npm - @pandait.tech/payment-nuvei - Versions diffs - 0.1.0 - Mend

@pandait.tech/payment-nuvei 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/README.md +211 -0
package/dist/handlers/index.cjs +1671 -0
package/dist/handlers/index.cjs.map +1 -0
package/dist/handlers/index.d.cts +413 -0
package/dist/handlers/index.d.ts +413 -0
package/dist/handlers/index.js +1656 -0
package/dist/handlers/index.js.map +1 -0
package/dist/index.cjs +170 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +115 -0
package/dist/index.d.ts +115 -0
package/dist/index.js +157 -0
package/dist/index.js.map +1 -0
package/dist/payment-links/index.cjs +58 -0
package/dist/payment-links/index.cjs.map +1 -0
package/dist/payment-links/index.d.cts +60 -0
package/dist/payment-links/index.d.ts +60 -0
package/dist/payment-links/index.js +49 -0
package/dist/payment-links/index.js.map +1 -0
package/dist/ui/index.cjs +1236 -0
package/dist/ui/index.cjs.map +1 -0
package/dist/ui/index.d.cts +148 -0
package/dist/ui/index.d.ts +148 -0
package/dist/ui/index.js +1222 -0
package/dist/ui/index.js.map +1 -0
package/package.json +90 -0

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,115 @@
+declare function generateAuthToken(): string;
+declare function nuveiRequest<T>(path: string, method: "GET" | "POST", body?: Record<string, unknown>): Promise<T>;
+declare function listCards(uid: string): Promise<{
+    cards: Array<{
+        bin: string;
+        status: string;
+        token: string;
+        holder_name: string;
+        expiry_year: string;
+        expiry_month: string;
+        transaction_reference: string;
+        type: string;
+        number: string;
+    }>;
+    result_size: number;
+}>;
+declare function deleteCard(token: string, uid: string): Promise<{
+    message: string;
+}>;
+declare function refundTransaction(transactionId: string): Promise<{
+    status: string;
+    detail: string;
+}>;
+declare function verifyCard(params: {
+    userId: string;
+    transactionReference: string;
+    value: string;
+}): Promise<{
+    transaction?: {
+        status: string;
+        status_detail: number;
+        id: string;
+        message: string | null;
+    };
+    error?: {
+        type: string;
+        help: string;
+        description: string;
+    };
+}>;
+interface ThreeDSResponse {
+    authentication: {
+        status: string;
+        return_code: string;
+        return_message?: string;
+        cavv?: string;
+        eci?: string;
+        xid?: string;
+        reference_id?: string;
+    };
+    browser_response: {
+        hidden_iframe?: string;
+        challenge_request?: string;
+    };
+    sdk_response?: {
+        acs_trans_id?: string;
+        acs_reference_number?: string;
+    };
+}
+interface DebitResponse {
+    transaction?: {
+        status: string;
+        current_status: string;
+        id: string;
+        message: string | null;
+        status_detail: number;
+        authorization_code: string | null;
+    };
+    card?: {
+        bin: string;
+        type: string;
+        number: string;
+    };
+    "3ds"?: ThreeDSResponse;
+    error?: {
+        type: string;
+        help: string;
+        description: string;
+    };
+}
+declare function debitWithToken(params: {
+    userId: string;
+    userEmail: string;
+    amount: number;
+    description: string;
+    devReference: string;
+    cardToken: string;
+    cvc?: string;
+    vat?: number;
+    taxableAmount?: number;
+    installments?: number;
+    installmentsType?: number;
+    browserInfo?: {
+        accept_header: string;
+        user_agent: string;
+        language: string;
+        timezone_offset: number;
+        screen_width: number;
+        screen_height: number;
+        color_depth: number;
+        js_enabled: boolean;
+        java_enabled: boolean;
+        ip_address?: string;
+    };
+    termUrl?: string;
+}): Promise<DebitResponse>;
+interface VerifyThreeDSParams {
+    transactionId: string;
+    userId: string;
+    type: "AUTHENTICATION_CONTINUE" | "BY_CRES" | "BY_OTP";
+    value?: string;
+}
+declare function verifyThreeDS(params: VerifyThreeDSParams): Promise<DebitResponse>;
+export { type DebitResponse, type ThreeDSResponse, type VerifyThreeDSParams, debitWithToken, deleteCard, generateAuthToken, listCards, nuveiRequest, refundTransaction, verifyCard, verifyThreeDS };

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,115 @@
+declare function generateAuthToken(): string;
+declare function nuveiRequest<T>(path: string, method: "GET" | "POST", body?: Record<string, unknown>): Promise<T>;
+declare function listCards(uid: string): Promise<{
+    cards: Array<{
+        bin: string;
+        status: string;
+        token: string;
+        holder_name: string;
+        expiry_year: string;
+        expiry_month: string;
+        transaction_reference: string;
+        type: string;
+        number: string;
+    }>;
+    result_size: number;
+}>;
+declare function deleteCard(token: string, uid: string): Promise<{
+    message: string;
+}>;
+declare function refundTransaction(transactionId: string): Promise<{
+    status: string;
+    detail: string;
+}>;
+declare function verifyCard(params: {
+    userId: string;
+    transactionReference: string;
+    value: string;
+}): Promise<{
+    transaction?: {
+        status: string;
+        status_detail: number;
+        id: string;
+        message: string | null;
+    };
+    error?: {
+        type: string;
+        help: string;
+        description: string;
+    };
+}>;
+interface ThreeDSResponse {
+    authentication: {
+        status: string;
+        return_code: string;
+        return_message?: string;
+        cavv?: string;
+        eci?: string;
+        xid?: string;
+        reference_id?: string;
+    };
+    browser_response: {
+        hidden_iframe?: string;
