@m5kdev/backend 0.1.0

package/src/modules/base/base.service.ts

@@ -0,0 +1,154 @@
+import type { QueryFilter, QueryInput } from "@m5kdev/commons/modules/schemas/query.schema";
+import { err, ok } from "neverthrow";
+import type { Session, User } from "#modules/auth/auth.lib";
+import { Base } from "#modules/base/base.abstract";
+import type { ServerResult, ServerResultAsync } from "#modules/base/base.dto";
+import {
+  checkPermissionAsync,
+  checkPermissionSync,
+  type Entity,
+  type ResourceActionGrant,
+  type ResourceGrant,
+} from "#modules/base/base.grants";
+import type { BaseExternaRepository, BaseRepository } from "#modules/base/base.repository";
+import type { Context } from "#trpc";
+export class BaseService<
+  Repositories extends Record<string, BaseRepository<any, any, any> | BaseExternaRepository>,
+  Services extends Record<string, BaseService<any, any>>,
+> extends Base {
+  constructor(
+    public repository: Repositories = {} as Repositories,
+    public service: Services = {} as Services
+  ) {
+    super("service");
+    this.repository = repository;
+    this.service = service;
+  }
+
+  addUserFilter(
+    value: string,
+    query?: QueryInput,
+    columnId = "userId",
+    method: QueryFilter["method"] = "equals"
+  ): QueryInput {
+    const userFilter: QueryFilter = {
+      columnId,
+      type: "string",
+      method,
+      value,
+    };
+    return query
+      ? { ...query, filters: [...(query?.filters ?? []), userFilter] }
+      : { filters: [userFilter] };
+  }
+
+  addContextFilter(
+    ctx: Awaited<ReturnType<Context>>,
+    include: { user?: boolean; organization?: boolean; team?: boolean } = {
+      user: true,
+      organization: false,
+      team: false,
+    },
+    query?: QueryInput,
+    map: Record<string, { columnId: string; method: QueryFilter["method"] }> = {
+      userId: {
+        columnId: "userId",
+        method: "equals",
+      },
+      organizationId: {
+        columnId: "organizationId",
+        method: "equals",
+      },
+      teamId: {
+        columnId: "teamId",
+        method: "equals",
+      },
+    }
+  ): QueryInput {
+    const filters: QueryFilter[] = [];
+    if (include.user) {
+      filters.push({
+        columnId: map.userId.columnId,
+        type: "string",
+        method: map.userId.method,
+        value: ctx.user.id,
+      });
+    }
+    if (include.organization) {
+      filters.push({
+        columnId: map.organizationId.columnId,
+        type: "string",
+        method: map.organizationId.method,
+        value: ctx.session.activeOrganizationId ?? "",
+      });
+    }
+    if (include.team) {
+      filters.push({
+        columnId: map.teamId.columnId,
+        type: "string",
+        method: map.teamId.method,
+        value: ctx.session.activeTeamId ?? "",
+      });
+    }
+    return query ? { ...query, filters: [...(query?.filters ?? []), ...filters] } : { filters };
+  }
+}
+
+export class BasePermissionService<
+  Repositories extends Record<string, BaseRepository<any, any, any> | BaseExternaRepository>,
+  Services extends Record<string, BaseService<any, any>>,
+> extends BaseService<Repositories, Services> {
+  grants: ResourceGrant[];
+  constructor(repository: Repositories, service: Services, grants: ResourceGrant[] = []) {
+    super(repository, service);
+    this.grants = grants;
+  }
+
+  accessGuard<T extends Entity>(
+    ctx: { session: Session; user: User },
+    action: string,
+    entities?: T | T[],
+    grants?: ResourceActionGrant[]
+  ): ServerResult<true> {
+    const hasPermission = this.checkPermission(ctx, action, entities, grants);
+    if (!hasPermission) return this.error("FORBIDDEN");
+    return ok(true);
+  }
+
+  async accessGuardAsync<T extends Entity>(
+    ctx: { session: Session; user: User },
+    action: string,
+    getEntities: () => ServerResultAsync<T | T[] | undefined>,
+    grants?: ResourceActionGrant[]
+  ): ServerResultAsync<true> {
+    const hasPermission = await this.checkPermissionAsync(ctx, action, getEntities, grants);
+    if (hasPermission.isErr()) return err(hasPermission.error);
+    if (!hasPermission.value) return this.error("FORBIDDEN");
+    return ok(true);
+  }
+
+  checkPermission<T extends Entity>(
+    ctx: { session: Session; user: User },
+    action: string,
+    entities?: T | T[],
+    grants?: ResourceActionGrant[]
+  ): boolean {
+    const actionGrants = grants ?? this.grants.filter((grant) => grant.action === action);
+    return checkPermissionSync(ctx, actionGrants, entities);
+  }
+
+  async checkPermissionAsync<T extends Entity>(
+    ctx: { session: Session; user: User },
+    action: string,
+    getEntities: () => ServerResultAsync<T | T[] | undefined>,
+    grants?: ResourceActionGrant[]
+  ): ServerResultAsync<boolean> {
+    const actionGrants = grants ?? this.grants.filter((grant) => grant.action === action);
+    const permission = await checkPermissionAsync(ctx, actionGrants, getEntities);
+    if (permission.isErr())
+      return this.error("INTERNAL_SERVER_ERROR", "Failed to check permission", {
+        cause: permission.error,
+      });
+    return ok(permission.value);
+  }
+}

