookEvent,
-      pluginOptions
-    )
-  })
-
-async function processWebhookEvent(
-  adapter: WebhookAdapter,
-  rawBody: string,
-  fallbackBody: unknown,
-  onWebhookEvent?: OnWebhookEventCallback,
-  pluginOptions?: Pick<RazorpayPluginOptions, 'subscription' | 'onEvent'>
-): Promise<WebhookResult> {
-  const isDev = process.env.NODE_ENV === 'development'
-  try {
-    const webhookData = rawBody ? JSON.parse(rawBody) : fallbackBody
-    const { event, payload } = webhookData
-    if (!event || !payload) {
-      return {
-        success: false,
-        message: isDev ? 'Invalid webhook payload: missing event or payload' : 'Invalid webhook payload',
-      }
-    }
-
-    const subscriptionEntity = payload.subscription?.entity as SubscriptionEntity | undefined
-    if (!subscriptionEntity) {
-      return {
-        success: false,
-        message: isDev ? 'Invalid webhook payload: missing subscription data' : 'Invalid webhook payload',
-      }
-    }
-
-    const record = (await adapter.findOne({
-      model: 'subscription',
-      where: [{ field: 'razorpaySubscriptionId', value: subscriptionEntity.id }],
-    })) as SubscriptionRecord | null
-
-    if (!record) {
-      return {
-        success: false,
-        message: isDev
-          ? `Subscription record not found for ${subscriptionEntity.id}`
-          : 'Subscription record not found',
-      }
-    }
-
-    const userId = record.referenceId
-    if (!userId) {
-      return {
-        success: false,
-        message: isDev ? 'referenceId not found on subscription record' : 'Invalid subscription record',
-      }
-    }
-
-    const handler = eventHandlers[event]
-    if (!handler) {
-      return {
-        success: false,
-        message: isDev ? `Unhandled event: ${event}` : 'Unhandled webhook event',
-      }
-    }
-
-    await handler(adapter, subscriptionEntity.id, record, subscriptionEntity)
-
-    if (pluginOptions?.onEvent) {
-      try {
-        await pluginOptions.onEvent({ event, ...payload })
-      } catch {
-        // ignore
-      }
-    }
-
-    if (pluginOptions?.subscription) {
-      const sub = pluginOptions.subscription
-      const rpSub = {
-        id: subscriptionEntity.id,
-        plan_id: subscriptionEntity.plan_id,
-        status: subscriptionEntity.status,
-        current_start: subscriptionEntity.current_start,
-        current_end: subscriptionEntity.current_end,
-      } as RazorpaySubscription
-      const updatedRecord = { ...record, status: toLocalStatus(subscriptionEntity.status) }
-      try {
-        if (event === 'subscription.activated' && sub.onSubscriptionActivated) {
-          await sub.onSubscriptionActivated({
-            event,
-            razorpaySubscription: rpSub,
-            subscription: updatedRecord as SubscriptionRecord,
-            plan: { name: record.plan, monthlyPlanId: subscriptionEntity.plan_id },
-          })
-        } else if (
-          ['subscription.cancelled', 'subscription.expired'].includes(event) &&
-          sub.onSubscriptionCancel
-        ) {
-          await sub.onSubscriptionCancel({
-            event,
-            razorpaySubscription: rpSub,
-            subscription: updatedRecord as SubscriptionRecord,
-          })
-        } else if (sub.onSubscriptionUpdate) {
-          await sub.onSubscriptionUpdate({ event, subscription: updatedRecord as SubscriptionRecord })
-        }
-      } catch {
-        // ignore callback errors
-      }
-    }
-
-    if (onWebhookEvent) {
-      try {
-        await invokeCallback(
-          onWebhookEvent,
-          adapter,
-          event,
-          subscriptionEntity,
-          payload,
-          userId
-        )
-      } catch {
-        // ignore
-      }
-    }
-
-    return { success: true }
-  } catch (error) {
-    return {
-      success: false,
-      message: error instanceof Error ? error.message : 'Webhook processing failed',
-    }
-  }
-}

package/client/hooks.ts

@@ -1,352 +0,0 @@
-/**
- * React hooks for Razorpay subscription features using TanStack Query.
- * Wrap your app with <RazorpayAuthProvider client={authClient}> and use usePlans(), useSubscriptions(), etc. with no client argument.
