@reeboot/strapi-payment-plugin 0.0.1 → 0.0.2

package/dist/server/index.mjs

@@ -1,1237 +1,1999 @@
 import Stripe from "stripe";
-import { factories } from "@strapi/strapi";
-const bootstrap = async ({ strapi }) => {
-  const syncService = strapi.service("plugin::strapi-payment-plugin.sync");
-  syncService?.startPeriodicSync();
-  console.log("Periodic sync started");
+const bootstrap = ({ strapi: strapi2 }) => {
 };
-const destroy = ({ strapi }) => {
+const destroy = ({ strapi: strapi2 }) => {
 };
-const register = ({ strapi }) => {
+const register = ({ strapi: strapi2 }) => {
 };
 const config = {
   default: {},
   validator() {
+  }
+};
+const schema$2 = {
+  kind: "collectionType",
+  collectionName: "customers",
+  info: {
+    singularName: "customer",
+    pluralName: "customers",
+    displayName: "Customer",
+    description: "Customer information for payment processing"
+  },
+  options: {
+    draftAndPublish: false
   },
-  stripe: {
-    secretKey: process.env.STRIPE_SECRET_KEY,
-    publishableKey: process.env.STRIPE_PUBLISHABLE_KEY,
-    webhookSecret: process.env.STRIPE_WEBHOOK_SECRET
+  pluginOptions: {
+    i18n: {
+      localized: true
+    }
   },
-  paypal: {
-    clientId: process.env.PAYPAL_CLIENT_ID,
-    clientSecret: process.env.PAYPAL_CLIENT_SECRET,
-    webhookId: process.env.PAYPAL_WEBHOOK_ID
+  attributes: {
+    email: {
+      type: "email",
+      unique: true,
+      required: true,
+      configurable: false
+    },
+    stripe_customer_id: {
+      type: "string",
+      unique: true,
+      required: true,
+      configurable: false
+    },
+    first_name: {
+      type: "string",
+      required: true,
+      configurable: false
+    },
+    last_name: {
+      type: "string",
+      required: true,
+      configurable: false
+    },
+    phone: {
+      type: "string",
+      configurable: false
+    },
+    address: {
+      type: "json",
+      configurable: false
+    },
+    metadata: {
+      type: "json",
+      configurable: false
+    },
+    orders: {
+      type: "relation",
+      relation: "oneToMany",
+      target: "plugin::payment-plugin.order",
+      mappedBy: "customer"
+    },
+    payments: {
+      type: "relation",
+      relation: "oneToMany",
+      target: "plugin::payment-plugin.payment",
+      mappedBy: "customer"
+    }
   }
 };
+const customer = { schema: schema$2 };
 const schema$1 = {
-  "kind": "collectionType",
-  "collectionName": "products",
-  "info": {
-    "singularName": "product",
-    "pluralName": "products",
-    "displayName": "Product",
-    "description": "A product that can be purchased"
+  kind: "collectionType",
+  collectionName: "orders",
+  info: {
+    singularName: "order",
+    pluralName: "orders",
+    displayName: "Order",
+    description: "Customer orders linked to payments"
   },
-  "options": {
-    "draftAndPublish": false
+  options: {
+    draftAndPublish: false
   },
-  "pluginOptions": {
-    "content-manager": {
-      "visible": true
-    },
-    "content-type-builder": {
-      "visible": true
+  pluginOptions: {
+    i18n: {
+      localized: true
     }
   },
-  "attributes": {
-    "name": {
-      "type": "string",
-      "required": true
-    },
-    "description": {
-      "type": "text"
-    },
-    "price": {
-      "type": "decimal",
-      "required": true
+  attributes: {
+    order_number: {
+      type: "string",
+      unique: true,
+      required: true,
+      configurable: false
     },
-    "currency": {
-      "type": "string",
-      "required": true,
-      "default": "USD"
+    total_amount: {
+      type: "integer",
+      required: true,
+      min: 0,
+      configurable: false,
+      default: 0
     },
-    "isSubscription": {
-      "type": "boolean",
-      "default": false
+    currency: {
+      type: "string",
+      required: true,
+      default: "usd",
+      configurable: false
     },
-    "subscriptionInterval": {
-      "type": "enumeration",
-      "enum": ["day", "week", "month", "year"],
-      "default": "month"
+    status: {
+      type: "enumeration",
+      enum: ["pending", "processing", "completed", "failed", "refunded"],
+      required: true,
+      default: "pending",
+      configurable: false
     },
-    "stripeProductId": {
-      "type": "string"
+    customer: {
+      type: "relation",
+      relation: "manyToOne",
+      target: "plugin::payment-plugin.customer",
+      inversedBy: "orders"
     },
-    "paypalProductId": {
-      "type": "string"
+    payments: {
+      type: "relation",
+      relation: "oneToMany",
+      target: "plugin::payment-plugin.payment",
+      mappedBy: "order"
     },
-    "createdAt": {
-      "type": "datetime"
+    items: {
+      type: "json",
+      required: true,