+        challenge_request?: string;
+    };
+    sdk_response?: {
+        acs_trans_id?: string;
+        acs_reference_number?: string;
+    };
+}
+interface DebitResponse {
+    transaction?: {
+        status: string;
+        current_status: string;
+        id: string;
+        message: string | null;
+        status_detail: number;
+        authorization_code: string | null;
+    };
+    card?: {
+        bin: string;
+        type: string;
+        number: string;
+    };
+    "3ds"?: ThreeDSResponse;
+    error?: {
+        type: string;
+        help: string;
+        description: string;
+    };
+}
+declare function debitWithToken(params: {
+    userId: string;
+    userEmail: string;
+    amount: number;
+    description: string;
+    devReference: string;
+    cardToken: string;
+    cvc?: string;
+    vat?: number;
+    taxableAmount?: number;
+    installments?: number;
+    installmentsType?: number;
+    browserInfo?: {
+        accept_header: string;
+        user_agent: string;
+        language: string;
+        timezone_offset: number;
+        screen_width: number;
+        screen_height: number;
+        color_depth: number;
+        js_enabled: boolean;
+        java_enabled: boolean;
+        ip_address?: string;
+    };
+    termUrl?: string;
+}): Promise<DebitResponse>;
+interface VerifyThreeDSParams {
+    transactionId: string;
+    userId: string;
+    type: "AUTHENTICATION_CONTINUE" | "BY_CRES" | "BY_OTP";
+    value?: string;
+}
+declare function verifyThreeDS(params: VerifyThreeDSParams): Promise<DebitResponse>;
+export { type DebitResponse, type ThreeDSResponse, type VerifyThreeDSParams, debitWithToken, deleteCard, generateAuthToken, listCards, nuveiRequest, refundTransaction, verifyCard, verifyThreeDS };

package/dist/index.js ADDED Viewed

@@ -0,0 +1,157 @@
+import crypto from 'crypto';
+// src/sdk.ts
+var NUVEI_DOMAIN = "paymentez.com";
+function getBaseUrl() {
+  const env = process.env.NUVEI_ENV === "prod" ? "prod" : "stg";
+  return env === "prod" ? `https://ccapi.${NUVEI_DOMAIN}` : `https://ccapi-stg.${NUVEI_DOMAIN}`;
+}
+function getServerCredentials() {
+  const appCode = process.env.NUVEI_SERVER_APP_CODE;
+  const appKey = process.env.NUVEI_SERVER_APP_KEY;
+  if (!appCode || !appKey) {
+    throw new Error("Nuvei server credentials not configured");
+  }
+  return { appCode, appKey };
+}
+function generateAuthToken() {
+  const { appCode, appKey } = getServerCredentials();
+  const timestamp = Math.floor(Date.now() / 1e3);
+  const uniqToken = crypto.createHash("sha256").update(`${appKey}${timestamp}`).digest("hex");
+  return Buffer.from(`${appCode};${timestamp};${uniqToken}`).toString(
+    "base64"
+  );
+}
+function getProxyUrl() {
+  return process.env.NUVEI_PROXY_URL || null;
+}
+async function nuveiRequest(path, method, body) {
+  const authToken = generateAuthToken();
+  const proxyUrl = getProxyUrl();
+  if (proxyUrl) {
+    console.log(`[nuvei] ${method} ${path} via proxy`);
+    const proxyResponse = await fetch(proxyUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "x-nuvei-auth-token": authToken,
+        "x-nuvei-env": process.env.NUVEI_ENV || "stg"
+      },
+      body: JSON.stringify({ path, method, body })
+    });
+    if (!proxyResponse.ok) {
+      const errorBody = await proxyResponse.text();
+      console.error(`[nuvei] ${method} ${path} proxy failed with status ${proxyResponse.status}. Body: ${errorBody}`);
+      try {
+        return JSON.parse(errorBody);
+      } catch {
+        throw new Error(`Nuvei proxy ${method} ${path} failed: ${proxyResponse.status}`);
+      }
+    }
+    return proxyResponse.json();
+  }
+  const url = `${getBaseUrl()}${path}`;
+  const options = {
+    method,
+    headers: {
+      "Content-Type": "application/json",
+      "Auth-Token": authToken
+    }
+  };
+  if (body && method === "POST") {
+    options.body = JSON.stringify(body);
+  }
+  const response = await fetch(url, options);
+  const responseText = await response.text();
+  console.log(`[nuvei] ${method} ${path} \u2192 ${response.status} | body: ${responseText.slice(0, 300)}`);
+  if (!response.ok) {
+    console.error(`[nuvei] ${method} ${path} failed with status ${response.status}`);
+    try {
+      return JSON.parse(responseText);
+    } catch {
+      throw new Error(`Nuvei ${method} ${path} failed: ${response.status}`);
+    }
+  }
+  try {
+    return JSON.parse(responseText);
+  } catch {
+    throw new Error(`Nuvei ${method} ${path}: invalid JSON response`);
+  }
+}
+async function listCards(uid) {
+  return nuveiRequest(`/v2/card/list?uid=${encodeURIComponent(uid)}`, "GET");
+}
+async function deleteCard(token, uid) {
+  return nuveiRequest("/v2/card/delete/", "POST", {
+    card: { token },
+    user: { id: uid }
+  });
+}
+async function refundTransaction(transactionId) {
+  return nuveiRequest("/v2/transaction/refund/", "POST", {
+    transaction: { id: transactionId }
+  });
+}
+async function verifyCard(params) {
+  return nuveiRequest("/v2/transaction/verify/", "POST", {
+    user: {
+      id: params.userId
+    },
+    transaction: {
+      id: params.transactionReference
+    },
+    type: "BY_AMOUNT",
+    value: params.value
+  });
+}
+async function debitWithToken(params) {
+  const order = {
+    amount: params.amount,
+    description: params.description,
+    dev_reference: params.devReference,
+    vat: params.vat ?? 0,
+    taxable_amount: params.taxableAmount ?? params.amount - (params.vat ?? 0),
+    tax_percentage: 15
+  };
+  if (params.installments && params.installments > 0) {
+    order.installments = params.installments;
+    order.installments_type = params.installmentsType ?? 0;
+  }
+  const body = {
+    user: {
+      id: params.userId,
+      email: params.userEmail
+    },
+    order,
+    card: {
+      token: params.cardToken,
+      ...params.cvc ? { cvc: params.cvc } : {}
