@knotpad/app 0.1.5 → 0.1.7

package/app/api/billing/checkout/route.tsx

@@ -0,0 +1,81 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { stripe, PRICE_ID_PERSONAL_PRO, PRICE_ID_TEAM_PRO, APP_URL } from "@/lib/stripe";
+
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = await req.json().catch(() => ({}));
+
+  // plan = "personal" (1 seat, PERSONAL_PRO) | "team" (N seats, TEAM_PRO, min 2)
+  const plan: "personal" | "team" = body.plan === "team" ? "team" : "personal";
+  const seats: number = plan === "team" ? Math.max(2, parseInt(body.seats ?? "2")) : 1;
+  const targetWorkspaceId: string | undefined = body.workspaceId;
+
+  // Find the workspace to upgrade. For team checkouts a specific workspaceId is
+  // required (the newly created team workspace). For personal, use the caller's
+  // personal workspace.
+  const member = targetWorkspaceId
+    ? await prisma.workspaceMember.findFirst({
+        where: {
+          userId: session.user.id,
+          workspaceId: targetWorkspaceId,
+          role: { in: ["OWNER", "ADMIN"] },
+        },
+        include: { workspace: true },
+      })
+    : await prisma.workspaceMember.findFirst({
+        where: {
+          userId: session.user.id,
+          role: { in: ["OWNER", "ADMIN"] },
+          workspace: { type: "PERSONAL" },
+        },
+        include: { workspace: true },
+      });
+
+  if (!member) return NextResponse.json({ error: "Must be owner or admin" }, { status: 403 });
+
+  const { workspace } = member;
+
+  // Guard: prevent creating a second checkout session for an already-active subscription.
+  if (workspace.isPro && workspace.stripeSubId) {
+    return NextResponse.json(
+      { error: "Workspace is already subscribed", stripeSubId: workspace.stripeSubId },
+      { status: 409 }
+    );
+  }
+
+  // Create or reuse Stripe customer
+  let customerId = workspace.stripeId;
+  if (!customerId) {
+    const customer = await stripe.customers.create({
+      email: session.user.email,
+      name: session.user.name,
+      metadata: { workspaceId: workspace.id },
+    });
+    customerId = customer.id;
+    await prisma.workspace.update({
+      where: { id: workspace.id },
+      data: { stripeId: customerId },
+    });
+  }
+
+  const planType = plan === "team" ? "TEAM_PRO" : "PERSONAL_PRO";
+  const priceId = plan === "team" ? PRICE_ID_TEAM_PRO : PRICE_ID_PERSONAL_PRO;
+
+  const checkoutSession = await stripe.checkout.sessions.create({
+    customer: customerId,
+    mode: "subscription",
+    line_items: [{ price: priceId, quantity: seats }],
+    success_url: `${APP_URL}/settings/billing?upgraded=1`,
+    cancel_url: `${APP_URL}/settings/billing`,
+    metadata: { workspaceId: workspace.id, userId: session.user.id, planType },
+    subscription_data: {
+      metadata: { workspaceId: workspace.id, planType },
+    },
+  });
+
+  return NextResponse.json({ url: checkoutSession.url });
+}