+      configurable: false
     },
-    "updatedAt": {
-      "type": "datetime"
+    metadata: {
+      type: "json",
+      configurable: false
     }
   }
 };
-const product$2 = {
-  schema: schema$1
-};
+const order = { schema: schema$1 };
 const schema = {
-  "kind": "collectionType",
-  "collectionName": "subscriptions",
-  "info": {
-    "singularName": "subscription",
-    "pluralName": "subscriptions",
-    "displayName": "Subscription",
-    "description": "A subscription to a product"
+  kind: "collectionType",
+  collectionName: "payments",
+  info: {
+    singularName: "payment",
+    pluralName: "payments",
+    displayName: "Payment",
+    description: "Payment records for Stripe payment processing"
   },
-  "options": {
-    "draftAndPublish": false
+  options: {
+    draftAndPublish: false
   },
-  "pluginOptions": {
-    "content-manager": {
-      "visible": true
-    },
-    "content-type-builder": {
-      "visible": true
+  pluginOptions: {
+    i18n: {
+      localized: true
     }
   },
-  "attributes": {
-    "user": {
-      "type": "relation",
-      "relation": "morphOne",
-      "target": "plugin::users-permissions.user"
-    },
-    "product": {
-      "type": "relation",
-      "relation": "oneToOne",
-      "target": "plugin::strapi-payment-plugin.product"
+  attributes: {
+    stripe_payment_intent_id: {
+      type: "string",
+      unique: true,
+      required: true,
+      configurable: false
     },
-    "status": {
-      "type": "enumeration",
-      "enum": ["active", "canceled", "past_due", "unpaid", "trialing"],
-      "default": "active"
+    amount: {
+      type: "integer",
+      required: true,
+      min: 0,
+      configurable: false,
+      default: 0
     },
-    "startDate": {
-      "type": "date",
-      "required": true
+    currency: {
+      type: "string",
+      required: true,
+      default: "usd",
+      configurable: false
     },
-    "endDate": {
-      "type": "date"
+    status: {
+      type: "enumeration",
+      enum: ["pending", "succeeded", "failed", "canceled"],
+      required: true,
+      default: "pending",
+      configurable: false
     },
-    "stripeSubscriptionId": {
-      "type": "string"
+    payment_method: {
+      type: "string",
+      configurable: false
     },
-    "paypalSubscriptionId": {
-      "type": "string"
+    metadata: {
+      type: "json",
+      configurable: false
     },
-    "createdAt": {
-      "type": "datetime"
+    customer: {
+      type: "relation",
+      relation: "manyToOne",
+      target: "plugin::payment-plugin.customer",
+      inversedBy: "payments"
     },
-    "updatedAt": {
-      "type": "datetime"
+    order: {
+      type: "relation",
+      relation: "manyToOne",
+      target: "plugin::payment-plugin.order",
+      inversedBy: "payments"
     }
   }
 };
-const subscription$2 = {
-  schema
-};
+const payment = { schema };
 const contentTypes = {
-  product: product$2,
-  subscription: subscription$2
+  customer,
+  order,
+  payment
 };
-const stripe = new Stripe(config.stripe.secretKey, {
-  apiVersion: "2025-07-30.basil"
+const controller = ({ strapi: strapi2 }) => ({
+  index(ctx) {
+    ctx.body = strapi2.plugin("payment-plugin").service("service").getWelcomeMessage();
+  }
 });
-const stripeDriver = {
-  customers: stripe.customers,
-  async initializePayment(amount, currency, orderId, options) {
-    const paymentIntent = await stripe.paymentIntents.create({
-      amount,
-      currency,
-      metadata: { orderId },
-      ...options
-    });
-    return paymentIntent;
-  },
-  async processWebhook(payload, signature) {
-    const event = stripe.webhooks.constructEvent(
-      payload,
-      signature,
-      config.stripe.webhookSecret
-    );
-    return event;
-  },
-  async refundPayment(transactionId, amount, options) {
-    return stripe.refunds.create({
-      payment_intent: transactionId,
-      amount,
-      ...options
-    });
-  },
-  async getStripeProducts() {
-    const products = await stripe.products.list({
-      limit: 100,
-      expand: ["data.default_price"]
-    });
-    return products.data;
-  },
-  async getStripeProduct(productId) {
-    const product2 = await stripe.products.retrieve(productId, {
-      expand: ["default_price"]
-    });
-    return product2;
-  },
-  async getProductPrice(productId) {
-    const product2 = await this.getStripeProduct(productId);
-    if (product2.default_price) {
-      if (typeof product2.default_price === "string") {
-        const price = await stripe.prices.retrieve(product2.default_price);
-        return {
-          unit_amount: price.unit_amount,
-          currency: price.currency
-        };
-      } else {
-        return {
