@donotdev/functions 0.0.3 → 0.0.5

package/lib/firebase/index.js

@@ -31217,14 +31217,11 @@ async function WR(e, t) {
   let c = { success: !0, customClaims: s };
   return (
     n &&
-      (await oe()
-        .collection('idempotency')
-        .doc(`claims_${n}`)
-        .set({
-          result: c,
-          processedAt: new Date().toISOString(),
-          processedBy: t.uid,
-        })),
+      (await oe().collection('idempotency').doc(`claims_${n}`).set({
+        result: c,
+        processedAt: new Date().toISOString(),
+        processedBy: t.uid,
+      })),
     c
   );
 }
@@ -32504,14 +32501,11 @@ function yI(e, t) {
       w = Dt({ id: m.id, ...m.data() });
     return (
       s &&
-        (await u
-          .collection('idempotency')
-          .doc(`create_${s}`)
-          .set({
-            result: w,
-            processedAt: new Date().toISOString(),
-            processedBy: c,
-          })),
+        (await u.collection('idempotency').doc(`create_${s}`).set({
+          result: w,
+          processedAt: new Date().toISOString(),
+          processedBy: c,
+        })),
       w
     );
   }, 'createEntityLogic');
@@ -32632,14 +32626,11 @@ function wI(e, t) {
       k = Dt({ id: C.id, ...C.data() });
     return (
       c &&
-        (await u
-          .collection('idempotency')
-          .doc(`update_${c}`)
-          .set({
-            result: k,
-            processedAt: new Date().toISOString(),
-            processedBy: h,
-          })),
+        (await u.collection('idempotency').doc(`update_${c}`).set({
+          result: k,
+          processedAt: new Date().toISOString(),
+          processedBy: h,
+        })),
       k
     );
   }, 'updateEntityLogic');
@@ -32682,19 +32673,16 @@ async function Cue(e, t, r, n = 'pull', i) {
     });
   }
   (process.env.SAVE_GITHUB_ACCESS_TO_FIRESTORE === 'true' &&
-    (await oe()
-      .collection('githubAccess')
-      .doc(e)
-      .set(
-        {
-          githubUsername: t,
-          repoConfig: r,
-          permission: n,
-          accessGranted: !0,
-          grantedAt: Date.now(),
-        },
-        { merge: !0 }
-      )),
+    (await oe().collection('githubAccess').doc(e).set(
+      {
+        githubUsername: t,
+        repoConfig: r,
+        permission: n,
+        accessGranted: !0,
+        grantedAt: Date.now(),
+      },
+      { merge: !0 }
+    )),
     kc.info('GitHub repository access granted', {
       userId: e,
       githubUsername: t,
@@ -32964,14 +32952,11 @@ var Jue = TI(async (e) => {
     let C = { success: !0, credentials: S, profile: z };
     return (
       c &&
-        (await oe()
-          .collection('idempotency')
-          .doc(`oauth_${c}`)
-          .set({
-            result: C,
-            processedAt: new Date().toISOString(),
-            processedBy: t,
-          })),
+        (await oe().collection('idempotency').doc(`oauth_${c}`).set({
+          result: C,
+          processedAt: new Date().toISOString(),
+          processedBy: t,
+        })),
       C
     );
   } catch (h) {

package/lib/shared/index.js

@@ -31308,14 +31308,11 @@ async function c5e(e, t) {
 o(c5e, 'checkIdempotency');
 async function h5e(e, t, r, n) {
   try {
-    (await Ue()
-      .collection('idempotency')
-      .doc(`${t}_${e}`)
-      .set({
-        result: r,
-        processedAt: new Date().toISOString(),
-        processedBy: n,
-      }),
+    (await Ue().collection('idempotency').doc(`${t}_${e}`).set({
+      result: r,
+      processedAt: new Date().toISOString(),
+      processedBy: n,
+    }),
       B1.info('Idempotency result stored', {
         key: e,
         operation: t,