+    }
+  };
+  if (params.browserInfo && params.termUrl) {
+    body.extra_params = {
+      threeDS2_data: {
+        term_url: params.termUrl,
+        device_type: "browser"
+      },
+      browser_info: params.browserInfo
+    };
+  }
+  return nuveiRequest("/v2/transaction/debit/", "POST", body);
+}
+async function verifyThreeDS(params) {
+  const body = {
+    user: {
+      id: params.userId
+    },
+    transaction: { id: params.transactionId },
+    type: params.type,
+    value: params.value ?? "",
+    more_info: true
+  };
+  return nuveiRequest("/v2/transaction/verify/", "POST", body);
+}
+export { debitWithToken, deleteCard, generateAuthToken, listCards, nuveiRequest, refundTransaction, verifyCard, verifyThreeDS };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/sdk.ts"],"names":[],"mappings":";;;AAKA,IAAM,YAAA,GAAe,eAAA;AAErB,SAAS,UAAA,GAAqB;AAC5B,EAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,SAAA,KAAc,SAAS,MAAA,GAAS,KAAA;AACxD,EAAA,OAAO,QAAQ,MAAA,GACX,CAAA,cAAA,EAAiB,YAAY,CAAA,CAAA,GAC7B,qBAAqB,YAAY,CAAA,CAAA;AACvC;AAGA,SAAS,oBAAA,GAAuB;AAC9B,EAAA,MAAM,OAAA,GAAU,QAAQ,GAAA,CAAI,qBAAA;AAC5B,EAAA,MAAM,MAAA,GAAS,QAAQ,GAAA,CAAI,oBAAA;AAC3B,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,MAAA,EAAQ;AACvB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AACA,EAAA,OAAO,EAAE,SAAS,MAAA,EAAO;AAC3B;AAEO,SAAS,iBAAA,GAA4B;AAC1C,EAAA,MAAM,EAAE,OAAA,EAAS,MAAA,EAAO,GAAI,oBAAA,EAAqB;AACjD,EAAA,MAAM,YAAY,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAC9C,EAAA,MAAM,SAAA,GAAY,MAAA,CACf,UAAA,CAAW,QAAQ,CAAA,CACnB,MAAA,CAAO,CAAA,EAAG,MAAM,CAAA,EAAG,SAAS,CAAA,CAAE,CAAA,CAC9B,OAAO,KAAK,CAAA;AACf,EAAA,OAAO,MAAA,CAAO,KAAK,CAAA,EAAG,OAAO,IAAI,SAAS,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA,CAAE,QAAA;AAAA,IACzD;AAAA,GACF;AACF;AAEA,SAAS,WAAA,GAA6B;AACpC,EAAA,OAAO,OAAA,CAAQ,IAAI,eAAA,IAAmB,IAAA;AACxC;AAEA,eAAsB,YAAA,CACpB,IAAA,EACA,MAAA,EACA,IAAA,EACY;AACZ,EAAA,MAAM,YAAY,iBAAA,EAAkB;AACpC,EAAA,MAAM,WAAW,WAAA,EAAY;AAG7B,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,QAAA,EAAW,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,UAAA,CAAY,CAAA;AACjD,IAAA,MAAM,aAAA,GAAgB,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,MAC1C,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB,kBAAA;AAAA,QAChB,oBAAA,EAAsB,SAAA;AAAA,QACtB,aAAA,EAAe,OAAA,CAAQ,GAAA,CAAI,SAAA,IAAa;AAAA,OAC1C;AAAA,MACA,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,IAAA,EAAM,MAAA,EAAQ,MAAM;AAAA,KAC5C,CAAA;AACD,IAAA,IAAI,CAAC,cAAc,EAAA,EAAI;AACrB,MAAA,MAAM,SAAA,GAAY,MAAM,aAAA,CAAc,IAAA,EAAK;AAC3C,MAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,QAAA,EAAW,MAAM,CAAA,CAAA,EAAI,IAAI,6BAA6B,aAAA,CAAc,MAAM,CAAA,QAAA,EAAW,SAAS,CAAA,CAAE,CAAA;AAC9G,MAAA,IAAI;AACF,QAAA,OAAO,IAAA,CAAK,MAAM,SAAS,CAAA;AAAA,MAC7B,CAAA,CAAA,MAAQ;AACN,QAAA,MAAM,IAAI,MAAM,CAAA,YAAA,EAAe,MAAM,IAAI,IAAI,CAAA,SAAA,EAAY,aAAA,CAAc,MAAM,CAAA,CAAE,CAAA;AAAA,MACjF;AAAA,IACF;AACA,IAAA,OAAO,cAAc,IAAA,EAAK;AAAA,EAC5B;AAGA,EAAA,MAAM,GAAA,GAAM,CAAA,EAAG,UAAA,EAAY,GAAG,IAAI,CAAA,CAAA;AAElC,EAAA,MAAM,OAAA,GAAuB;AAAA,IAC3B,MAAA;AAAA,IACA,OAAA,EAAS;AAAA,MACP,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAEA,EAAA,IAAI,IAAA,IAAQ,WAAW,MAAA,EAAQ;AAC7B,IAAA,OAAA,CAAQ,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAAA,EACpC;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,GAAA,EAAK,OAAO,CAAA;AACzC,EAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,IAAA,EAAK;AACzC,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,QAAA,EAAW,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,QAAA,EAAM,QAAA,CAAS,MAAM,CAAA,SAAA,EAAY,YAAA,CAAa,KAAA,CAAM,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,CAAA;AAElG,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,OAAA,CAAQ,KAAA,CAAM,WAAW,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,oBAAA,EAAuB,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC/E,IAAA,IAAI;AACF,MAAA,OAAO,IAAA,CAAK,MAAM,YAAY,CAAA;AAAA,IAChC,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,MAAM,CAAA,MAAA,EAAS,MAAM,IAAI,IAAI,CAAA,SAAA,EAAY,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAAA,IACtE;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,OAAO,IAAA,CAAK,MAAM,YAAY,CAAA;AAAA,EAChC,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,uBAAA,CAAyB,CAAA;AAAA,EAClE;AACF;AAEA,eAAsB,UAAU,GAAA,EAAa;AAC3C,EAAA,OAAO,aAaJ,CAAA,kBAAA,EAAqB,kBAAA,CAAmB,GAAG,CAAC,IAAI,KAAK,CAAA;AAC1D;AAEA,eAAsB,UAAA,CAAW,OAAe,GAAA,EAAa;AAC3D,EAAA,OAAO,YAAA,CAAkC,oBAAoB,MAAA,EAAQ;AAAA,IACnE,IAAA,EAAM,EAAE,KAAA,EAAM;AAAA,IACd,IAAA,EAAM,EAAE,EAAA,EAAI,GAAA;AAAI,GACjB,CAAA;AACH;AAEA,eAAsB,kBAAkB,aAAA,EAAuB;AAC7D,EAAA,OAAO,YAAA,CAGJ,2BAA2B,MAAA,EAAQ;AAAA,IACpC,WAAA,EAAa,EAAE,EAAA,EAAI,aAAA;AAAc,GAClC,CAAA;AACH;AAEA,eAAsB,WAAW,MAAA,EAI9B;AACD,EAAA,OAAO,YAAA,CAYJ,2BAA2B,MAAA,EAAQ;AAAA,IACpC,IAAA,EAAM;AAAA,MACJ,IAAI,MAAA,CAAO;AAAA,KACb;AAAA,IACA,WAAA,EAAa;AAAA,MACX,IAAI,MAAA,CAAO;AAAA,KACb;AAAA,IACA,IAAA,EAAM,WAAA;AAAA,IACN,OAAO,MAAA,CAAO;AAAA,GACf,CAAA;AACH;AA4CA,eAAsB,eAAe,MAAA,EAyBlC;AACD,EAAA,MAAM,KAAA,GAAiC;AAAA,IACrC,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,eAAe,MAAA,CAAO,YAAA;AAAA,IACtB,GAAA,EAAK,OAAO,GAAA,IAAO,CAAA;AAAA,IACnB,gBAAgB,MAAA,CAAO,aAAA,IAAkB,MAAA,CAAO,MAAA,IAAU,OAAO,GAAA,IAAO,CAAA,CAAA;AAAA,IACxE,cAAA,EAAgB;AAAA,GAClB;AAEA,EAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,MAAA,CAAO,YAAA,GAAe,CAAA,EAAG;AAClD,IAAA,KAAA,CAAM,eAAe,MAAA,CAAO,YAAA;AAC5B,IAAA,KAAA,CAAM,iBAAA,GAAoB,OAAO,gBAAA,IAAoB,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,IAAA,GAAgC;AAAA,IACpC,IAAA,EAAM;AAAA,MACJ,IAAI,MAAA,CAAO,MAAA;AAAA,MACX,OAAO,MAAA,CAAO;AAAA,KAChB;AAAA,IACA,KAAA;AAAA,IACA,IAAA,EAAM;AAAA,MACJ,OAAO,MAAA,CAAO,SAAA;AAAA,MACd,GAAI,OAAO,GAAA,GAAM,EAAE,KAAK,MAAA,CAAO,GAAA,KAAQ;AAAC;AAC1C,GACF;AAEA,EAAA,IAAI,MAAA,CAAO,WAAA,IAAe,MAAA,CAAO,OAAA,EAAS;AACxC,IAAA,IAAA,CAAK,YAAA,GAAe;AAAA,MAClB,aAAA,EAAe;AAAA,QACb,UAAU,MAAA,CAAO,OAAA;AAAA,QACjB,WAAA,EAAa;AAAA,OACf;AAAA,MACA,cAAc,MAAA,CAAO;AAAA,KACvB;AAAA,EACF;AAEA,EAAA,OAAO,YAAA,CAA4B,wBAAA,EAA0B,MAAA,EAAQ,IAAI,CAAA;AAC3E;AAWA,eAAsB,cAAc,MAAA,EAAqD;AACvF,EAAA,MAAM,IAAA,GAAgC;AAAA,IACpC,IAAA,EAAM;AAAA,MACJ,IAAI,MAAA,CAAO;AAAA,KACb;AAAA,IACA,WAAA,EAAa,EAAE,EAAA,EAAI,MAAA,CAAO,aAAA,EAAc;AAAA,IACxC,MAAM,MAAA,CAAO,IAAA;AAAA,IACb,KAAA,EAAO,OAAO,KAAA,IAAS,EAAA;AAAA,IACvB,SAAA,EAAW;AAAA,GACb;AACA,EAAA,OAAO,YAAA,CAA4B,yBAAA,EAA2B,MAAA,EAAQ,IAAI,CAAA;AAC5E","file":"index.js","sourcesContent":["// Source: pauhenriques-website/src/lib/nuvei.ts\n// Phase 1 step 1.2: verbatim copy. Refactor to factory pattern (createNuveiClient) happens in step 1.3.