package/src/modules/base/base.types.ts

@@ -0,0 +1,7 @@
+export type ServerErrorLayer =
+  | "unknown"
+  | "repository"
+  | "service"
+  | "controller"
+  | "auth"
+  | "workflow";

package/src/modules/billing/billing.db.ts

@@ -0,0 +1,27 @@
+import { integer, sqliteTable, text } from "drizzle-orm/sqlite-core";
+import { v4 as uuidv4 } from "uuid";
+
+export const subscriptions = sqliteTable("subscriptions", {
+  id: text("id").primaryKey().$default(uuidv4),
+  createdAt: integer("created_at", { mode: "timestamp" })
+    .notNull()
+    .$default(() => new Date()),
+  updatedAt: integer("updated_at", { mode: "timestamp" }),
+  plan: text("plan").notNull(),
+  referenceId: text("reference_id").notNull(),
+  stripeCustomerId: text("stripe_customer_id"),
+  stripeSubscriptionId: text("stripe_subscription_id"),
+  status: text("status").notNull(),
+  periodStart: integer("period_start", { mode: "timestamp" }),
+  periodEnd: integer("period_end", { mode: "timestamp" }),
+  priceId: text("price_id"),
+  interval: text("interval"),
+  unitAmount: integer("unit_amount", { mode: "number" }),
+  discounts: text("discounts", { mode: "json" }).$type<string[]>(),
+  cancelAtPeriodEnd: integer("cancel_at_period_end", { mode: "boolean" }),
+  cancelAt: integer("cancel_at", { mode: "timestamp" }),
+  canceledAt: integer("canceled_at", { mode: "timestamp" }),
+  seats: integer("seats", { mode: "number" }),
+  trialStart: integer("trial_start", { mode: "timestamp" }),
+  trialEnd: integer("trial_end", { mode: "timestamp" }),
+});