-          unit_amount: product2.default_price.unit_amount,
-          currency: product2.default_price.currency
-        };
+const stripeController = {
+  /**
+   * Create a payment intent
+   */
+  async createPaymentIntent(ctx) {
+    try {
+      const { amount, currency, customerId, orderId, metadata = {} } = ctx.request.body;
+      if (!amount || !currency) {
+        return ctx.badRequest("Amount and currency are required");
+      }
+      if (amount <= 0) {
+        return ctx.badRequest("Amount must be greater than 0");
       }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const paymentIntent = await stripeService2.createPaymentIntent({
+        amount,
+        currency,
+        metadata,
+        customerId,
+        orderId
+      });
+      ctx.body = {
+        success: true,
+        data: {
+          paymentIntentId: paymentIntent.id,
+          clientSecret: paymentIntent.client_secret,
+          status: paymentIntent.status,
+          amount: paymentIntent.amount,
+          currency: paymentIntent.currency
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to create payment intent", { error });
+      ctx.internalServerError("Failed to create payment intent");
     }
-    return null;
-  },
-  async getPaymentDetails(transactionId) {
-    return stripe.paymentIntents.retrieve(transactionId);
   },
-  async createProduct(productData) {
-    return stripe.products.create({
-      name: productData.name,
-      description: productData.description || "",
-      default_price_data: {
-        currency: productData.currency || "usd",
-        unit_amount: Math.round(productData.price * 100)
-        // Convert to cents
+  /**
+   * Confirm a payment intent
+   */
+  async confirmPayment(ctx) {
+    try {
+      const { paymentIntentId } = ctx.params;
+      if (!paymentIntentId) {
+        return ctx.badRequest("Payment intent ID is required");
       }
-    });
-  },
-  async updateProduct(productId, productData) {
-    return stripe.products.update(productId, {
-      name: productData.name,
-      description: productData.description || "",
-      default_price: productData.stripePriceId
-    });
-  },
-  async deleteProduct(productId) {
-    return stripe.products.del(productId);
-  },
-  async createSubscription(customerId, priceId, options = {}) {
-    return stripe.subscriptions.create({
-      customer: customerId,
-      items: [{ price: priceId }],
-      ...options
-    });
-  },
-  async updateSubscription(subscriptionId, options = {}) {
-    return stripe.subscriptions.update(subscriptionId, options);
-  },
-  async cancelSubscription(subscriptionId) {
-    return stripe.subscriptions.cancel(subscriptionId);
-  },
-  async getSubscription(subscriptionId) {
-    return stripe.subscriptions.retrieve(subscriptionId);
-  },
-  async getTransactions(limit = 10, startingAfter = null) {
-    const params = {
-      limit: Math.min(limit, 100)
-      // Max 100 per Stripe API
-    };
-    if (startingAfter) {
-      params.starting_after = startingAfter;
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const paymentIntent = await stripeService2.confirmPayment(paymentIntentId);
+      ctx.body = {
+        success: true,
+        data: {
+          paymentIntentId: paymentIntent.id,
+          status: paymentIntent.status,
+          amount: paymentIntent.amount,
+          currency: paymentIntent.currency
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to confirm payment", { error });
+      ctx.internalServerError("Failed to confirm payment");
     }
-    const payments = await stripe.paymentIntents.list(params);
-    return payments.data;
   },
-  async importProductFromStripe(stripeProductId) {
-    const product2 = await stripe.products.retrieve(stripeProductId, {
-      expand: ["default_price"]
-    });
-    let priceInfo = null;
-    if (product2.default_price) {
-      if (typeof product2.default_price === "string") {
-        const price = await stripe.prices.retrieve(product2.default_price);
-        priceInfo = {
-          unit_amount: price.unit_amount,
-          currency: price.currency
-        };
-      } else {
-        priceInfo = {
-          unit_amount: product2.default_price.unit_amount,
-          currency: product2.default_price.currency
-        };
+  /**
+   * Create a Stripe customer
+   */
+  async createCustomer(ctx) {
+    try {
+      const { email, firstName, lastName, phone, address, metadata = {} } = ctx.request.body;
+      if (!email || !firstName || !lastName) {
+        return ctx.badRequest("Email, first name, and last name are required");
       }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const customer2 = await stripeService2.createCustomer({
+        email,
+        firstName,
+        lastName,