\n\nimport crypto from \"crypto\";\n\nconst NUVEI_DOMAIN = \"paymentez.com\";\n\nfunction getBaseUrl(): string {\n const env = process.env.NUVEI_ENV === \"prod\" ? \"prod\" : \"stg\";\n return env === \"prod\"\n ? `https://ccapi.${NUVEI_DOMAIN}`\n : `https://ccapi-stg.${NUVEI_DOMAIN}`;\n}\n\n\nfunction getServerCredentials() {\n const appCode = process.env.NUVEI_SERVER_APP_CODE;\n const appKey = process.env.NUVEI_SERVER_APP_KEY;\n if (!appCode || !appKey) {\n throw new Error(\"Nuvei server credentials not configured\");\n }\n return { appCode, appKey };\n}\n\nexport function generateAuthToken(): string {\n const { appCode, appKey } = getServerCredentials();\n const timestamp = Math.floor(Date.now() / 1000);\n const uniqToken = crypto\n .createHash(\"sha256\")\n .update(`${appKey}${timestamp}`)\n .digest(\"hex\");\n return Buffer.from(`${appCode};${timestamp};${uniqToken}`).toString(\n \"base64\",\n );\n}\n\nfunction getProxyUrl(): string | null {\n return process.env.NUVEI_PROXY_URL || null;\n}\n\nexport async function nuveiRequest<T>(\n path: string,\n method: \"GET\" | \"POST\",\n body?: Record<string, unknown>,\n): Promise<T> {\n const authToken = generateAuthToken();\n const proxyUrl = getProxyUrl();\n\n // Use Cloud Function proxy if configured (workaround for Cloud Run / Nuvei incompatibility)\n if (proxyUrl) {\n console.log(`[nuvei] ${method} ${path} via proxy`);\n const proxyResponse = await fetch(proxyUrl, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n \"x-nuvei-auth-token\": authToken,\n \"x-nuvei-env\": process.env.NUVEI_ENV || \"stg\",\n },\n body: JSON.stringify({ path, method, body }),\n });\n if (!proxyResponse.ok) {\n const errorBody = await proxyResponse.text();\n console.error(`[nuvei] ${method} ${path} proxy failed with status ${proxyResponse.status}. Body: ${errorBody}`);\n try {\n return JSON.parse(errorBody) as T;\n } catch {\n throw new Error(`Nuvei proxy ${method} ${path} failed: ${proxyResponse.status}`);\n }\n }\n return proxyResponse.json() as Promise<T>;\n }\n\n // Direct call\n const url = `${getBaseUrl()}${path}`;\n\n const options: RequestInit = {\n method,\n headers: {\n \"Content-Type\": \"application/json\",\n \"Auth-Token\": authToken,\n },\n };\n\n if (body && method === \"POST\") {\n options.body = JSON.stringify(body);\n }\n\n const response = await fetch(url, options);\n const responseText = await response.text();\n console.log(`[nuvei] ${method} ${path} → ${response.status} | body: ${responseText.slice(0, 300)}`);\n\n if (!response.ok) {\n console.error(`[nuvei] ${method} ${path} failed with status ${response.status}`);\n try {\n return JSON.parse(responseText) as T;\n } catch {\n throw new Error(`Nuvei ${method} ${path} failed: ${response.status}`);\n }\n }\n\n try {\n return JSON.parse(responseText) as T;\n } catch {\n throw new Error(`Nuvei ${method} ${path}: invalid JSON response`);\n }\n}\n\nexport async function listCards(uid: string) {\n return nuveiRequest<{\n cards: Array<{\n bin: string;\n status: string;\n token: string;\n holder_name: string;\n expiry_year: string;\n expiry_month: string;\n transaction_reference: string;\n type: string;\n number: string;\n }>;\n result_size: number;\n }>(`/v2/card/list?uid=${encodeURIComponent(uid)}`, \"GET\");\n}\n\nexport async function deleteCard(token: string, uid: string) {\n return nuveiRequest<{ message: string }>(\"/v2/card/delete/\", \"POST\", {\n card: { token },\n user: { id: uid },\n });\n}\n\nexport async function refundTransaction(transactionId: string) {\n return nuveiRequest<{\n status: string;\n detail: string;\n }>(\"/v2/transaction/refund/\", \"POST\", {\n transaction: { id: transactionId },\n });\n}\n\nexport async function verifyCard(params: {\n userId: string;\n transactionReference: string;\n value: string;\n}) {\n return nuveiRequest<{\n transaction?: {\n status: string;\n status_detail: number;\n id: string;\n message: string | null;\n };\n error?: {\n type: string;\n help: string;\n description: string;\n };\n }>(\"/v2/transaction/verify/\", \"POST\", {\n user: {\n id: params.userId,\n },\n transaction: {\n id: params.transactionReference,\n },\n type: \"BY_AMOUNT\",\n value: params.value,\n });\n}\n\nexport interface ThreeDSResponse {\n authentication: {\n status: string;\n return_code: string;\n return_message?: string;\n cavv?: string;\n eci?: string;\n xid?: string;\n reference_id?: string;\n };\n browser_response: {\n hidden_iframe?: string;\n challenge_request?: string;\n };\n sdk_response?: {\n acs_trans_id?: string;\n acs_reference_number?: string;\n };\n}\n\nexport interface DebitResponse {\n transaction?: {\n status: string;\n current_status: string;\n id: string;\n message: string | null;\n status_detail: number;\n authorization_code: string | null;\n };\n card?: {\n bin: string;\n type: string;\n number: string;\n };\n \"3ds\"?: ThreeDSResponse;\n error?: {\n type: string;\n help: string;\n description: string;\n };\n}\n\nexport async function debitWithToken(params: {\n userId: string;\n userEmail: string;\n amount: number;\n description: string;\n devReference: string;\n cardToken: string;\n cvc?: string;\n vat?: number;\n taxableAmount?: number;\n installments?: number;\n installmentsType?: number;\n browserInfo?: {\n accept_header: string;\n user_agent: string;\n language: string;\n timezone_offset: number;\n screen_width: number;\n screen_height: number;\n color_depth: number;\n js_enabled: boolean;\n java_enabled: boolean;\n ip_address?: string;\n };\n termUrl?: string;\n}) {\n const order: Record<string, unknown> = {\n amount: params.amount,\n description: params.description,\n dev_reference: params.devReference,\n vat: params.vat ?? 