package/app/api/billing/migrate/route.tsx

@@ -0,0 +1,163 @@
+import { NextRequest, NextResponse } from "next/server";
+import { prisma, getCloudPrisma } from "@/lib/prisma";
+
+export const dynamic = "force-dynamic";
+
+const BATCH = 100;
+
+export async function POST(req: NextRequest) {
+  // Secured with the same CRON_SECRET used by the sync cron.
+  const cronSecret = process.env.CRON_SECRET;
+  if (!cronSecret || req.headers.get("authorization") !== `Bearer ${cronSecret}`) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  const body = await req.json().catch(() => ({}));
+  const { workspaceId } = body as { workspaceId?: string };
+  if (!workspaceId) return NextResponse.json({ error: "workspaceId required" }, { status: 400 });
+
+  const cloud = getCloudPrisma();
+  if (!cloud) {
+    return NextResponse.json({ error: "Cloud not configured" }, { status: 503 });
+  }
+
+  // Idempotency: if cloud already has notes for this workspace, just refresh the sync timestamp.
+  const existingCount = await cloud.note.count({ where: { workspaceId } });
+  if (existingCount > 0) {
+    await cloud.syncState.upsert({
+      where: { workspaceId },
+      update: { lastSyncedAt: new Date() },
+      create: { workspaceId, lastSyncedAt: new Date() },
+    });
+    return NextResponse.json({ migrated: 0, alreadyDone: true });
+  }
+
+  // Ensure the workspace record exists in Neon (may already be there from auth adapter).
+  const workspace = await prisma.workspace.findUnique({ where: { id: workspaceId } });
+  if (!workspace) return NextResponse.json({ error: "Workspace not found" }, { status: 404 });
+
+  await cloud.workspace.upsert({
+    where: { id: workspaceId },
+    create: {
+      id: workspace.id,
+      name: workspace.name,
+      slug: workspace.slug,
+      type: workspace.type,
+      planType: workspace.planType,
+      licenseType: workspace.licenseType,
+      isCloud: workspace.isCloud,
+      isPro: workspace.isPro,
+      seatCount: workspace.seatCount,
+      stripeId: workspace.stripeId,
+      stripeSubId: workspace.stripeSubId,
+      encryptionSalt: workspace.encryptionSalt,
+      createdAt: workspace.createdAt,
+    },
+    update: {
+      isPro: workspace.isPro,
+      isCloud: workspace.isCloud,
+      planType: workspace.planType,
+      encryptionSalt: workspace.encryptionSalt,
+    },
+  });
+
+  // Copy folders (notes reference them via FK)
+  const folders = await prisma.folder.findMany({ where: { workspaceId } });
+  for (let i = 0; i < folders.length; i += BATCH) {
+    await cloud.folder.createMany({
+      data: folders.slice(i, i + BATCH).map((f) => ({
+        id: f.id, name: f.name, workspaceId: f.workspaceId, createdAt: f.createdAt,
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  // Copy notes (tasks reference them via FK); ciphertext is portable byte-for-byte
+  const notes = await prisma.note.findMany({ where: { workspaceId } });
+  for (let i = 0; i < notes.length; i += BATCH) {
+    await cloud.note.createMany({
+      data: notes.slice(i, i + BATCH).map((n) => ({
+        id: n.id,
+        title: n.title,
+        content: n.content,
+        workspaceId: n.workspaceId,
+        folderId: n.folderId,
+        isLocked: n.isLocked,
+        cloudOnly: n.cloudOnly,
+        version: n.version,
+        deviceId: n.deviceId,
+        createdAt: n.createdAt,
+        updatedAt: n.updatedAt,
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  // Copy tasks
+  const tasks = await prisma.task.findMany({ where: { workspaceId } });
+  for (let i = 0; i < tasks.length; i += BATCH) {
+    await cloud.task.createMany({
+      data: tasks.slice(i, i + BATCH).map((t) => ({
+        id: t.id,
+        title: t.title,
+        status: t.status,
+        noteId: t.noteId,
+        workspaceId: t.workspaceId,
+        assigneeId: t.assigneeId,
+        assigneeType: t.assigneeType,
+        claimedBy: t.claimedBy,
+        claimedByAlias: t.claimedByAlias,
+        claimedAt: t.claimedAt,
+        lastHeartbeat: t.lastHeartbeat,
+        fileRefs: t.fileRefs,
+        startDate: t.startDate,
+        dueDate: t.dueDate,
+        syncLocal: t.syncLocal,
+        version: t.version,
+        deviceId: t.deviceId,
+        createdAt: t.createdAt,
+        updatedAt: t.updatedAt,
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  // Copy task references
+  const refs = await prisma.taskReference.findMany({
+    where: { task: { workspaceId } },
+  });
+  for (let i = 0; i < refs.length; i += BATCH) {
+    await cloud.taskReference.createMany({
+      data: refs.slice(i, i + BATCH).map((r) => ({
+        id: r.id, taskId: r.taskId, noteId: r.noteId, snippet: r.snippet,
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  // Copy tombstones
+  const tombstones = await prisma.tombstone.findMany({ where: { workspaceId } });
+  for (let i = 0; i < tombstones.length; i += BATCH) {
+    await cloud.tombstone.createMany({
+      data: tombstones.slice(i, i + BATCH).map((t) => ({
+        id: t.id, workspaceId: t.workspaceId, entityType: t.entityType,
+        entityId: t.entityId, deletedAt: t.deletedAt,
+      })),
+      skipDuplicates: true,
+    });
+  }
+
+  // Seed SyncState so the flush worker starts clean
+  await cloud.syncState.upsert({
+    where: { workspaceId },
+    update: { lastSyncedAt: new Date() },
+    create: { workspaceId, lastSyncedAt: new Date() },
+  });
+
+  return NextResponse.json({
+    migrated: notes.length,
+    notes: notes.length,
+    tasks: tasks.length,
+    folders: folders.length,
+  });
+}