- */
-
-import { createContext, useContext, createElement, type ReactNode } from 'react'
-import {
-  useQuery,
-  useMutation,
-  useQueryClient,
-  type UseQueryOptions,
-  type UseMutationOptions,
-} from '@tanstack/react-query'
-import type {
-  RazorpayAuthClient,
-  PlanSummary,
-  CreateOrUpdateSubscriptionInput,
-  CancelSubscriptionInput,
-  RestoreSubscriptionInput,
-  ListSubscriptionsInput,
-  VerifyPaymentInput,
-  GetPlansResponse,
-  ListSubscriptionsResponse,
-  CreateOrUpdateSubscriptionResponse,
-  CancelSubscriptionResponse,
-  RestoreSubscriptionResponse,
-  VerifyPaymentResponse,
-  RazorpayApiError,
-} from './types'
-
-const BASE = '/razorpay'
-
-const RAZORPAY_NO_CLIENT_MESSAGE =
-  'Razorpay hooks require wrapping your app with <RazorpayAuthProvider client={authClient}>.'
-
-const RAZORPAY_NO_RAZORPAY_OR_API_MESSAGE =
-  'Razorpay hooks require a client created with razorpayClientPlugin() in createAuthClient({ plugins: [...] }).'
-
-/** Context holding the Razorpay-capable auth client. Default is null. */
-export const RazorpayAuthContext = createContext<RazorpayAuthClient | null>(null)
-
-/** Provider that supplies the auth client to Razorpay hooks. Wrap your app once with client={authClient}. */
-export function RazorpayAuthProvider({
-  client,
-  children,
-}: {
-  client: RazorpayAuthClient | null
-  children: ReactNode
-}) {
-  return createElement(RazorpayAuthContext.Provider, { value: client }, children)
-}
-
-/** Returns the Razorpay-capable auth client from context, or null if not wrapped with RazorpayAuthProvider. */
-export function useRazorpayAuthClient(): RazorpayAuthClient | null {
-  return useContext(RazorpayAuthContext)
-}
-
-function requireRazorpayOrApi(client: RazorpayAuthClient): void {
-  if (!client.razorpay && !client.api) {
-    throw new Error(RAZORPAY_NO_RAZORPAY_OR_API_MESSAGE)
-  }
-}
-
-/** Query keys for cache invalidation. */
-export const razorpayQueryKeys = {
-  all: ['razorpay'] as const,
-  plans: () => [...razorpayQueryKeys.all, 'plans'] as const,
-  subscriptions: (referenceId?: string) =>
-    [...razorpayQueryKeys.all, 'subscriptions', referenceId ?? 'me'] as const,
-}
-
-function assertSuccess<T>(res: unknown): asserts res is { success: true; data: T } {
-  if (res && typeof res === 'object' && 'success' in res) {
-    if ((res as { success: boolean }).success) return
-    const err = res as RazorpayApiError
-    throw new Error(err.error?.description ?? err.error?.code ?? 'Request failed')
-  }
-  throw new Error('Invalid response')
-}
-
-/** Fetch plans (GET /razorpay/get-plans). Prefers client.razorpay when available to avoid 404s. */
-async function fetchPlans(client: RazorpayAuthClient): Promise<PlanSummary[]> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.getPlans()
-    : await client.api!.get(`${BASE}/get-plans`)
-  assertSuccess<PlanSummary[]>(res)
-  return res.data
-}
-
-/** Fetch subscriptions list (GET /razorpay/subscription/list). Prefers client.razorpay when available. */
-async function fetchSubscriptions(
-  client: RazorpayAuthClient,
-  input?: ListSubscriptionsInput
-): Promise<ListSubscriptionsResponse['data']> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.listSubscriptions(input)
-    : (() => {
-      const query: Record<string, string> = {}
-      if (input?.referenceId) query.referenceId = input.referenceId
-      const path = `${BASE}/subscription/list`
-      return Object.keys(query).length > 0
-        ? client.api!.get(path, { query })
-        : client.api!.get(path)
-    })()
-  assertSuccess<ListSubscriptionsResponse['data']>(res)
-  return res.data
-}
-
-/** Create or update subscription (POST /razorpay/subscription/create-or-update). Prefers client.razorpay when available. */