package/src/modules/billing/billing.repository.ts

@@ -0,0 +1,328 @@
+import type { BillingSchema } from "@m5kdev/commons/modules/billing/billing.schema";
+import type { StripePlan } from "@m5kdev/commons/modules/billing/billing.types";
+import { and, desc, eq, type InferSelectModel, inArray } from "drizzle-orm";
+import type { LibSQLDatabase } from "drizzle-orm/libsql";
+import { err, ok } from "neverthrow";
+import type { Stripe } from "stripe";
+import * as auth from "#modules/auth/auth.db";
+import type { ServerResult, ServerResultAsync } from "#modules/base/base.dto";
+import { BaseTableRepository } from "#modules/base/base.repository";
+import * as billing from "#modules/billing/billing.db";
+import { posthogCapture } from "#utils/posthog";
+
+const schema = { ...auth, ...billing };
+type Schema = typeof schema;
+type Orm = LibSQLDatabase<Schema>;
+
+export class BillingRepository extends BaseTableRepository<
+  Orm,
+  Schema,
+  Record<string, never>,
+  Schema["subscriptions"]
+> {
+  public stripe: Stripe;
+  public plans: StripePlan[];
+  public trial?: StripePlan;
+
+  constructor(options: {
+    orm: Orm;
+    schema: Schema;
+    table: Schema["subscriptions"];
+    libs: { stripe: Stripe };
+    config: {
+      trial?: StripePlan;
+      plans: StripePlan[];
+    };
+  }) {
+    const { libs, config, ...rest } = options;
+    super(rest);
+    this.stripe = libs.stripe;
+    this.plans = config.plans;
+    this.trial = config.trial;
+  }
+  hasTrial(): boolean {
+    return !!this.trial;
+  }
+
+  getPlanByPriceId(priceId: string): StripePlan | undefined {
+    return this.plans.find(
+      (plan) => plan.priceId === priceId || plan.annualDiscountPriceId === priceId
+    );
+  }
+
+  getCustomerByEmail(email: string): ServerResultAsync<Stripe.Customer | null> {
+    return this.throwableAsync(async () => {
+      const customers = await this.stripe.customers.list({
+        email,
+        limit: 1,
+      });
+      return ok(customers.data[0] ?? null);
+    });
+  }
+
+  getUserByCustomerId(
+    customerId: string
+  ): ServerResultAsync<InferSelectModel<Schema["users"]> | null> {
+    return this.throwableAsync(async () => {
+      const [user] = await this.orm
+        .select()
+        .from(this.schema.users)
+        .where(eq(this.schema.users.stripeCustomerId, customerId))
+        .limit(1);
+      return ok(user ?? null);
+    });
+  }
+
+  createCustomer({
+    email,
+    name,
+    userId,
+  }: {
+    email: string;
+    name?: string;
+    userId: string;
+  }): ServerResultAsync<Stripe.Customer> {
+    return this.throwableAsync(async () => {
+      const customer = await this.stripe.customers.create({
+        email,
+        name,
+        metadata: {
+          userId,
+        },
+      });
+      return ok(customer);
+    });
+  }
+
+  async createTrialSubscription(customerId: string): ServerResultAsync<Stripe.Subscription> {
+    if (!this.trial) return this.error("NOT_FOUND", "Trial plan not found");
+    const stripeSubscription = await this.createSubscription({
+      customerId,
+      priceId: this.trial.priceId,
+      trialDays: this.trial.freeTrial?.days ?? 7,
+    });
+    if (stripeSubscription.isErr()) return err(stripeSubscription.error);
+    if (!stripeSubscription.value)
+      return this.error("INTERNAL_SERVER_ERROR", "Failed to create trial subscription");
+    return ok(stripeSubscription.value);
+  }
+
+  createSubscription({
+    customerId,
+    priceId,
+    quantity = 1,
+    trialDays,
+  }: {
+    customerId: string;
+    priceId: string;
+    quantity?: number;
+    trialDays?: number;
+  }): ServerResultAsync<Stripe.Subscription> {
+    return this.throwableAsync(async () => {
+      const stripeSubscription = await this.stripe.subscriptions.create({
+        customer: customerId,
+        items: [{ price: priceId, quantity }], // quantity = seats if you want
+        ...(trialDays
+          ? {
+              trial_period_days: trialDays,
+              trial_settings: {
+                end_behavior: {
+                  missing_payment_method: "cancel",
+                },
+              },
+            }
+          : {}),
+      });
+      return ok(stripeSubscription);
+    });
+  }
+
+  updateUserCustomerId({
+    userId,
+    customerId,
+  }: {
+    userId: string;
+    customerId: string;
+  }): ServerResultAsync<InferSelectModel<Schema["users"]>> {
+    return this.throwableAsync(async () => {
+      const [user] = await this.orm
+        .update(this.schema.users)
+        .set({ stripeCustomerId: customerId })
+        .where(eq(this.schema.users.id, userId))
+        .returning();
+      if (!user) return this.error("NOT_FOUND", "User not found");
+      return ok(user);
+    });
+  }
+
+  getLatestSubscription(referenceId: string): ServerResultAsync<BillingSchema | null> {
+    return this.throwableAsync(async () => {
+      const subscriptions = await this.orm
+        .select()
+        .from(this.schema.subscriptions)
+        .where(eq(this.schema.subscriptions.referenceId, referenceId))
+        .orderBy(desc(this.schema.subscriptions.createdAt))
+        .limit(1);
+
+      return ok(subscriptions[0] ?? null);
+    });
+  }
+
+  getActiveSubscription(referenceId: string): ServerResultAsync<BillingSchema | null> {