package/app/api/billing/portal/route.tsx

@@ -0,0 +1,24 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { stripe, APP_URL } from "@/lib/stripe";
+
+export async function POST() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const member = await prisma.workspaceMember.findFirst({
+    where: { userId: session.user.id, role: "OWNER" },
+    include: { workspace: true },
+  });
+  if (!member?.workspace.stripeId) {
+    return NextResponse.json({ error: "No billing account found" }, { status: 404 });
+  }
+
+  const portalSession = await stripe.billingPortal.sessions.create({
+    customer: member.workspace.stripeId,
+    return_url: `${APP_URL}/settings/billing`,
+  });
+
+  return NextResponse.json({ url: portalSession.url });
+}

package/app/api/billing/setup-intent/route.tsx

@@ -0,0 +1,55 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { stripe } from "@/lib/stripe";
+
+/**
+ * POST /api/billing/setup-intent
+ * Body: { workspaceId }
+ *
+ * Creates a Stripe SetupIntent so the client can collect a card
+ * using Stripe Elements without leaving the page.
+ * Returns { clientSecret, customerId }.
+ */
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = await req.json().catch(() => ({}));
+  const { workspaceId } = body;
+
+  if (!workspaceId) {
+    return NextResponse.json({ error: "workspaceId required" }, { status: 400 });
+  }
+
+  const member = await prisma.workspaceMember.findFirst({
+    where: { userId: session.user.id, workspaceId, role: { in: ["OWNER", "ADMIN"] }, revokedAt: null },
+    include: { workspace: true },
+  });
+  if (!member) return NextResponse.json({ error: "Must be owner or admin" }, { status: 403 });
+
+  const { workspace } = member;
+
+  // Create or reuse Stripe customer
+  let customerId = workspace.stripeId;
+  if (!customerId) {
+    const customer = await stripe.customers.create({
+      email: session.user.email ?? undefined,
+      name: session.user.name ?? undefined,
+      metadata: { workspaceId: workspace.id },
+    });
+    customerId = customer.id;
+    await prisma.workspace.update({
+      where: { id: workspace.id },
+      data: { stripeId: customerId },
+    });
+  }
+
+  const setupIntent = await stripe.setupIntents.create({
+    customer: customerId,
+    payment_method_types: ["card"],
+    metadata: { workspaceId: workspace.id },
+  });
+
+  return NextResponse.json({ clientSecret: setupIntent.client_secret, customerId });
+}