0,\n taxable_amount: params.taxableAmount ?? (params.amount - (params.vat ?? 0)),\n tax_percentage: 15,\n };\n\n if (params.installments && params.installments > 0) {\n order.installments = params.installments;\n order.installments_type = params.installmentsType ?? 0;\n }\n\n const body: Record<string, unknown> = {\n user: {\n id: params.userId,\n email: params.userEmail,\n },\n order,\n card: {\n token: params.cardToken,\n ...(params.cvc ? { cvc: params.cvc } : {}),\n },\n };\n\n if (params.browserInfo && params.termUrl) {\n body.extra_params = {\n threeDS2_data: {\n term_url: params.termUrl,\n device_type: \"browser\",\n },\n browser_info: params.browserInfo,\n };\n }\n\n return nuveiRequest<DebitResponse>(\"/v2/transaction/debit/\", \"POST\", body);\n}\n\n// --- 3DS Verify API ---\n\nexport interface VerifyThreeDSParams {\n transactionId: string;\n userId: string;\n type: \"AUTHENTICATION_CONTINUE\" | \"BY_CRES\" | \"BY_OTP\";\n value?: string;\n}\n\nexport async function verifyThreeDS(params: VerifyThreeDSParams): Promise<DebitResponse> {\n const body: Record<string, unknown> = {\n user: {\n id: params.userId,\n },\n transaction: { id: params.transactionId },\n type: params.type,\n value: params.value ?? \"\",\n more_info: true,\n };\n return nuveiRequest<DebitResponse>(\"/v2/transaction/verify/\", \"POST\", body);\n}\n"]}

package/dist/payment-links/index.cjs ADDED Viewed

@@ -0,0 +1,58 @@
+'use strict';
+var crypto = require('crypto');
+// src/payment-links/paymentLink.ts
+var PAYMENT_LINK_PRICE_MIN = 1;
+var PAYMENT_LINK_PRICE_MAX = 2e3;
+var PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;
+var PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;
+function generatePaymentLinkToken() {
+  return crypto.randomBytes(12).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function defaultExpiry() {
+  const d = /* @__PURE__ */ new Date();
+  d.setDate(d.getDate() + PAYMENT_LINK_DEFAULT_EXPIRY_DAYS);
+  return d;
+}
+function isExpired(expiresAt) {
+  const iso = typeof expiresAt === "string" ? expiresAt : expiresAt.toISOString();
+  return new Date(iso).getTime() < Date.now();
+}
+// src/payment-links/anonymousAuth.ts
+function createAnonymousAuthHelper(deps) {
+  const sessionEndpoint = deps.sessionEndpoint ?? "/api/auth/session";
+  return async function ensureAnonymousSession(existingUser) {
+    let user = existingUser ?? deps.auth.currentUser;
+    if (!user) {
+      const { signInAnonymously } = await import('firebase/auth');
+      const cred = await signInAnonymously(deps.auth);
+      user = cred.user;
+    }
+    const idToken = await user.getIdToken(
+      /* forceRefresh */
+      true
+    );
+    const res = await fetch(sessionEndpoint, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ idToken })
+    });
+    if (!res.ok) {
+      throw new Error(`No se pudo establecer la sesi\xF3n (${res.status})`);
+    }
+    return user;
+  };
+}
+exports.PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = PAYMENT_LINK_DEFAULT_EXPIRY_DAYS;
+exports.PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD;
+exports.PAYMENT_LINK_PRICE_MAX = PAYMENT_LINK_PRICE_MAX;
+exports.PAYMENT_LINK_PRICE_MIN = PAYMENT_LINK_PRICE_MIN;
+exports.createAnonymousAuthHelper = createAnonymousAuthHelper;
+exports.defaultExpiry = defaultExpiry;
+exports.generatePaymentLinkToken = generatePaymentLinkToken;
+exports.isExpired = isExpired;
+//# sourceMappingURL=index.cjs.map
+//# sourceMappingURL=index.cjs.map

package/dist/payment-links/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/payment-links/paymentLink.ts","../../src/payment-links/anonymousAuth.ts"],"names":["randomBytes"],"mappings":";;;;;AAkCO,IAAM,sBAAA,GAAyB;AAC/B,IAAM,sBAAA,GAAyB;AAC/B,IAAM,oCAAA,GAAuC;AAC7C,IAAM,gCAAA,GAAmC;AAEzC,SAAS,wBAAA,GAAmC;AAGjD,EAAA,OAAOA,mBAAY,EAAE,CAAA,CAClB,QAAA,CAAS,QAAQ,EACjB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,QAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,QAAQ,EAAE,CAAA;AACvB;AAEO,SAAS,aAAA,GAAsB;AACpC,EAAA,MAAM,CAAA,uBAAQ,IAAA,EAAK;AACnB,EAAA,CAAA,CAAE,OAAA,CAAQ,CAAA,CAAE,OAAA,EAAQ,GAAI,gCAAgC,CAAA;AACxD,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,UAAU,SAAA,EAAmC;AAC3D,EAAA,MAAM,MAAM,OAAO,SAAA,KAAc,QAAA,GAAW,SAAA,GAAY,UAAU,WAAA,EAAY;AAC9E,EAAA,OAAO,IAAI,IAAA,CAAK,GAAG,EAAE,OAAA,EAAQ,GAAI,KAAK,GAAA,EAAI;AAC5C;;;ACrBO,SAAS,0BAA0B,IAAA,EAA+B;AACvE,EAAA,MAAM,eAAA,GAAkB,KAAK,eAAA,IAAmB,mBAAA;AAEhD,EAAA,OAAO,eAAe,uBACpB,YAAA,EACe;AACf,IAAA,IAAI,IAAA,GAAO,YAAA,IAAgB,IAAA,CAAK,IAAA,CAAK,WAAA;AAErC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,eAAe,CAAA;AAC1D,MAAA,MAAM,IAAA,GAAO,MAAM,iBAAA,CAAkB,IAAA,CAAK,IAAI,CAAA;AAC9C,MAAA,IAAA,GAAO,IAAA,CAAK,IAAA;AAAA,IACd;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,UAAA;AAAA;AAAA,MAA8B;AAAA,KAAI;AAC7D,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,eAAA,EAAiB;AAAA,MACvC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,SAAS;AAAA,KACjC,CAAA;AAED,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oCAAA,EAAoC,GAAA,CAAI,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,IACnE;AAEA,IAAA,OAAO,IAAA;AAAA,EACT,CAAA;AACF","file":"index.cjs","sourcesContent":["import { randomBytes } from \"crypto\";\n\nexport interface PaymentLinkInput {\n price: number;\n label?: string;\n publicLabel?: string;\n expiresAt: Date;\n tallerId: string;\n notes?: string;\n}\n\nexport interface PaymentLink {\n id: string;\n token: string;\n tallerId: string;\n price: number;\n // Nombre interno (solo admin) — referencia para identificar el link en la\n // tabla y en el dashboard. NUNCA se muestra al cliente.