-async function createOrUpdateSubscription(
-  client: RazorpayAuthClient,
-  input: CreateOrUpdateSubscriptionInput
-): Promise<CreateOrUpdateSubscriptionResponse['data']> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.createOrUpdateSubscription(input)
-    : await client.api!.post(`${BASE}/subscription/create-or-update`, {
-      body: input as unknown as Record<string, unknown>,
-    })
-  assertSuccess<CreateOrUpdateSubscriptionResponse['data']>(res)
-  return res.data
-}
-
-/** Cancel subscription (POST /razorpay/subscription/cancel). Prefers client.razorpay when available. */
-async function cancelSubscription(
-  client: RazorpayAuthClient,
-  input: CancelSubscriptionInput
-): Promise<CancelSubscriptionResponse['data']> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.cancelSubscription(input)
-    : await client.api!.post(`${BASE}/subscription/cancel`, {
-      body: input as unknown as Record<string, unknown>,
-    })
-  assertSuccess<CancelSubscriptionResponse['data']>(res)
-  return res.data
-}
-
-/** Restore subscription (POST /razorpay/subscription/restore). Prefers client.razorpay when available. */
-async function restoreSubscription(
-  client: RazorpayAuthClient,
-  input: RestoreSubscriptionInput
-): Promise<RestoreSubscriptionResponse['data']> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.restoreSubscription(input)
-    : await client.api!.post(`${BASE}/subscription/restore`, {
-      body: input as unknown as Record<string, unknown>,
-    })
-  assertSuccess<RestoreSubscriptionResponse['data']>(res)
-  return res.data
-}
-
-/** Verify payment (POST /razorpay/verify-payment). Prefers client.razorpay when available. */
-async function verifyPayment(
-  client: RazorpayAuthClient,
-  input: VerifyPaymentInput
-): Promise<VerifyPaymentResponse['data']> {
-  requireRazorpayOrApi(client)
-  const res = client.razorpay
-    ? await client.razorpay.verifyPayment(input)
-    : await client.api!.post(`${BASE}/verify-payment`, {
-      body: input as unknown as Record<string, unknown>,
-    })
-  assertSuccess<VerifyPaymentResponse['data']>(res)
-  return res.data
-}
-
-export type UsePlansOptions = Omit<
-  UseQueryOptions<PlanSummary[], Error, PlanSummary[], readonly string[]>,
-  'queryKey' | 'queryFn'
->
-
-/**
- * Fetch configured subscription plans (no auth required).
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function usePlans(options?: UsePlansOptions) {
-  const client = useRazorpayAuthClient()
-  return useQuery({
-    queryKey: razorpayQueryKeys.plans(),
-    queryFn: () => fetchPlans(client!),
-    enabled: !!client,
-    ...options,
-  })
-}
-
-export type UseSubscriptionsOptions = Omit<
-  UseQueryOptions<
-    ListSubscriptionsResponse['data'],
-    Error,
-    ListSubscriptionsResponse['data'],
-    readonly (string | undefined)[]
-  >,
-  'queryKey' | 'queryFn'
-> & { referenceId?: string }
-
-/**
- * List active/trialing subscriptions for the current user (or referenceId).
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function useSubscriptions(
-  input?: ListSubscriptionsInput,
-  options?: UseSubscriptionsOptions
-) {
-  const client = useRazorpayAuthClient()
-  const { referenceId, ...queryOptions } = options ?? {}
-  const refId = input?.referenceId ?? referenceId
-  return useQuery({
-    queryKey: razorpayQueryKeys.subscriptions(refId),
-    queryFn: () => fetchSubscriptions(client!, input),
-    enabled: !!client,
-    ...queryOptions,
-  })
-}
-
-export type UseCreateOrUpdateSubscriptionOptions = UseMutationOptions<
-  CreateOrUpdateSubscriptionResponse['data'],
-  Error,
-  CreateOrUpdateSubscriptionInput,
-  unknown
->
-
-/**
- * Create or update a subscription. Returns checkoutUrl for Razorpay payment page.
- * Invalidates subscriptions list on success.