package/app/api/billing/status/route.tsx

@@ -0,0 +1,36 @@
+import { NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { isWorkspacePro, isWorkspaceCloud } from "@/lib/license";
+
+export async function GET() {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  // Return all workspaces the user belongs to (active members only)
+  const memberships = await prisma.workspaceMember.findMany({
+    where: { userId: session.user.id, revokedAt: null },
+    include: {
+      workspace: {
+        include: { _count: { select: { members: { where: { revokedAt: null } } } } },
+      },
+    },
+    orderBy: { joinedAt: "asc" },
+  });
+
+  const workspaces = memberships.map((m) => ({
+    id: m.workspace.id,
+    name: m.workspace.name,
+    type: m.workspace.type,
+    planType: m.workspace.planType,
+    isPro: isWorkspacePro(m.workspace),
+    isCloud: isWorkspaceCloud(m.workspace),
+    seatCount: m.workspace.seatCount,
+    memberCount: m.workspace._count.members,
+    stripeId: m.workspace.stripeId,
+    isOwner: m.role === "OWNER",
+    role: m.role,
+  }));
+
+  return NextResponse.json({ workspaces });
+}

package/app/api/billing/subscribe/route.tsx

@@ -0,0 +1,85 @@
+import { NextRequest, NextResponse } from "next/server";
+import { auth } from "@/auth";
+import { prisma } from "@/lib/prisma";
+import { stripe, PRICE_ID_PERSONAL_PRO, PRICE_ID_TEAM_PRO } from "@/lib/stripe";
+
+/**
+ * POST /api/billing/subscribe
+ * Body: { paymentMethodId, plan, seats, workspaceId? }
+ *
+ * Called after Stripe Elements confirms the SetupIntent.
+ * Attaches the saved card to the customer, creates the subscription,
+ * and updates the workspace plan immediately (webhook will reconcile).
+ */
+export async function POST(req: NextRequest) {
+  const session = await auth();
+  if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+
+  const body = await req.json().catch(() => ({}));
+  const { paymentMethodId, plan, seats: rawSeats, workspaceId } = body;
+
+  if (!paymentMethodId) return NextResponse.json({ error: "paymentMethodId required" }, { status: 400 });
+
+  const isTeam = plan === "team";
+  const seats: number = isTeam ? Math.max(2, parseInt(rawSeats ?? "2")) : 1;
+  const planType = isTeam ? "TEAM_PRO" : "PERSONAL_PRO";
+  const priceId = isTeam ? PRICE_ID_TEAM_PRO : PRICE_ID_PERSONAL_PRO;
+
+  const member = workspaceId
+    ? await prisma.workspaceMember.findFirst({
+        where: { userId: session.user.id, workspaceId, role: { in: ["OWNER", "ADMIN"] }, revokedAt: null },
+        include: { workspace: true },
+      })
+    : await prisma.workspaceMember.findFirst({
+        where: { userId: session.user.id, role: { in: ["OWNER", "ADMIN"] }, revokedAt: null },
+        include: { workspace: true },
+      });
+
+  if (!member) return NextResponse.json({ error: "Must be owner or admin" }, { status: 403 });
+
+  const { workspace } = member;
+  const customerId = workspace.stripeId;
+  if (!customerId) return NextResponse.json({ error: "No Stripe customer — call setup-intent first" }, { status: 400 });
+
+  // Guard: prevent double-charging if user submits twice or workspace is already subscribed.
+  if (workspace.stripeSubId) {
+    return NextResponse.json(
+      { error: "Workspace already has an active subscription", subscriptionId: workspace.stripeSubId },
+      { status: 409 }
+    );
+  }
+
+  // Attach PaymentMethod to customer and set as default
+  await stripe.paymentMethods.attach(paymentMethodId, { customer: customerId });
+  await stripe.customers.update(customerId, {
+    invoice_settings: { default_payment_method: paymentMethodId },
+  });
+
+  // Create the subscription
+  const subscription = await stripe.subscriptions.create({
+    customer: customerId,
+    items: [{ price: priceId, quantity: seats }],
+    default_payment_method: paymentMethodId,
+    metadata: { workspaceId: workspace.id, planType },
+  });
+
+  const active = subscription.status === "active" || subscription.status === "trialing";
+
+  // Optimistically update workspace — webhook will reconcile
+  await prisma.workspace.update({
+    where: { id: workspace.id },
+    data: {
+      planType: active ? planType : workspace.planType,
+      isPro: active,
+      isCloud: active,
+      stripeSubId: subscription.id,
+      seatCount: seats,
+    },
+  });
+
+  return NextResponse.json({
+    subscriptionId: subscription.id,
+    status: subscription.status,
+    planType,
+  });
+}