\n label: string | null;\n // Etiqueta promocional visible al cliente en /pago/t/[token] junto al\n // emoji 🔥 (ej. \"Promo amigas\", \"Última semana\"). Opcional.\n publicLabel: string | null;\n notes: string | null;\n active: boolean;\n expiresAt: string;\n createdByUid: string;\n createdByEmail: string | null;\n createdByName: string | null;\n timesPaid: number;\n lastPaidAt: string | null;\n createdAt: string;\n updatedAt: string;\n}\n\nexport const PAYMENT_LINK_PRICE_MIN = 1;\nexport const PAYMENT_LINK_PRICE_MAX = 2000;\nexport const PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;\nexport const PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;\n\nexport function generatePaymentLinkToken(): string {\n // 12 bytes → 16 chars base64url, suficientemente largo para evitar adivinanza\n // (2^96 combinaciones) y lo bastante corto para un URL amigable.\n return randomBytes(12)\n .toString(\"base64\")\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/g, \"\");\n}\n\nexport function defaultExpiry(): Date {\n const d = new Date();\n d.setDate(d.getDate() + PAYMENT_LINK_DEFAULT_EXPIRY_DAYS);\n return d;\n}\n\nexport function isExpired(expiresAt: Date | string): boolean {\n const iso = typeof expiresAt === \"string\" ? expiresAt : expiresAt.toISOString();\n return new Date(iso).getTime() < Date.now();\n}\n","// Source: pauhenriques-website/src/lib/pago-link/anonymousAuth.ts\n// Phase 1.4: refactored to factory pattern.\n//\n// Client-only helper used by guest checkout flows (e.g. payment links) that\n// need a Firebase __session cookie to call the package's POST handlers\n// (charge, 3ds-complete, refund, etc.) — those handlers verify a session\n// cookie, so guests must first sign in anonymously.\n//\n// The two consumer touchpoints (Firebase client Auth instance and session\n// endpoint path) are injected as deps rather than imported from a fixed\n// module path, so the helper works in any Next.js app regardless of how\n// the consumer initializes Firebase.\n\nimport type { Auth, User } from \"firebase/auth\";\n\n/** Dependencies for the anonymous-auth helper factory. */\nexport interface AnonymousAuthHelperDeps {\n /** Firebase client Auth instance. Must be the same instance used by the consumer's app for sign-in state to stay consistent across calls. */\n auth: Auth;\n /** URL where the helper POSTs `{ idToken }` to exchange the Firebase ID token for a server-side session cookie. The endpoint must respond 2xx on success. Default: \"/api/auth/session\". */\n sessionEndpoint?: string;\n}\n\n/**\n * Creates an `ensureAnonymousSession(existingUser)` function that signs in\n * anonymously (if not already signed in) and establishes a server-side\n * session cookie. Idempotent: if a user is already signed in, refreshes\n * the cookie with the current user.\n *\n * Usage:\n *\n * const ensureAnonymousSession = createAnonymousAuthHelper({\n * auth: clientAuth,\n * sessionEndpoint: \"/api/auth/session\",\n * });\n * const user = await ensureAnonymousSession(currentUser);\n */\nexport function createAnonymousAuthHelper(deps: AnonymousAuthHelperDeps) {\n const sessionEndpoint = deps.sessionEndpoint ?? \"/api/auth/session\";\n\n return async function ensureAnonymousSession(\n existingUser: User | null,\n ): Promise<User> {\n let user = existingUser ?? deps.auth.currentUser;\n\n if (!user) {\n const { signInAnonymously } = await import(\"firebase/auth\");\n const cred = await signInAnonymously(deps.auth);\n user = cred.user;\n }\n\n const idToken = await user.getIdToken(/* forceRefresh */ true);\n const res = await fetch(sessionEndpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ idToken }),\n });\n\n if (!res.ok) {\n throw new Error(`No se pudo establecer la sesión (${res.status})`);\n }\n\n return user;\n };\n}\n"]}

package/dist/payment-links/index.d.cts ADDED Viewed

@@ -0,0 +1,60 @@
+import { Auth, User } from 'firebase/auth';
+interface PaymentLinkInput {
+    price: number;
+    label?: string;
+    publicLabel?: string;
+    expiresAt: Date;
+    tallerId: string;
+    notes?: string;
+}
+interface PaymentLink {
+    id: string;
+    token: string;
+    tallerId: string;
+    price: number;
+    label: string | null;
+    publicLabel: string | null;
+    notes: string | null;
+    active: boolean;
+    expiresAt: string;
+    createdByUid: string;
+    createdByEmail: string | null;
+    createdByName: string | null;
+    timesPaid: number;
+    lastPaidAt: string | null;
+    createdAt: string;
+    updatedAt: string;
+}
+declare const PAYMENT_LINK_PRICE_MIN = 1;
+declare const PAYMENT_LINK_PRICE_MAX = 2000;
+declare const PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;
+declare const PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;
+declare function generatePaymentLinkToken(): string;
+declare function defaultExpiry(): Date;
+declare function isExpired(expiresAt: Date | string): boolean;
+/** Dependencies for the anonymous-auth helper factory. */
+interface AnonymousAuthHelperDeps {
+    /** Firebase client Auth instance. Must be the same instance used by the consumer's app for sign-in state to stay consistent across calls. */
+    auth: Auth;
+    /** URL where the helper POSTs `{ idToken }` to exchange the Firebase ID token for a server-side session cookie. The endpoint must respond 2xx on success. Default: "/api/auth/session". */
+    sessionEndpoint?: string;
+}
+/**
+ * Creates an `ensureAnonymousSession(existingUser)` function that signs in
+ * anonymously (if not already signed in) and establishes a server-side
+ * session cookie. Idempotent: if a user is already signed in, refreshes
+ * the cookie with the current user.