package/lib/vercel/api/index.js

@@ -30612,23 +30612,19 @@ function Nr(e, t, r, o) {
         return a.status(405).json({ error: 'Method not allowed' });
       let l = Ft(t, i.body);
       if (!l.success)
-        return a
-          .status(400)
-          .json({
-            error: `Validation failed: ${l.issues.map((S) => S.message).join(', ')}`,
-          });
+        return a.status(400).json({
+          error: `Validation failed: ${l.issues.map((S) => S.message).join(', ')}`,
+        });
       let h = l.output,
         d = P8(i.headers.authorization),
         m = `${r}_${d}`,
         p = O0[r] || O0.api,
         f = await A8(m, p);
       if (!f.allowed)
-        return a
-          .status(429)
-          .json({
-            error: `Rate limit exceeded. Try again in ${f.blockRemainingSeconds} seconds.`,
-            retryAfter: f.blockRemainingSeconds,
-          });
+        return a.status(429).json({
+          error: `Rate limit exceeded. Try again in ${f.blockRemainingSeconds} seconds.`,
+          retryAfter: f.blockRemainingSeconds,
+        });
       let z = await o(i, a, h, { uid: d });
       return (
         await D0({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@donotdev/functions",
-  "version": "0.0.3",
+  "version": "0.0.5",
   "private": false,
   "description": "Backend functions for DoNotDev Framework - Firebase, Vercel, and platform-agnostic implementations for auth, billing, CRUD, and OAuth",
   "main": "./lib/firebase/index.js",
@@ -42,14 +42,14 @@
     "serve": "firebase emulators:start --only functions"
   },
   "dependencies": {
-    "@donotdev/core": "0.0.3",
-    "@donotdev/firebase": "0.0.3"
+    "@donotdev/core": "^0.0.12",
+    "@donotdev/firebase": "^0.0.5"
   },
   "peerDependencies": {
-    "@sentry/node": "^10.25.0",
+    "@sentry/node": "^10.33.0",
     "firebase-admin": "^13.6.0",
     "firebase-functions": "^7.0.1",
-    "next": "^16.0.7",
+    "next": "^16.1.4",
     "stripe": "^20.1.0",
     "valibot": "^1.2.0"
   },

package/src/firebase/auth/getCustomClaims.ts

@@ -15,10 +15,16 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const getCustomClaimsSchema = v.object({});
 
+type GetCustomClaimsRequest = v.InferOutput<typeof getCustomClaimsSchema>;
+type GetCustomClaimsResponse = { customClaims: Record<string, any> };
+
 /**
  * Business logic for getting custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -28,10 +34,10 @@ const getCustomClaimsSchema = v.object({});
  * @author AMBROISE PARK Consulting
  */
 async function getCustomClaimsLogic(
-  data: v.InferOutput<typeof getCustomClaimsSchema>,
+  data: GetCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof getCustomClaimsSchema>>;
+    request: CallableRequest<GetCustomClaimsRequest>;
   }
 ) {
   const user = await getFirebaseAdminAuth().getUser(context.uid);
@@ -48,7 +54,10 @@ async function getCustomClaimsLogic(
  */
 export const getCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  GetCustomClaimsRequest,
+  Promise<GetCustomClaimsResponse>
+> => {
   const schema = customSchema || getCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/getUserAuthStatus.ts

@@ -15,10 +15,24 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const getUserAuthStatusSchema = v.object({});
 
+export type GetUserAuthStatusRequest = v.InferOutput<
+  typeof getUserAuthStatusSchema
+>;
+export type GetUserAuthStatusResponse = {
+  uid: string;
+  email?: string;
+  emailVerified: boolean;
+  customClaims: Record<string, any>;
+  disabled: boolean;
+};
+
 /**
  * Business logic for getting user auth status
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -28,10 +42,10 @@ const getUserAuthStatusSchema = v.object({});
  * @author AMBROISE PARK Consulting
  */
 async function getUserAuthStatusLogic(
-  data: v.InferOutput<typeof getUserAuthStatusSchema>,
+  data: GetUserAuthStatusRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof getUserAuthStatusSchema>>;
+    request: CallableRequest<GetUserAuthStatusRequest>;
   }
 ) {
   const user = await getFirebaseAdminAuth().getUser(context.uid);
@@ -55,7 +69,10 @@ async function getUserAuthStatusLogic(
  */
 export const getUserAuthStatus = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  GetUserAuthStatusRequest,
+  Promise<GetUserAuthStatusResponse>
+> => {
   const schema = customSchema || getUserAuthStatusSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/removeCustomClaims.ts

@@ -15,7 +15,10 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const removeCustomClaimsSchema = v.object({
   claimsToRemove: v.pipe(
@@ -24,6 +27,14 @@ const removeCustomClaimsSchema = v.object({
   ),
 });
 
+export type RemoveCustomClaimsRequest = v.InferOutput<
+  typeof removeCustomClaimsSchema
+>;
+export type RemoveCustomClaimsResponse = {
+  success: boolean;
+  customClaims: Record<string, any>;
+};
+
 /**
  * Business logic for removing custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -33,10 +44,10 @@ const removeCustomClaimsSchema = v.object({
  * @author AMBROISE PARK Consulting
  */
 async function removeCustomClaimsLogic(
-  data: v.InferOutput<typeof removeCustomClaimsSchema>,
+  data: RemoveCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof removeCustomClaimsSchema>>;
+    request: CallableRequest<RemoveCustomClaimsRequest>;
   }
 ) {
   const { claimsToRemove } = data;
@@ -65,7 +76,10 @@ async function removeCustomClaimsLogic(
  */
 export const removeCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  RemoveCustomClaimsRequest,
+  Promise<RemoveCustomClaimsResponse>
+> => {
   const schema = customSchema || removeCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/setCustomClaims.ts