package/app/api/billing/webhook/route.tsx

@@ -0,0 +1,199 @@
+import { NextRequest, NextResponse } from "next/server";
+import Stripe from "stripe";
+import { prisma } from "@/lib/prisma";
+import { stripe } from "@/lib/stripe";
+
+export const dynamic = "force-dynamic";
+
+export async function POST(req: NextRequest) {
+  const body = await req.text();
+  const sig = req.headers.get("stripe-signature");
+
+  if (!sig || !process.env.STRIPE_WEBHOOK_SECRET) {
+    return NextResponse.json({ error: "Missing signature" }, { status: 400 });
+  }
+
+  let event: Stripe.Event;
+  try {
+    event = stripe.webhooks.constructEvent(body, sig, process.env.STRIPE_WEBHOOK_SECRET);
+  } catch {
+    return NextResponse.json({ error: "Webhook signature verification failed" }, { status: 400 });
+  }
+
+  // ── Idempotency guard ──────────────────────────────────────────────────────
+  // Stripe retries events for up to 3 days on non-2xx responses. Store the
+  // event ID before processing so replays are ignored without re-running logic.
+  const alreadyProcessed = await prisma.stripeWebhookEvent.findUnique({
+    where: { id: event.id },
+  });
+  if (alreadyProcessed) {
+    return NextResponse.json({ received: true });
+  }
+  await prisma.stripeWebhookEvent.create({
+    data: { id: event.id, type: event.type },
+  });
+  // ────────────────────────────────────────────────────────────────────────────
+
+  console.log(`[brief/webhook] processing event ${event.id} (${event.type})`);
+
+  switch (event.type) {
+    case "checkout.session.completed": {
+      const session = event.data.object as Stripe.Checkout.Session;
+      const workspaceId = session.metadata?.workspaceId;
+      const planType = session.metadata?.planType as "PERSONAL_PRO" | "TEAM_PRO" | undefined;
+      const subId = typeof session.subscription === "string" ? session.subscription : session.subscription?.id;
+
+      if (!workspaceId || !planType || !subId) {
+        console.warn(`[brief/webhook] checkout.session.completed missing metadata`, { workspaceId, planType, subId });
+        break;
+      }
+
+      const sub = await stripe.subscriptions.retrieve(subId);
+      const quantity = sub.items.data[0]?.quantity ?? 1;
+
+      await prisma.workspace.update({
+        where: { id: workspaceId },
+        data: {
+          planType,
+          isPro: true,
+          isCloud: true,
+          stripeSubId: subId,
+          seatCount: quantity,
+        },
+      });
+
+      // Fire-and-forget: copy local PGlite data to Neon for cloud-first mode.
+      // The migrate endpoint is idempotent — safe to retry.
+      const migrateUrl = `${process.env.NEXTAUTH_URL}/api/billing/migrate`;
+      fetch(migrateUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          Authorization: `Bearer ${process.env.CRON_SECRET ?? ""}`,
+        },
+        body: JSON.stringify({ workspaceId }),
+        signal: AbortSignal.timeout(10_000),
+      }).catch((err) => console.error("[brief/webhook] migration trigger failed:", err));
+
+      break;
+    }
+
+    case "customer.subscription.updated": {
+      const sub = event.data.object as Stripe.Subscription;
+      const workspaceId = sub.metadata?.workspaceId;
+      if (!workspaceId) {
+        console.warn(`[brief/webhook] subscription.updated missing workspaceId metadata`);
+        break;
+      }
+
+      const quantity = sub.items.data[0]?.quantity ?? 1;
+      const active = sub.status === "active" || sub.status === "trialing";