+        phone,
+        address,
+        metadata
+      });
+      ctx.body = {
+        success: true,
+        data: {
+          customerId: customer2.id,
+          email: customer2.email,
+          name: customer2.name,
+          created: customer2.created
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to create customer", { error });
+      ctx.internalServerError("Failed to create customer");
     }
-    return {
-      name: product2.name,
-      description: product2.description,
-      price: priceInfo ? priceInfo.unit_amount / 100 : 0,
-      currency: priceInfo ? priceInfo.currency : "USD",
-      stripeProductId: product2.id
-    };
-  },
-  async createPayment(amount, currency, paymentMethod, returnUrl = "https://example.com/return") {
-    const paymentIntent = await stripe.paymentIntents.create({
-      amount,
-      currency,
-      payment_method: paymentMethod,
-      confirmation_method: "automatic",
-      confirm: true,
-      return_url: returnUrl
-    });
-    return {
-      paymentIntent,
-      redirectUrl: paymentIntent.next_action?.redirect_to_url?.url || null
-    };
   },
-  async createPaymentWithUrl(amount, currency, paymentMethod, returnUrl = "https://example.com/return") {
-    const paymentIntent = await stripe.paymentIntents.create({
-      amount,
-      currency,
-      payment_method: paymentMethod,
-      confirmation_method: "automatic",
-      confirm: true,
-      return_url: returnUrl
-    });
-    if (paymentIntent.next_action?.type === "redirect_to_url") {
-      return {
-        paymentIntent,
-        redirectUrl: paymentIntent.next_action.redirect_to_url.url
+  /**
+   * Retrieve a Stripe customer
+   */
+  async retrieveCustomer(ctx) {
+    try {
+      const { customerId } = ctx.params;
+      if (!customerId) {
+        return ctx.badRequest("Customer ID is required");
+      }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const customer2 = await stripeService2.retrieveCustomer(customerId);
+      if ("deleted" in customer2 && customer2.deleted) {
+        return ctx.notFound("Customer not found");
+      }
+      ctx.body = {
+        success: true,
+        data: {
+          customerId: customer2.id,
+          email: customer2.email,
+          name: customer2.name,
+          created: customer2.created,
+          metadata: customer2.metadata
+        }
       };
+    } catch (error) {
+      strapi.log.error("Failed to retrieve customer", { error });
+      ctx.internalServerError("Failed to retrieve customer");
     }
-    return {
-      paymentIntent,
-      redirectUrl: null
-    };
   },
-  async createPaymentLink(productId, options = {}) {
-    const paymentLink = await stripe.paymentLinks.create({
-      line_items: [
-        {
-          price: productId,
-          quantity: 1
+  /**
+   * Create a refund
+   */
+  async createRefund(ctx) {
+    try {
+      const { paymentIntentId, amount, reason, metadata = {} } = ctx.request.body;
+      if (!paymentIntentId) {
+        return ctx.badRequest("Payment intent ID is required");
+      }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const refund = await stripeService2.createRefund({
+        paymentIntentId,
+        amount,
+        reason,
+        metadata
+      });
+      ctx.body = {
+        success: true,
+        data: {
+          refundId: refund.id,
+          amount: refund.amount,
+          currency: refund.currency,
+          status: refund.status,
+          reason: refund.reason
         }
-      ],
-      ...options
-    });
-    return paymentLink;
-  }
-};
-const controller = ({ strapi }) => ({
-  async initiatePayment(ctx) {
-    const { gateway, amount, currency, orderId, options } = ctx.request.body;
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").initializePayment(gateway, amount, currency, orderId, options);
-    ctx.body = result;
+      };
+    } catch (error) {
+      strapi.log.error("Failed to create refund", { error });
+      ctx.internalServerError("Failed to create refund");
+    }
   },
-  async processWebhook(ctx) {
-    const { gateway } = ctx.params;
-    const payload = ctx.request.body;
-    const signature = ctx.request.headers["stripe-signature"] || ctx.request.headers["paypal-transmission-id"];
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").processWebhook(gateway, payload, signature);
-    ctx.body = result;
+  /**
+   * Handle Stripe webhooks
+   */
+  async handleWebhook(ctx) {
+    try {
+      const signature = ctx.request.headers["stripe-signature"];
+      let payload;
+      if (typeof ctx.request.body === "string") {
+        payload = ctx.request.body;
+      } else if (Buffer.isBuffer(ctx.request.body)) {
+        payload = ctx.request.body;