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function useCreateOrUpdateSubscription(
-  options?: UseCreateOrUpdateSubscriptionOptions
-) {
-  const client = useRazorpayAuthClient()
-  const queryClient = useQueryClient()
-  return useMutation({
-    mutationFn: (input: CreateOrUpdateSubscriptionInput) => {
-      if (!client) throw new Error(RAZORPAY_NO_CLIENT_MESSAGE)
-      return createOrUpdateSubscription(client, input)
-    },
-    ...options,
-    onSuccess: (data, variables, onMutateResult, context) => {
-      queryClient.invalidateQueries({ queryKey: razorpayQueryKeys.subscriptions() })
-      options?.onSuccess?.(data, variables, onMutateResult, context)
-    },
-  })
-}
-
-export type UseCancelSubscriptionOptions = UseMutationOptions<
-  CancelSubscriptionResponse['data'],
-  Error,
-  CancelSubscriptionInput,
-  unknown
->
-
-/**
- * Cancel a subscription by local subscription ID (at period end or immediately).
- * Invalidates subscriptions list on success.
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function useCancelSubscription(options?: UseCancelSubscriptionOptions) {
-  const client = useRazorpayAuthClient()
-  const queryClient = useQueryClient()
-  return useMutation({
-    mutationFn: (input: CancelSubscriptionInput) => {
-      if (!client) throw new Error(RAZORPAY_NO_CLIENT_MESSAGE)
-      return cancelSubscription(client, input)
-    },
-    ...options,
-    onSuccess: (data, variables, onMutateResult, context) => {
-      queryClient.invalidateQueries({ queryKey: razorpayQueryKeys.subscriptions() })
-      options?.onSuccess?.(data, variables, onMutateResult, context)
-    },
-  })
-}
-
-export type UseRestoreSubscriptionOptions = UseMutationOptions<
-  RestoreSubscriptionResponse['data'],
-  Error,
-  RestoreSubscriptionInput,
-  unknown
->
-
-// Re-export client types for convenience when importing from this entry
-export type {
-  RazorpayAuthClient,
-  RazorpayClientActions,
-  PlanSummary,
-  CreateOrUpdateSubscriptionInput,
-  CancelSubscriptionInput,
-  RestoreSubscriptionInput,
-  ListSubscriptionsInput,
-  VerifyPaymentInput,
-  GetPlansResponse,
-  ListSubscriptionsResponse,
-  CreateOrUpdateSubscriptionResponse,
-  CancelSubscriptionResponse,
-  RestoreSubscriptionResponse,
-  VerifyPaymentResponse,
-  RazorpayApiError,
-  RazorpayApiResult,
-} from './types'
-
-/**
- * Restore a subscription that was scheduled to cancel at period end.
- * Invalidates subscriptions list on success.
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function useRestoreSubscription(options?: UseRestoreSubscriptionOptions) {
-  const client = useRazorpayAuthClient()
-  const queryClient = useQueryClient()
-  return useMutation({
-    mutationFn: (input: RestoreSubscriptionInput) => {
-      if (!client) throw new Error(RAZORPAY_NO_CLIENT_MESSAGE)
-      return restoreSubscription(client, input)
-    },
-    ...options,
-    onSuccess: (data, variables, onMutateResult, context) => {
-      queryClient.invalidateQueries({ queryKey: razorpayQueryKeys.subscriptions() })
-      options?.onSuccess?.(data, variables, onMutateResult, context)
-    },
-  })
-}
-
-export type UseVerifyPaymentOptions = UseMutationOptions<
-  VerifyPaymentResponse['data'],
-  Error,
-  VerifyPaymentInput,
-  unknown
->
-
-/**
- * Verify payment signature after Razorpay checkout success.
- * Call with the payload from the Razorpay success handler (razorpay_payment_id, razorpay_subscription_id, razorpay_signature).
- * Invalidates subscriptions list on success.
- * Requires RazorpayAuthProvider above in the tree.
- */
-export function useVerifyPayment(options?: UseVerifyPaymentOptions) {
-  const client = useRazorpayAuthClient()
-  const queryClient = useQueryClient()
-  return useMutation({
-    mutationFn: (input: VerifyPaymentInput) => {
-      if (!client) throw new Error(RAZORPAY_NO_CLIENT_MESSAGE)
-      return verifyPayment(client, input)
-    },
-    ...options,
-    onSuccess: (data, variables, onMutateResult, context) => {
-      queryClient.invalidateQueries({ queryKey: razorpayQueryKeys.subscriptions() })
-      options?.onSuccess?.(data, variables, onMutateResult, context)
-    },
-  })
-}