@donotdev/functions 0.0.4 → 0.0.6

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@donotdev/functions",
-  "version": "0.0.4",
+  "version": "0.0.6",
   "private": false,
   "description": "Backend functions for DoNotDev Framework - Firebase, Vercel, and platform-agnostic implementations for auth, billing, CRUD, and OAuth",
   "main": "./lib/firebase/index.js",
@@ -42,14 +42,14 @@
     "serve": "firebase emulators:start --only functions"
   },
   "dependencies": {
-    "@donotdev/core": "0.0.4",
-    "@donotdev/firebase": "0.0.4"
+    "@donotdev/core": "^0.0.13",
+    "@donotdev/firebase": "^0.0.5"
   },
   "peerDependencies": {
-    "@sentry/node": "^10.25.0",
+    "@sentry/node": "^10.33.0",
     "firebase-admin": "^13.6.0",
     "firebase-functions": "^7.0.1",
-    "next": "^16.0.7",
+    "next": "^16.1.4",
     "stripe": "^20.1.0",
     "valibot": "^1.2.0"
   },

package/src/firebase/auth/getCustomClaims.ts

@@ -15,10 +15,16 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const getCustomClaimsSchema = v.object({});
 
+type GetCustomClaimsRequest = v.InferOutput<typeof getCustomClaimsSchema>;
+type GetCustomClaimsResponse = { customClaims: Record<string, any> };
+
 /**
  * Business logic for getting custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -28,10 +34,10 @@ const getCustomClaimsSchema = v.object({});
  * @author AMBROISE PARK Consulting
  */
 async function getCustomClaimsLogic(
-  data: v.InferOutput<typeof getCustomClaimsSchema>,
+  data: GetCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof getCustomClaimsSchema>>;
+    request: CallableRequest<GetCustomClaimsRequest>;
   }
 ) {
   const user = await getFirebaseAdminAuth().getUser(context.uid);
@@ -48,7 +54,10 @@ async function getCustomClaimsLogic(
  */
 export const getCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  GetCustomClaimsRequest,
+  Promise<GetCustomClaimsResponse>
+> => {
   const schema = customSchema || getCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/getUserAuthStatus.ts

@@ -15,10 +15,24 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const getUserAuthStatusSchema = v.object({});
 
+export type GetUserAuthStatusRequest = v.InferOutput<
+  typeof getUserAuthStatusSchema
+>;
+export type GetUserAuthStatusResponse = {
+  uid: string;
+  email?: string;
+  emailVerified: boolean;
+  customClaims: Record<string, any>;
+  disabled: boolean;
+};
+
 /**
  * Business logic for getting user auth status
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -28,10 +42,10 @@ const getUserAuthStatusSchema = v.object({});
  * @author AMBROISE PARK Consulting
  */
 async function getUserAuthStatusLogic(
-  data: v.InferOutput<typeof getUserAuthStatusSchema>,
+  data: GetUserAuthStatusRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof getUserAuthStatusSchema>>;
+    request: CallableRequest<GetUserAuthStatusRequest>;
   }
 ) {
   const user = await getFirebaseAdminAuth().getUser(context.uid);
@@ -55,7 +69,10 @@ async function getUserAuthStatusLogic(
  */
 export const getUserAuthStatus = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  GetUserAuthStatusRequest,
+  Promise<GetUserAuthStatusResponse>
+> => {
   const schema = customSchema || getUserAuthStatusSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/removeCustomClaims.ts

@@ -15,7 +15,10 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const removeCustomClaimsSchema = v.object({
   claimsToRemove: v.pipe(
@@ -24,6 +27,14 @@ const removeCustomClaimsSchema = v.object({
   ),
 });
 
+export type RemoveCustomClaimsRequest = v.InferOutput<
+  typeof removeCustomClaimsSchema
+>;
+export type RemoveCustomClaimsResponse = {
+  success: boolean;
+  customClaims: Record<string, any>;
+};
+
 /**
  * Business logic for removing custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -33,10 +44,10 @@ const removeCustomClaimsSchema = v.object({
  * @author AMBROISE PARK Consulting
  */
 async function removeCustomClaimsLogic(
-  data: v.InferOutput<typeof removeCustomClaimsSchema>,
+  data: RemoveCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof removeCustomClaimsSchema>>;
+    request: CallableRequest<RemoveCustomClaimsRequest>;
   }
 ) {
   const { claimsToRemove } = data;
@@ -65,7 +76,10 @@ async function removeCustomClaimsLogic(
  */
 export const removeCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  RemoveCustomClaimsRequest,
+  Promise<RemoveCustomClaimsResponse>
+> => {
   const schema = customSchema || removeCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/auth/setCustomClaims.ts

@@ -17,13 +17,24 @@ import * as v from 'valibot';
 import { createBaseFunction } from '../baseFunction.js';
 import { AUTH_CONFIG } from '../config/constants.js';
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const setCustomClaimsSchema = v.object({
   customClaims: v.record(v.string(), v.any()),
   idempotencyKey: v.optional(v.string()),
 });
 