+      } else {
+        payload = JSON.stringify(ctx.request.body);
+      }
+      if (!signature) {
+        return ctx.badRequest("Missing Stripe signature");
+      }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const event = await stripeService2.constructEvent(payload, signature);
+      await stripeService2.handleWebhook(event);
+      ctx.body = { received: true };
+    } catch (error) {
+      strapi.log.error("Failed to handle webhook", { error });
+      ctx.badRequest(`Webhook Error: ${error.message}`);
+    }
   },
-  async refundPayment(ctx) {
-    const { gateway, transactionId, amount, options } = ctx.request.body;
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").refundPayment(gateway, transactionId, amount, options);
-    ctx.body = result;
+  /**
+   * Get Stripe service status/health check
+   */
+  async getServiceStatus(ctx) {
+    try {
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      let stripe;
+      try {
+        stripe = await stripeService2.initializeStripe();
+      } catch (e) {
+        stripe = null;
+      }
+      ctx.body = {
+        success: true,
+        data: {
+          service: "Stripe Payment Service",
+          status: stripe ? "initialized" : "not initialized",
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to get service status", { error });
+      ctx.internalServerError("Failed to get service status");
+    }
   },
+  /**
+   * Get payment details by Stripe payment intent ID
+   */
   async getPaymentDetails(ctx) {
-    const { gateway, transactionId } = ctx.params;
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").getPaymentDetails(gateway, transactionId);
-    ctx.body = result;
+    try {
+      const { id: paymentIntentId } = ctx.params;
+      if (!paymentIntentId) {
+        return ctx.badRequest("Payment intent ID is required");
+      }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const stripe = await stripeService2.initializeStripe();
+      if (!stripe) {
+        return ctx.serviceUnavailable("Stripe service not initialized");
+      }
+      const paymentIntent = await stripe.paymentIntents.retrieve(paymentIntentId);
+      const strapiPayments = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters: {
+          stripe_payment_intent_id: paymentIntentId
+        },
+        populate: ["customer", "order"]
+      });
+      const strapiPayment = strapiPayments.length > 0 ? strapiPayments[0] : null;
+      ctx.body = {
+        success: true,
+        data: {
+          stripe: {
+            id: paymentIntent.id,
+            amount: paymentIntent.amount,
+            currency: paymentIntent.currency,
+            status: paymentIntent.status,
+            created: paymentIntent.created,
+            metadata: paymentIntent.metadata
+          },
+          strapi: strapiPayment
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to get payment details", { error });
+      ctx.internalServerError("Failed to get payment details");
+    }
   },
-  async getTransactions(ctx) {
-    console.log("Fetching transactions with params:", ctx.query);
-    const { gateway, status, limit = 100, offset = 0 } = ctx.query;
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").getTransactions(gateway, status, limit, offset);
-    ctx.body = result;
+  /**
+   * List payments with filtering and pagination
+   */
+  async listPayments(ctx) {
+    try {
+      const { page = 1, pageSize = 25, status, customer: customer2, order: order2 } = ctx.query;
+      const { id: userId } = ctx.state.user;
+      const filters = {};
+      if (status) filters.status = { $eq: status };
+      if (customer2) filters.customer = { $eq: customer2 };
+      if (order2) filters.order = { $eq: order2 };
+      const isAdmin = ctx.state.user.role?.name === "Administrator";
+      if (!isAdmin) {
+        filters.$or = [
+          { customer: { $eq: userId } },
+          { order: { $eq: userId } }
+        ];
+      }
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [payments, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.payment").findMany({
+          filters,
+          populate: ["customer", "order"],
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.payment").count({ filters })
+      ]);
+      ctx.body = {
+        success: true,
+        data: payments,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to list payments", { error });
+      ctx.internalServerError("Failed to list payments");
+    }
   },
-  async saveConfiguration(ctx) {
-    const configData = ctx.request.body;
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").saveConfiguration(configData);
-    ctx.body = result;
+  /**
+   * List customers with filtering and pagination
+   */
+  async listCustomers(ctx) {