+    return this.throwableAsync(async () => {
+      const [subscription] = await this.orm
+        .select()
+        .from(this.schema.subscriptions)
+        .where(
+          and(
+            eq(this.schema.subscriptions.referenceId, referenceId),
+            inArray(this.schema.subscriptions.status, ["active", "trialing"])
+          )
+        )
+        .orderBy(desc(this.schema.subscriptions.createdAt))
+        .limit(1);
+
+      return ok(subscription ?? null);
+    });
+  }
+
+  listInvoices(customerId: string): ServerResultAsync<Stripe.Invoice[]> {
+    return this.throwableAsync(async () => {
+      const invoices = await this.stripe.invoices.list({
+        customer: customerId,
+      });
+      return ok(invoices.data);
+    });
+  }
+
+  createCheckoutSession({
+    customerId,
+    priceId,
+    userId,
+  }: {
+    customerId: string;
+    priceId: string;
+    userId: string;
+  }): ServerResultAsync<Stripe.Checkout.Session> {
+    return this.throwableAsync(async () => {
+      const session = await this.stripe.checkout.sessions.create({
+        client_reference_id: userId,
+        customer: customerId,
+        success_url: `${process.env.VITE_SERVER_URL}/stripe/success`,
+        cancel_url: `${process.env.VITE_APP_URL}/billing`,
+        mode: "subscription",
+        line_items: [
+          {
+            price: priceId,
+            quantity: 1,
+          },
+        ],
+      });
+      return ok(session);
+    });
+  }
+
+  createBillingPortalSession(customerId: string): ServerResultAsync<Stripe.BillingPortal.Session> {
+    return this.throwableAsync(async () => {
+      const session = await this.stripe.billingPortal.sessions.create({
+        customer: customerId,
+        return_url: `${process.env.VITE_SERVER_URL}/stripe/success`,
+      });
+      return ok(session);
+    });
+  }
+
+  async syncStripeData({
+    customerId,
+    userId,
+  }: {
+    customerId: string;
+    userId: string;
+  }): ServerResultAsync<boolean> {
+    return this.throwableAsync(async () => {
+      // Fetch latest subscription data from Stripe
+
+      const stripeSubscriptions = await this.stripe.subscriptions.list({
+        customer: customerId,
+        limit: 1,
+        status: "all",
+        expand: ["data.default_payment_method"],
+      });
+      const [stripeSubscription] = stripeSubscriptions.data;
+      if (!stripeSubscription) return this.error("NOT_FOUND", "Subscription not found");
+
+      const plan = this.getPlanByPriceId(stripeSubscription.items.data[0]?.price.id!);
+      if (!plan)
+        return this.error(
+          "NOT_FOUND",
+          `Plan not found for price ID: ${stripeSubscription.items.data[0]?.price.id}`
+        );
+
+      const values = {
+        stripeCustomerId: customerId,
+        referenceId: userId,
+        plan: plan.name,
+        status: stripeSubscription.status,
+        seats: stripeSubscription.items.data[0]?.quantity || 1,
+        periodEnd: new Date(stripeSubscription.items.data[0]?.current_period_end! * 1000),
+        periodStart: new Date(stripeSubscription.items.data[0]?.current_period_start! * 1000),
+        priceId: stripeSubscription.items.data[0]?.price.id!,
+        interval: stripeSubscription.items.data[0]?.price.recurring?.interval,
+        unitAmount: stripeSubscription.items.data[0]?.price.unit_amount,
+        discounts: stripeSubscription.discounts.map((discount) =>
+          typeof discount === "string" ? discount : discount.id
+        ),
+        stripeSubscriptionId: stripeSubscription.id,
+        cancelAtPeriodEnd: stripeSubscription.cancel_at_period_end,
+        cancelAt: stripeSubscription.cancel_at
+          ? new Date(stripeSubscription.cancel_at * 1000)
+          : null,
+        canceledAt: stripeSubscription.canceled_at
+          ? new Date(stripeSubscription.canceled_at * 1000)
+          : null,
+        ...(stripeSubscription.trial_start && stripeSubscription.trial_end
+          ? {
+              trialStart: new Date(stripeSubscription.trial_start * 1000),
+              trialEnd: new Date(stripeSubscription.trial_end * 1000),
+            }
+          : {}),
+      };
+
+      const existingSubscription = await this.getActiveSubscription(userId);
+      if (existingSubscription.isErr()) return err(existingSubscription.error);
+
+      if (!existingSubscription.value) {
+        await this.orm.insert(this.schema.subscriptions).values(values);
+        posthogCapture({
+          distinctId: userId,
+          event: "stripe.subscription_created",
+          properties: values,
+        });
+        return ok(true);
+      }
+
+      await this.orm
+        .update(this.schema.subscriptions)
+        .set({ ...values, updatedAt: new Date() })
+        .where(eq(this.schema.subscriptions.id, existingSubscription.value.id));
+      posthogCapture({
+        distinctId: userId,
+        event: "stripe.subscription_updated",
+        properties: values,
+      });
+
+      return ok(false);
+    });
+  }
+
+  constructEvent(
+    body: Buffer | string,
+    signature: string,
+    secret: string
+  ): ServerResult<Stripe.Event> {
+    return this.throwable(() => {
+      const event = this.stripe.webhooks.constructEvent(body, signature, secret);
+      return ok(event);
+    });
+  }
+}