+ *
+ * Usage:
+ *
+ *   const ensureAnonymousSession = createAnonymousAuthHelper({
+ *     auth: clientAuth,
+ *     sessionEndpoint: "/api/auth/session",
+ *   });
+ *   const user = await ensureAnonymousSession(currentUser);
+ */
+declare function createAnonymousAuthHelper(deps: AnonymousAuthHelperDeps): (existingUser: User | null) => Promise<User>;
+export { type AnonymousAuthHelperDeps, PAYMENT_LINK_DEFAULT_EXPIRY_DAYS, PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD, PAYMENT_LINK_PRICE_MAX, PAYMENT_LINK_PRICE_MIN, type PaymentLink, type PaymentLinkInput, createAnonymousAuthHelper, defaultExpiry, generatePaymentLinkToken, isExpired };

package/dist/payment-links/index.d.ts ADDED Viewed

@@ -0,0 +1,60 @@
+import { Auth, User } from 'firebase/auth';
+interface PaymentLinkInput {
+    price: number;
+    label?: string;
+    publicLabel?: string;
+    expiresAt: Date;
+    tallerId: string;
+    notes?: string;
+}
+interface PaymentLink {
+    id: string;
+    token: string;
+    tallerId: string;
+    price: number;
+    label: string | null;
+    publicLabel: string | null;
+    notes: string | null;
+    active: boolean;
+    expiresAt: string;
+    createdByUid: string;
+    createdByEmail: string | null;
+    createdByName: string | null;
+    timesPaid: number;
+    lastPaidAt: string | null;
+    createdAt: string;
+    updatedAt: string;
+}
+declare const PAYMENT_LINK_PRICE_MIN = 1;
+declare const PAYMENT_LINK_PRICE_MAX = 2000;
+declare const PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;
+declare const PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;
+declare function generatePaymentLinkToken(): string;
+declare function defaultExpiry(): Date;
+declare function isExpired(expiresAt: Date | string): boolean;
+/** Dependencies for the anonymous-auth helper factory. */
+interface AnonymousAuthHelperDeps {
+    /** Firebase client Auth instance. Must be the same instance used by the consumer's app for sign-in state to stay consistent across calls. */
+    auth: Auth;
+    /** URL where the helper POSTs `{ idToken }` to exchange the Firebase ID token for a server-side session cookie. The endpoint must respond 2xx on success. Default: "/api/auth/session". */
+    sessionEndpoint?: string;
+}
+/**
+ * Creates an `ensureAnonymousSession(existingUser)` function that signs in
+ * anonymously (if not already signed in) and establishes a server-side
+ * session cookie. Idempotent: if a user is already signed in, refreshes
+ * the cookie with the current user.
+ *
+ * Usage:
+ *
+ *   const ensureAnonymousSession = createAnonymousAuthHelper({
+ *     auth: clientAuth,
+ *     sessionEndpoint: "/api/auth/session",
+ *   });
+ *   const user = await ensureAnonymousSession(currentUser);
+ */
+declare function createAnonymousAuthHelper(deps: AnonymousAuthHelperDeps): (existingUser: User | null) => Promise<User>;
+export { type AnonymousAuthHelperDeps, PAYMENT_LINK_DEFAULT_EXPIRY_DAYS, PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD, PAYMENT_LINK_PRICE_MAX, PAYMENT_LINK_PRICE_MIN, type PaymentLink, type PaymentLinkInput, createAnonymousAuthHelper, defaultExpiry, generatePaymentLinkToken, isExpired };

package/dist/payment-links/index.js ADDED Viewed

@@ -0,0 +1,49 @@
+import { randomBytes } from 'crypto';
+// src/payment-links/paymentLink.ts
+var PAYMENT_LINK_PRICE_MIN = 1;
+var PAYMENT_LINK_PRICE_MAX = 2e3;
+var PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;
+var PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;
+function generatePaymentLinkToken() {
+  return randomBytes(12).toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function defaultExpiry() {
+  const d = /* @__PURE__ */ new Date();
+  d.setDate(d.getDate() + PAYMENT_LINK_DEFAULT_EXPIRY_DAYS);
+  return d;
+}
+function isExpired(expiresAt) {
+  const iso = typeof expiresAt === "string" ? expiresAt : expiresAt.toISOString();
+  return new Date(iso).getTime() < Date.now();
+}
+// src/payment-links/anonymousAuth.ts
+function createAnonymousAuthHelper(deps) {
+  const sessionEndpoint = deps.sessionEndpoint ?? "/api/auth/session";
+  return async function ensureAnonymousSession(existingUser) {
+    let user = existingUser ?? deps.auth.currentUser;
+    if (!user) {
+      const { signInAnonymously } = await import('firebase/auth');
+      const cred = await signInAnonymously(deps.auth);
+      user = cred.user;
+    }
+    const idToken = await user.getIdToken(
+      /* forceRefresh */
+      true
+    );
+    const res = await fetch(sessionEndpoint, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ idToken })
+    });
+    if (!res.ok) {
+      throw new Error(`No se pudo establecer la sesi\xF3n (${res.status})`);
+    }
+    return user;
+  };
+}