+    try {
+      const { page = 1, pageSize = 25, email } = ctx.query;
+      const { id: userId } = ctx.state.user;
+      const filters = {};
+      if (email) filters.email = { $containsi: email };
+      const isAdmin = ctx.state.user.role?.name === "Administrator";
+      if (!isAdmin) {
+        filters.documentId = userId;
+      }
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [customers, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.customer").findMany({
+          filters,
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.customer").count({ filters })
+      ]);
+      ctx.body = {
+        success: true,
+        data: customers,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to list customers", { error });
+      ctx.internalServerError("Failed to list customers");
+    }
   },
-  async getConfigStatus(ctx) {
-    console.log("Fetching configuration status");
-    const result = await strapi.plugin("strapi-payment-plugin").service("service").getConfigStatus();
-    ctx.body = result;
+  /**
+   * Create a new order
+   */
+  async createOrder(ctx) {
+    try {
+      const { orderNumber, totalAmount, currency, items, customerId, metadata = {} } = ctx.request.body;
+      if (!orderNumber || !totalAmount || !currency || !items) {
+        return ctx.badRequest("Order number, total amount, currency, and items are required");
+      }
+      if (totalAmount <= 0) {
+        return ctx.badRequest("Total amount must be greater than 0");
+      }
+      if (customerId) {
+        const customers = await strapi.documents("plugin::payment-plugin.customer").findMany({
+          filters: {
+            documentId: customerId
+          }
+        });
+        if (customers.length === 0) {
+          return ctx.badRequest("Customer not found");
+        }
+      }
+      const orderData = {
+        order_number: orderNumber,
+        total_amount: totalAmount,
+        currency,
+        status: "pending",
+        customer: customerId,
+        items,
+        metadata
+      };
+      const order2 = await strapi.documents("plugin::payment-plugin.order").create({
+        data: orderData
+      });
+      ctx.body = {
+        success: true,
+        data: {
+          orderId: order2.documentId,
+          orderNumber: order2.order_number,
+          status: order2.status,
+          totalAmount: order2.total_amount,
+          currency: order2.currency,
+          created: order2.createdAt
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to create order", { error });
+      ctx.internalServerError("Failed to create order");
+    }
   },
-  async testPayment(ctx) {
-    const { amount, currency, paymentMethod, returnUrl } = ctx.request.body;
+  /**
+   * Get order details by ID
+   */
+  async getOrderDetails(ctx) {
     try {
-      const result = await stripeDriver.createPayment(amount, currency, paymentMethod, returnUrl);
+      const { id } = ctx.params;
+      const { id: userId } = ctx.state.user;
+      if (!id) {
+        return ctx.badRequest("Order ID is required");
+      }
+      const isAdmin = ctx.state.user.role?.name === "Administrator";
+      const filters = { documentId: id };
+      if (!isAdmin) {
+        filters.$or = [
+          { customer: { $eq: userId } },
+          { customer: { $eq: userId } }
+        ];
+      }
+      const orders = await strapi.documents("plugin::payment-plugin.order").findMany({
+        filters,
+        populate: ["customer"]
+      });
+      if (orders.length === 0) {
+        return ctx.notFound("Order not found");
+      }
+      const order2 = orders[0];
+      const payments = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters: { order: { $eq: order2.documentId } },
+        sort: { createdAt: "desc" }
+      });
       ctx.body = {
         success: true,
-        paymentId: result.paymentIntent.id,
-        message: "Payment successful",
-        redirectUrl: result.redirectUrl
+        data: {
+          order: order2,
+          payments
+        }
       };
     } catch (error) {
-      console.error("Payment test error:", error);
+      strapi.log.error("Failed to get order details", { error });
+      ctx.internalServerError("Failed to get order details");
+    }
+  },
+  /**
+   * List orders with filtering and pagination
+   */
+  async listOrders(ctx) {
+    try {
+      const { page = 1, pageSize = 25, status, customer: customer2 } = ctx.query;
+      const { id: userId } = ctx.state.user;
+      const filters = {};
+      if (status) filters.status = { $eq: status };
+      if (customer2) filters.customer = { $eq: customer2 };
+      const isAdmin = ctx.state.user.role?.name === "Administrator";
+      if (!isAdmin) {
+        filters.customer = { $eq: userId };