package/src/modules/billing/billing.router.ts

@@ -0,0 +1,77 @@
+import bodyParser from "body-parser";
+import { Router } from "express";
+import type { AuthMiddleware, AuthRequest } from "#modules/auth/auth.middleware";
+import type { BillingService } from "#modules/billing/billing.service";
+
+export function createBillingRouter(
+  authMiddleware: AuthMiddleware,
+  service: BillingService
+): Router {
+  const billingRouter = Router();
+
+  billingRouter.get("/checkout/:priceId", authMiddleware, async (req: AuthRequest, res) => {
+    const user = req.user!;
+
+    const session = await service.createCheckoutSession({ priceId: req.params.priceId }, { user });
+    if (session.isErr()) {
+      return res.status(500).json({ message: session.error.message });
+    }
+
+    if (!session.value.url) {
+      return res.status(500).json({ message: "Failed to create checkout session" });
+    }
+
+    return res.redirect(session.value.url);
+  });
+
+  billingRouter.get("/portal", authMiddleware, async (req: AuthRequest, res) => {
+    const user = req.user!;
+
+    const session = await service.createBillingPortalSession({ user });
+
+    if (session.isErr()) {
+      return res.status(500).json({ message: session.error.message });
+    }
+
+    return res.redirect(session.value.url);
+  });
+
+  billingRouter.get("/success", authMiddleware, async (req: AuthRequest, res) => {
+    const user = req.user!;
+
+    if (!user.stripeCustomerId) {
+      return res.redirect(`${process.env.VITE_APP_URL}/billing`);
+    }
+
+    const result = await service.syncStripeData(user.stripeCustomerId);
+
+    if (result.isErr()) {
+      return res.redirect(`${process.env.VITE_APP_URL}/billing?error=SYNC_FAILED`);
+    }
+
+    return res.redirect(`${process.env.VITE_APP_URL}/billing`);
+  });
+
+  billingRouter.post("/webhook", bodyParser.raw({ type: "application/json" }), async (req, res) => {
+    const signature = req.headers["stripe-signature"];
+
+    if (!signature) return res.status(400).json({ message: "No signature" });
+
+    if (typeof signature !== "string")
+      return res.status(500).json({ message: "Signature is not a string" });
+
+    const event = service.constructEvent(req.body, signature);
+    if (event.isErr()) {
+      return res.status(500).json({ message: event.error.message });
+    }
+
+    const result = await service.processEvent(event.value);
+    if (result.isErr()) {
+      return res.status(500).json({ message: result.error.message });
+    }
+
+    return res.status(200).json({ received: true });
+  });
+
+  return billingRouter;
+}