@@ -17,13 +17,24 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const setCustomClaimsSchema = v.object({
   customClaims: v.record(v.string(), v.any()),
   idempotencyKey: v.optional(v.string()),
 });
 
+export type SetCustomClaimsRequest = v.InferOutput<
+  typeof setCustomClaimsSchema
+>;
+export type SetCustomClaimsResponse = {
+  success: boolean;
+  customClaims: Record<string, any>;
+};
+
 /**
  * Business logic for setting custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -33,10 +44,10 @@ const setCustomClaimsSchema = v.object({
  * @author AMBROISE PARK Consulting
  */
 async function setCustomClaimsLogic(
-  data: v.InferOutput<typeof setCustomClaimsSchema>,
+  data: SetCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof setCustomClaimsSchema>>;
+    request: CallableRequest<SetCustomClaimsRequest>;
   }
 ) {
   const { customClaims, idempotencyKey } = data;
@@ -94,7 +105,10 @@ async function setCustomClaimsLogic(
  */
 export const setCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  SetCustomClaimsRequest,
+  Promise<SetCustomClaimsResponse>
+> => {
   const schema = customSchema || setCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/billing/createCheckoutSession.ts

@@ -27,8 +27,13 @@ import {
 import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
 import { createBaseFunction } from '../baseFunction.js';
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey } from '../config/secrets.js'; // ✅ IMPORT SECRET
+import { initStripe } from '../../shared/utils.js'; // ✅ IMPORT INIT
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 /**
  * Business logic for creating Stripe checkout session
@@ -41,6 +46,9 @@ async function createCheckoutSessionLogic(
   },
   billingConfig: StripeBackConfig
 ) {
+  // ✅ LATEST BEST PRACTICE: Initialize with secret value explicitly
+  initStripe(stripeSecretKey.value());
+
   try {
     validateStripeEnvironment();
   } catch (error) {
@@ -217,7 +225,12 @@ async function createCheckoutSessionLogic(
  * });
  * window.location.href = result.data.sessionUrl;
  */
-export function createCheckoutSession(billingConfig: StripeBackConfig) {
+export function createCheckoutSession(
+  billingConfig: StripeBackConfig
+): CallableFunction<
+  CreateCheckoutSessionRequest,
+  Promise<{ sessionId: string; sessionUrl: string }>
+> {
   return createBaseFunction<
     CreateCheckoutSessionRequest,
     { sessionId: string; sessionUrl: string }

package/src/firebase/billing/createCustomerPortal.ts

@@ -13,38 +13,58 @@ import { getFirebaseAdminAuth } from '@donotdev/firebase/server';
 import * as v from 'valibot';
 
 import { handleError } from '../../shared/errorHandling.js';
-import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
+import {
+  stripe,
+  validateStripeEnvironment,
+  initStripe,
+} from '../../shared/utils.js'; // ✅ IMPORT INIT
 import { createBaseFunction } from '../baseFunction.js';
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey } from '../config/secrets.js'; // ✅ IMPORT SECRET
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const customerPortalSchema = v.object({
   userId: v.string(),
   returnUrl: v.optional(v.pipe(v.string(), v.url())),
 });
 
+type CustomerPortalRequest = v.InferOutput<typeof customerPortalSchema>;
+
 async function createCustomerPortalLogic(
-  data: { userId: string; returnUrl?: string },
-  context: { uid: string; request: CallableRequest }
+  data: CustomerPortalRequest,
+  context: { uid: string; request: CallableRequest<CustomerPortalRequest> }
 ) {
-  validateStripeEnvironment();
+  // ✅ LATEST BEST PRACTICE: Init with secret value
+  initStripe(stripeSecretKey.value());
+
+  try {
+    validateStripeEnvironment();
+  } catch (error) {
+    throw handleError(error);
+  }
 
   const { userId, returnUrl } = data;
 
   // Get customer ID from user claims
   const user = await getFirebaseAdminAuth().getUser(userId);
-  const currentClaims = user.customClaims || {};
-  const customerId = currentClaims.subscription?.customerId;
+  // ... (rest of logic)
+  const currentClaims = (user.customClaims || {}) as any;
+  const customerId =
+    currentClaims.subscription?.customerId ||
+    user.customClaims?.stripeCustomerId;
 
   if (!customerId) {
-    throw handleError(new Error('No customer found'));
+    throw handleError(new Error('No Stripe customer ID found for user'));
   }
 