+      }
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [orders, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.order").findMany({
+          filters,
+          populate: ["customer"],
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.order").count({ filters })
+      ]);
       ctx.body = {
-        success: false,
-        message: error.message
+        success: true,
+        data: orders,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
+        }
       };
-      ctx.status = 400;
+    } catch (error) {
+      strapi.log.error("Failed to list orders", { error });
+      ctx.internalServerError("Failed to list orders");
     }
   },
-  async testPaymentWithRedirect(ctx) {
-    const { productId } = ctx.request.body;
+  // Admin Controller Methods
+  /**
+   * Get dashboard data for admin panel
+   */
+  async getDashboardData(ctx) {
     try {
-      const result = await stripeDriver.createPaymentLink(productId);
-      console.log("Payment link created:", result);
+      const { period = "30d" } = ctx.query;
+      const now = /* @__PURE__ */ new Date();
+      const days = parseInt(period);
+      const startDate = new Date(now.getTime() - days * 24 * 60 * 60 * 1e3);
+      const [totalPayments, successfulPayments, failedPayments, totalRevenue] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.payment").count({}),
+        strapi.documents("plugin::payment-plugin.payment").count({ filters: { status: { $eq: "succeeded" } } }),
+        strapi.documents("plugin::payment-plugin.payment").count({ filters: { status: { $eq: "failed" } } }),
+        strapi.documents("plugin::payment-plugin.payment").findMany({
+          filters: {
+            status: { $eq: "succeeded" },
+            createdAt: { $gte: startDate.toISOString() }
+          },
+          fields: ["amount"]
+        })
+      ]);
+      const revenue = totalRevenue.reduce((sum, payment2) => sum + payment2.amount, 0);
+      const recentTransactions = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters: { createdAt: { $gte: startDate.toISOString() } },
+        populate: ["customer", "order"],
+        sort: { createdAt: "desc" },
+        limit: 10
+      });
+      const topCustomers = await strapi.documents("plugin::payment-plugin.customer").findMany({
+        sort: { createdAt: "desc" },
+        limit: 5
+      });
       ctx.body = {
         success: true,
-        paymentLink: result.url,
-        message: "Payment link created successfully"
+        data: {
+          summary: {
+            totalPayments,
+            successfulPayments,
+            failedPayments,
+            successRate: totalPayments > 0 ? successfulPayments / totalPayments * 100 : 0,
+            totalRevenue: revenue,
+            period
+          },
+          recentTransactions,
+          topCustomers
+        }
       };
     } catch (error) {
-      console.error("Payment test error:", error);
+      strapi.log.error("Failed to get dashboard data", { error });
+      ctx.internalServerError("Failed to get dashboard data");
+    }
+  },
+  /**
+   * Get payment reports
+   */
+  async getPaymentReports(ctx) {
+    try {
+      const { startDate, endDate, format = "json" } = ctx.query;
+      const filters = {};
+      if (startDate || endDate) {
+        filters.createdAt = {};
+        if (startDate) filters.createdAt.$gte = new Date(startDate).toISOString();
+        if (endDate) filters.createdAt.$lte = new Date(endDate).toISOString();
+      }
+      const payments = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters,
+        populate: ["customer", "order"],
+        sort: { createdAt: "desc" }
+      });
+      const summary = {
+        totalPayments: payments.length,
+        totalAmount: payments.reduce((sum, p) => sum + p.amount, 0),
+        byStatus: payments.reduce((acc, p) => {
+          acc[p.status] = (acc[p.status] || 0) + 1;
+          return acc;
+        }, {}),
+        byCurrency: payments.reduce((acc, p) => {
+          acc[p.currency] = (acc[p.currency] || 0) + 1;
+          return acc;
+        }, {})
+      };
       ctx.body = {
-        success: false,
-        message: error.message
+        success: true,
+        data: {
+          summary,
+          payments,
+          generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          dateRange: { startDate, endDate }
+        }
       };
-      ctx.status = 400;
+    } catch (error) {
+      strapi.log.error("Failed to get payment reports", { error });
+      ctx.internalServerError("Failed to get payment reports");
     }
-  }
-});
-const product$1 = factories.createCoreController("plugin::strapi-payment-plugin.product", ({ strapi }) => ({
-  async create(ctx) {