+export type SetCustomClaimsRequest = v.InferOutput<
+  typeof setCustomClaimsSchema
+>;
+export type SetCustomClaimsResponse = {
+  success: boolean;
+  customClaims: Record<string, any>;
+};
+
 /**
  * Business logic for setting custom claims
  * Base function handles: validation, auth, rate limiting, monitoring
@@ -33,10 +44,10 @@ const setCustomClaimsSchema = v.object({
  * @author AMBROISE PARK Consulting
  */
 async function setCustomClaimsLogic(
-  data: v.InferOutput<typeof setCustomClaimsSchema>,
+  data: SetCustomClaimsRequest,
   context: {
     uid: string;
-    request: CallableRequest<v.InferOutput<typeof setCustomClaimsSchema>>;
+    request: CallableRequest<SetCustomClaimsRequest>;
   }
 ) {
   const { customClaims, idempotencyKey } = data;
@@ -94,7 +105,10 @@ async function setCustomClaimsLogic(
  */
 export const setCustomClaims = (
   customSchema?: v.BaseSchema<unknown, any, v.BaseIssue<unknown>>
-) => {
+): CallableFunction<
+  SetCustomClaimsRequest,
+  Promise<SetCustomClaimsResponse>
+> => {
   const schema = customSchema || setCustomClaimsSchema;
   return createBaseFunction(
     AUTH_CONFIG,

package/src/firebase/billing/createCheckoutSession.ts

@@ -27,8 +27,13 @@ import {
 import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
 import { createBaseFunction } from '../baseFunction.js';
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey } from '../config/secrets.js'; // ✅ IMPORT SECRET
+import { initStripe } from '../../shared/utils.js'; // ✅ IMPORT INIT
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 /**
  * Business logic for creating Stripe checkout session
@@ -41,6 +46,9 @@ async function createCheckoutSessionLogic(
   },
   billingConfig: StripeBackConfig
 ) {
+  // ✅ LATEST BEST PRACTICE: Initialize with secret value explicitly
+  initStripe(stripeSecretKey.value());
+
   try {
     validateStripeEnvironment();
   } catch (error) {
@@ -217,7 +225,12 @@ async function createCheckoutSessionLogic(
  * });
  * window.location.href = result.data.sessionUrl;
  */
-export function createCheckoutSession(billingConfig: StripeBackConfig) {
+export function createCheckoutSession(
+  billingConfig: StripeBackConfig
+): CallableFunction<
+  CreateCheckoutSessionRequest,
+  Promise<{ sessionId: string; sessionUrl: string }>
+> {
   return createBaseFunction<
     CreateCheckoutSessionRequest,
     { sessionId: string; sessionUrl: string }

package/src/firebase/billing/createCustomerPortal.ts

@@ -13,38 +13,58 @@ import { getFirebaseAdminAuth } from '@donotdev/firebase/server';
 import * as v from 'valibot';
 
 import { handleError } from '../../shared/errorHandling.js';
-import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
+import {
+  stripe,
+  validateStripeEnvironment,
+  initStripe,
+} from '../../shared/utils.js'; // ✅ IMPORT INIT
 import { createBaseFunction } from '../baseFunction.js';
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey } from '../config/secrets.js'; // ✅ IMPORT SECRET
 
-import type { CallableRequest } from 'firebase-functions/v2/https';
+import type {
+  CallableFunction,
+  CallableRequest,
+} from 'firebase-functions/v2/https';
 
 const customerPortalSchema = v.object({
   userId: v.string(),
   returnUrl: v.optional(v.pipe(v.string(), v.url())),
 });
 
+type CustomerPortalRequest = v.InferOutput<typeof customerPortalSchema>;
+
 async function createCustomerPortalLogic(
-  data: { userId: string; returnUrl?: string },
-  context: { uid: string; request: CallableRequest }
+  data: CustomerPortalRequest,
+  context: { uid: string; request: CallableRequest<CustomerPortalRequest> }
 ) {
-  validateStripeEnvironment();
+  // ✅ LATEST BEST PRACTICE: Init with secret value
+  initStripe(stripeSecretKey.value());
+
+  try {
+    validateStripeEnvironment();
+  } catch (error) {
+    throw handleError(error);
+  }
 
   const { userId, returnUrl } = data;
 
   // Get customer ID from user claims
   const user = await getFirebaseAdminAuth().getUser(userId);
-  const currentClaims = user.customClaims || {};
-  const customerId = currentClaims.subscription?.customerId;
+  // ... (rest of logic)
+  const currentClaims = (user.customClaims || {}) as any;
+  const customerId =
+    currentClaims.subscription?.customerId ||
+    user.customClaims?.stripeCustomerId;
 
   if (!customerId) {
-    throw handleError(new Error('No customer found'));
+    throw handleError(new Error('No Stripe customer ID found for user'));
   }
 