+export { PAYMENT_LINK_DEFAULT_EXPIRY_DAYS, PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD, PAYMENT_LINK_PRICE_MAX, PAYMENT_LINK_PRICE_MIN, createAnonymousAuthHelper, defaultExpiry, generatePaymentLinkToken, isExpired };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/payment-links/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/payment-links/paymentLink.ts","../../src/payment-links/anonymousAuth.ts"],"names":[],"mappings":";;;AAkCO,IAAM,sBAAA,GAAyB;AAC/B,IAAM,sBAAA,GAAyB;AAC/B,IAAM,oCAAA,GAAuC;AAC7C,IAAM,gCAAA,GAAmC;AAEzC,SAAS,wBAAA,GAAmC;AAGjD,EAAA,OAAO,YAAY,EAAE,CAAA,CAClB,QAAA,CAAS,QAAQ,EACjB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,QAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,QAAQ,EAAE,CAAA;AACvB;AAEO,SAAS,aAAA,GAAsB;AACpC,EAAA,MAAM,CAAA,uBAAQ,IAAA,EAAK;AACnB,EAAA,CAAA,CAAE,OAAA,CAAQ,CAAA,CAAE,OAAA,EAAQ,GAAI,gCAAgC,CAAA;AACxD,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,UAAU,SAAA,EAAmC;AAC3D,EAAA,MAAM,MAAM,OAAO,SAAA,KAAc,QAAA,GAAW,SAAA,GAAY,UAAU,WAAA,EAAY;AAC9E,EAAA,OAAO,IAAI,IAAA,CAAK,GAAG,EAAE,OAAA,EAAQ,GAAI,KAAK,GAAA,EAAI;AAC5C;;;ACrBO,SAAS,0BAA0B,IAAA,EAA+B;AACvE,EAAA,MAAM,eAAA,GAAkB,KAAK,eAAA,IAAmB,mBAAA;AAEhD,EAAA,OAAO,eAAe,uBACpB,YAAA,EACe;AACf,IAAA,IAAI,IAAA,GAAO,YAAA,IAAgB,IAAA,CAAK,IAAA,CAAK,WAAA;AAErC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,eAAe,CAAA;AAC1D,MAAA,MAAM,IAAA,GAAO,MAAM,iBAAA,CAAkB,IAAA,CAAK,IAAI,CAAA;AAC9C,MAAA,IAAA,GAAO,IAAA,CAAK,IAAA;AAAA,IACd;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,UAAA;AAAA;AAAA,MAA8B;AAAA,KAAI;AAC7D,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,eAAA,EAAiB;AAAA,MACvC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,MAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,SAAS;AAAA,KACjC,CAAA;AAED,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oCAAA,EAAoC,GAAA,CAAI,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,IACnE;AAEA,IAAA,OAAO,IAAA;AAAA,EACT,CAAA;AACF","file":"index.js","sourcesContent":["import { randomBytes } from \"crypto\";\n\nexport interface PaymentLinkInput {\n price: number;\n label?: string;\n publicLabel?: string;\n expiresAt: Date;\n tallerId: string;\n notes?: string;\n}\n\nexport interface PaymentLink {\n id: string;\n token: string;\n tallerId: string;\n price: number;\n // Nombre interno (solo admin) — referencia para identificar el link en la\n // tabla y en el dashboard. NUNCA se muestra al cliente.\n label: string | null;\n // Etiqueta promocional visible al cliente en /pago/t/[token] junto al\n // emoji 🔥 (ej. \"Promo amigas\", \"Última semana\"). Opcional.\n publicLabel: string | null;\n notes: string | null;\n active: boolean;\n expiresAt: string;\n createdByUid: string;\n createdByEmail: string | null;\n createdByName: string | null;\n timesPaid: number;\n lastPaidAt: string | null;\n createdAt: string;\n updatedAt: string;\n}\n\nexport const PAYMENT_LINK_PRICE_MIN = 1;\nexport const PAYMENT_LINK_PRICE_MAX = 2000;\nexport const PAYMENT_LINK_PRICE_CONFIRM_THRESHOLD = 200;\nexport const PAYMENT_LINK_DEFAULT_EXPIRY_DAYS = 30;\n\nexport function generatePaymentLinkToken(): string {\n // 12 bytes → 16 chars base64url, suficientemente largo para evitar adivinanza\n // (2^96 combinaciones) y lo bastante corto para un URL amigable.\n return randomBytes(12)\n .toString(\"base64\")\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/g, \"\");\n}\n\nexport function defaultExpiry(): Date {\n const d = new Date();\n d.setDate(d.getDate() + PAYMENT_LINK_DEFAULT_EXPIRY_DAYS);\n return d;\n}\n\nexport function isExpired(expiresAt: Date | string): boolean {\n const iso = typeof expiresAt === \"string\" ? expiresAt : expiresAt.toISOString();\n return new Date(iso).getTime() < Date.now();\n}\n","// Source: pauhenriques-website/src/lib/pago-link/anonymousAuth.ts\n// Phase 1.4: refactored to factory pattern.\n//\n// Client-only helper used by guest checkout flows (e.g. payment links) that\n// need a Firebase __session cookie to call the package's POST handlers\n// (charge, 3ds-complete, refund, etc.) — those handlers verify a session\n// cookie, so guests must first sign in anonymously.\n//\n// The two consumer touchpoints (Firebase client Auth instance and session\n// endpoint path) are injected as deps rather than imported from a fixed\n// module path, so the helper works in any Next.js app regardless of how\n// the consumer initializes Firebase.\n\nimport type { Auth, User } from \"firebase/auth\";\n\n/** Dependencies for the anonymous-auth helper factory. */\nexport interface AnonymousAuthHelperDeps {\n /** Firebase client Auth instance. Must be the same instance used by the consumer's app for sign-in state to stay consistent across calls. */\n auth: Auth;\n /** URL where the helper POSTs `{ idToken }` to exchange the Firebase ID token for a server-side session cookie. The endpoint must respond 2xx on success. Default: \"/api/auth/session\". */\n sessionEndpoint?: string;\n}\n\n/**\n * Creates an `ensureAnonymousSession(existingUser)` function that signs in\n * anonymously (if not already signed in) and establishes a server-side\n * session cookie. Idempotent: if a user is already signed in, refreshes\n * the cookie with the current user.\n *\n * Usage:\n *\n * const ensureAnonymousSession = createAnonymousAuthHelper({\n * auth: clientAuth,\n * sessionEndpoint: \"/api/auth/session\",\n * });\n * const user = await ensureAnonymousSession(currentUser);\n */\nexport function createAnonymousAuthHelper(deps: AnonymousAuthHelperDeps) {\n const sessionEndpoint = deps.sessionEndpoint ?? \"/api/auth/session\";\n\n return async function ensureAnonymousSession(\n existingUser: User | null,\n ): Promise<User> {\n let user = existingUser ?? deps.auth.currentUser;\n\n if (!user) {\n const { signInAnonymously } = await import(\"firebase/auth\");\n const cred = await signInAnonymously(deps.auth);\n user = cred.user;\n }\n\n const idToken = await user.getIdToken(/* forceRefresh */ true);\n const res = await fetch(sessionEndpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ idToken }),\n });\n\n if (!res.ok) {\n throw new Error(`No se pudo establecer la sesión (${res.status})`);\n }\n\n return user;\n };\n}\n"]}