+
+      if (active) {
+        await prisma.workspace.update({
+          where: { id: workspaceId },
+          data: { seatCount: quantity },
+        });
+      } else {
+        // Subscription lapsed — downgrade workspace
+        await prisma.workspace.update({
+          where: { id: workspaceId },
+          data: {
+            planType: "FREE",
+            isPro: false,
+            isCloud: false,
+            stripeSubId: null,
+          },
+        });
+      }
+      break;
+    }
+
+    case "customer.subscription.deleted":
+    case "customer.subscription.paused": {
+      // Both deleted and paused mean the user loses access.
+      const sub = event.data.object as Stripe.Subscription;
+      const workspaceId = sub.metadata?.workspaceId;
+      if (!workspaceId) {
+        console.warn(`[brief/webhook] ${event.type} missing workspaceId metadata`);
+        break;
+      }
+
+      await prisma.workspace.update({
+        where: { id: workspaceId },
+        data: {
+          planType: "FREE",
+          isPro: false,
+          isCloud: false,
+          stripeSubId: null,
+          seatCount: 1,
+        },
+      });
+      break;
+    }
+
+    case "invoice.payment_failed": {
+      // Renewal failed — downgrade until payment is recovered.
+      // In API version 2026-04-22.dahlia, the subscription lives under parent.subscription_details.
+      const invoice = event.data.object as Stripe.Invoice;
+      const subRef = invoice.parent?.subscription_details?.subscription;
+      const subId = typeof subRef === "string" ? subRef : subRef?.id;
+      if (!subId) break;
+
+      const sub = await stripe.subscriptions.retrieve(subId);
+      const workspaceId = sub.metadata?.workspaceId;
+      if (!workspaceId) break;
+
+      await prisma.workspace.update({
+        where: { id: workspaceId },
+        data: {
+          planType: "FREE",
+          isPro: false,
+          isCloud: false,
+          stripeSubId: null,
+          seatCount: 1,
+        },
+      });
+      console.log(`[brief/webhook] workspace ${workspaceId} downgraded — invoice.payment_failed`);
+      break;
+    }
+
+    case "invoice.payment_succeeded": {
+      const invoice = event.data.object as Stripe.Invoice;
+      const subRef = invoice.parent?.subscription_details?.subscription;
+      const subId = typeof subRef === "string" ? subRef : subRef?.id;
+      if (!subId) break;
+
+      const sub = await stripe.subscriptions.retrieve(subId);
+      const workspaceId = sub.metadata?.workspaceId;
+      if (!workspaceId) break;
+
+      // Don't re-upgrade if already pro (first invoice fires this too)
+      const workspace = await prisma.workspace.findUnique({ where: { id: workspaceId } });
+      if (workspace?.isPro) break;
+
+      const quantity = sub.items.data[0]?.quantity ?? 1;
+      const planType = sub.metadata?.planType as "PERSONAL_PRO" | "TEAM_PRO" | undefined;
+      if (!planType) break;
+
+      await prisma.workspace.update({
+        where: { id: workspaceId },
+        data: {
+          planType,
+          isPro: true,
+          isCloud: true,
+          stripeSubId: subId,
+          seatCount: quantity,
+        },
+      });
+      console.log(`[brief/webhook] workspace ${workspaceId} re-activated — invoice.payment_succeeded`);
+      break;
+    }
+
+    default:
+      // Unknown event type — safe to ignore
+      break;
+  }
+
+  return NextResponse.json({ received: true });
+}