   // Create portal session
   const session = await stripe.billingPortal.sessions.create({
     customer: customerId,
-    return_url: returnUrl || `${process.env.FRONTEND_URL}/billing`,
+    return_url: returnUrl || 'https://donotdev.com/dashboard', // Fallback
   });
 
   return {
@@ -52,8 +72,11 @@ async function createCustomerPortalLogic(
   };
 }
 
-export function createCustomerPortal() {
-  return createBaseFunction(
+export function createCustomerPortal(): CallableFunction<
+  CustomerPortalRequest,
+  Promise<{ url: string }>
+> {
+  return createBaseFunction<CustomerPortalRequest, { url: string }>(
     STRIPE_CONFIG,
     customerPortalSchema,
     'create_customer_portal',

package/src/firebase/billing/webhookHandler.ts

@@ -10,15 +10,20 @@
  */
 
 import { logger } from 'firebase-functions/v2';
-import { onRequest } from 'firebase-functions/v2/https';
+import { onRequest, type HttpsFunction } from 'firebase-functions/v2/https';
 
 import type { StripeBackConfig } from '@donotdev/core/server';
 
 import { updateUserSubscription } from '../../shared/billing/helpers/updateUserSubscription.js';
 import { processWebhook } from '../../shared/billing/webhookHandler.js';
 import { handleError } from '../../shared/errorHandling.js';
-import { stripe, validateStripeEnvironment } from '../../shared/utils.js';
+import {
+  stripe,
+  validateStripeEnvironment,
+  initStripe,
+} from '../../shared/utils.js'; // ✅ IMPORT INIT
 import { STRIPE_CONFIG } from '../config/constants.js';
+import { stripeSecretKey, stripeWebhookSecret } from '../config/secrets.js'; // ✅ IMPORT SECRETS
 
 /**
  * Read raw body from request stream
@@ -42,10 +47,15 @@ async function getRawBody(req: any): Promise<Buffer> {
 /**
  * Create Firebase webhook handler from billing config
  */
-export function createStripeWebhook(billingConfig: StripeBackConfig) {
+export function createStripeWebhook(
+  billingConfig: StripeBackConfig
+): HttpsFunction {
   return onRequest(STRIPE_CONFIG, async (req, res) => {
+    // ✅ LATEST BEST PRACTICE: Init with secret value
+    initStripe(stripeSecretKey.value());
+
     try {
-      validateStripeEnvironment();
+      // validateStripeEnvironment(); // initStripe handles this now
 
       const sig = req.headers['stripe-signature'];
       if (!sig || Array.isArray(sig)) {
@@ -58,7 +68,9 @@ export function createStripeWebhook(billingConfig: StripeBackConfig) {
         throw handleError(error);
       }
 
-      const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+      // ✅ LATEST BEST PRACTICE: Use defineSecret value
+      const webhookSecret = stripeWebhookSecret.value();
+
       if (!webhookSecret) {
         const error = new Error('STRIPE_WEBHOOK_SECRET not configured');
         logger.error('[Webhook] Missing webhook secret', {

package/src/firebase/config/constants.ts

@@ -27,14 +27,19 @@ export const FUNCTION_CONFIG = {
   ...BASE_CONFIG,
   memory: '1GiB' as const,
   timeoutSeconds: 60,
+  cors: true, // Enable CORS by default for all functions (required for web apps)
 } as const;
 
+import { stripeSecretKey, stripeWebhookSecret } from './secrets.js';
+
 /** Stripe/billing functions */
 export const STRIPE_CONFIG = {
   ...BASE_CONFIG,
   memory: '512MiB' as const,
   timeoutSeconds: 30,
-} as const;
+  cors: true,
+  secrets: [stripeSecretKey, stripeWebhookSecret],
+};
 
 /** Auth functions */
 export const AUTH_CONFIG = {
@@ -48,6 +53,7 @@ export const CRUD_CONFIG = {
   ...BASE_CONFIG,
   memory: '256MiB' as const,
   timeoutSeconds: 15,
+  cors: true, // Enable CORS for cross-origin requests (required for web apps)
 } as const;
 
 /**

package/src/firebase/config/secrets.ts

@@ -0,0 +1,32 @@
+// packages/functions/src/firebase/config/secrets.ts
+
+/**
+ * @fileoverview Firebase Functions V2 Secrets
+ * @description Definition of secrets using the modern defineSecret API
+ *
+ * @version 0.0.1
+ * @since 0.0.1
+ * @author AMBROISE PARK Consulting
+ */
+
+import { defineSecret } from 'firebase-functions/params';
+
+/**
+ * Stripe Secret Key
+ * Used for server-side Stripe API operations
+ */
+export const stripeSecretKey = defineSecret('STRIPE_SECRET_KEY');
+
+/**
+ * Stripe Webhook Secret
+ * Used to verify signatures of incoming Stripe webhooks
+ */
+export const stripeWebhookSecret = defineSecret('STRIPE_WEBHOOK_SECRET');
+
+/**
+ * GitHub Personal Access Token
+ * Used for GitHub API operations (repo access, etc.)
+ */
+export const githubPersonalAccessToken = defineSecret(
+  'GITHUB_PERSONAL_ACCESS_TOKEN'
+);