   // Create portal session
   const session = await stripe.billingPortal.sessions.create({
     customer: customerId,
-    return_url: returnUrl || `${process.env.FRONTEND_URL}/billing`,
+    return_url: returnUrl || 'https://donotdev.com/dashboard', // Fallback
   });
 
   return {
@@ -52,8 +72,11 @@ async function createCustomerPortalLogic(
   };
 }
 
-export function createCustomerPortal() {
-  return createBaseFunction(
+export function createCustomerPortal(): CallableFunction<
+  CustomerPortalRequest,
+  Promise<{ url: string }>
+> {
+  return createBaseFunction<CustomerPortalRequest, { url: string }>(
     STRIPE_CONFIG,
     customerPortalSchema,
     'create_customer_portal',

package/src/firebase/billing/webhookHandler.ts

@@ -10,15 +10,20 @@
  */
 
 import { logger } from 'firebase-functions/v2';
-import { onRequest } from 'firebase-functions/v2/https';
+import { onRequest, type HttpsFunction } from 'firebase-functions/v2/https';
 
 import type { StripeBackConfig } from '@donotdev/core/server';
 
 import { updateUserSubscription } from '../../shared/billing/helpers/updateUserSubscription.js';
 import { processWebhook } from '../../shared/billing/webhookHandler.js';
 import { handleError } from '../../shared/errorHandling.js';
-import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
+import {
+  stripe,
+  validateStripeEnvironment,
+  initStripe,
+} from '../../shared/utils.js'; // ✅ IMPORT INIT
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey, stripeWebhookSecret } from '../config/secrets.js'; // ✅ IMPORT SECRETS
 
 /**
  * Read raw body from request stream
@@ -42,10 +47,15 @@ async function getRawBody(req: any): Promise<Buffer> {
 /**
  * Create Firebase webhook handler from billing config
  */
-export function createStripeWebhook(billingConfig: StripeBackConfig) {
+export function createStripeWebhook(
+  billingConfig: StripeBackConfig
+): HttpsFunction {
   return onRequest(STRIPE_CONFIG, async (req, res) => {
+    // ✅ LATEST BEST PRACTICE: Init with secret value
+    initStripe(stripeSecretKey.value());
+
     try {
-      validateStripeEnvironment();
+      // validateStripeEnvironment(); // initStripe handles this now
 
       const sig = req.headers['stripe-signature'];
       if (!sig || Array.isArray(sig)) {
@@ -58,7 +68,9 @@ export function createStripeWebhook(billingConfig: StripeBackConfig) {
         throw handleError(error);
       }
 
-      const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+      // ✅ LATEST BEST PRACTICE: Use defineSecret value
+      const webhookSecret = stripeWebhookSecret.value();
+
       if (!webhookSecret) {
         const error = new Error('STRIPE_WEBHOOK_SECRET not configured');
         logger.error('[Webhook] Missing webhook secret', {

package/src/firebase/config/constants.ts

@@ -27,14 +27,19 @@ export const FUNCTION_CONFIG = {
   ...BASE_CONFIG,
   memory: '1GiB' as const,
   timeoutSeconds: 60,
+  cors: true, // Enable CORS by default for all functions (required for web apps)
 } as const;
 
+import { stripeSecretKey, stripeWebhookSecret } from './secrets.js';
+
 /** Stripe/billing functions */
 export const STRIPE_CONFIG = {
   ...BASE_CONFIG,
   memory: '512MiB' as const,
   timeoutSeconds: 30,
-} as const;
+  cors: true,
+  secrets: [stripeSecretKey, stripeWebhookSecret],
+};
 
 /** Auth functions */
 export const AUTH_CONFIG = {
@@ -48,6 +53,7 @@ export const CRUD_CONFIG = {
   ...BASE_CONFIG,
   memory: '256MiB' as const,
   timeoutSeconds: 15,
+  cors: true, // Enable CORS for cross-origin requests (required for web apps)
 } as const;
 
 /**

package/src/firebase/config/secrets.ts

@@ -0,0 +1,32 @@
+// packages/functions/src/firebase/config/secrets.ts
+
+/**
+ * @fileoverview Firebase Functions V2 Secrets
+ * @description Definition of secrets using the modern defineSecret API
+ *
+ * @version 0.0.1
+ * @since 0.0.1
+ * @author AMBROISE PARK Consulting
+ */
+
+import { defineSecret } from 'firebase-functions/params';
+
+/**
+ * Stripe Secret Key
+ * Used for server-side Stripe API operations
+ */
+export const stripeSecretKey = defineSecret('STRIPE_SECRET_KEY');
+
+/**
+ * Stripe Webhook Secret
+ * Used to verify signatures of incoming Stripe webhooks
+ */
+export const stripeWebhookSecret = defineSecret('STRIPE_WEBHOOK_SECRET');
+
+/**
+ * GitHub Personal Access Token
+ * Used for GitHub API operations (repo access, etc.)
+ */
+export const githubPersonalAccessToken = defineSecret(
+  'GITHUB_PERSONAL_ACCESS_TOKEN'
+);