+  },
+  /**
+   * Get plugin configuration
+   */
+  async getPluginConfig(ctx) {
     try {
-      const { data } = ctx.request.body;
-      const product2 = await strapi.service("plugin::strapi-payment-plugin.product").createProduct(data);
-      ctx.body = product2;
+      const store = strapi.store({ type: "plugin", name: "payment-plugin" });
+      const config2 = await store.get({ key: "settings" }) || {};
+      const staticConfig = strapi.config.get("plugin::payment-plugin") || {};
+      const mergedConfig = { ...staticConfig || {}, ...config2 || {} };
+      const sanitizedConfig = {
+        ...mergedConfig,
+        stripe: mergedConfig.stripe ? {
+          ...mergedConfig.stripe,
+          publishableKey: mergedConfig.stripe.publishableKey || process.env.STRIPE_PUBLISHABLE_KEY || (process.env.STRIPE_API_KEY?.startsWith("pk_") ? process.env.STRIPE_API_KEY : ""),
+          secretKey: mergedConfig.stripe.secretKey || process.env.STRIPE_SECRET_KEY || process.env.STRIPE_WEBHOOK_SECRET?.startsWith("sk_") ? "***configured***" : null,
+          webhookSecret: mergedConfig.stripe.webhookSecret || process.env.STRIPE_WEBHOOK_SECRET?.startsWith("whsec_") ? "***configured***" : null
+        } : {}
+      };
+      ctx.body = {
+        success: true,
+        data: sanitizedConfig
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to get plugin config", { error });
+      ctx.internalServerError("Failed to get plugin config");
     }
   },
-  async update(ctx) {
+  /**
+   * Update plugin configuration
+   */
+  async updatePluginConfig(ctx) {
     try {
-      const { id } = ctx.params;
-      const { data } = ctx.request.body;
-      const product2 = await strapi.service("plugin::strapi-payment-plugin.product").updateProduct(id, data);
-      ctx.body = product2;
+      const { stripe: newStripe, payment: payment2, logging } = ctx.request.body;
+      const store = strapi.store({ type: "plugin", name: "payment-plugin" });
+      const currentConfig = await store.get({ key: "settings" }) || {};
+      const currentStripe = currentConfig.stripe || {};
+      const stripe = {
+        ...newStripe,
+        secretKey: newStripe.secretKey === "***configured***" ? currentStripe.secretKey : newStripe.secretKey,
+        webhookSecret: newStripe.webhookSecret === "***configured***" ? currentStripe.webhookSecret : newStripe.webhookSecret
+      };
+      const config2 = {
+        stripe: stripe || {},
+        payment: payment2 || {},
+        logging: logging || {}
+      };
+      await store.set({ key: "settings", value: config2 });
+      ctx.body = {
+        success: true,
+        data: { message: "Configuration updated successfully" }
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to update plugin config", { error });
+      ctx.internalServerError("Failed to update plugin config");
     }
   },
-  async find(ctx) {
+  /**
+   * Get analytics data
+   */
+  async getAnalytics(ctx) {
     try {
-      const products = await strapi.db.query("plugin::strapi-payment-plugin.product").findMany({
-        orderBy: { name: "asc" }
+      const { period = "30d" } = ctx.query;
+      const days = parseInt(period);
+      const now = /* @__PURE__ */ new Date();
+      const startDate = new Date(now.getTime() - days * 24 * 60 * 60 * 1e3);
+      const payments = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters: {
+          createdAt: { $gte: startDate.toISOString() },
+          status: { $eq: "succeeded" }
+        },
+        fields: ["amount", "createdAt", "currency"],
+        sort: { createdAt: "asc" }
       });
-      ctx.body = products;
+      const dailyStats = payments.reduce((acc, payment2) => {
+        const date = new Date(payment2.createdAt).toISOString().split("T")[0];
+        if (!acc[date]) {
+          acc[date] = { count: 0, amount: 0, currency: payment2.currency };
+        }
+        acc[date].count += 1;
+        acc[date].amount += payment2.amount;
+        return acc;
+      }, {});
+      ctx.body = {
+        success: true,
+        data: {
+          period,
+          dailyStats,
+          totalVolume: payments.reduce((sum, p) => sum + p.amount, 0),
+          totalTransactions: payments.length,
+          averageTransaction: payments.length > 0 ? payments.reduce((sum, p) => sum + p.amount, 0) / payments.length : 0
+        }
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to get analytics", { error });
+      ctx.internalServerError("Failed to get analytics");
     }
   },
-  async findOne(ctx) {
+  /**
+   * Admin create refund
+   */
+  async adminCreateRefund(ctx) {
     try {
-      const { id } = ctx.params;
-      const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-        where: { id }
+      const { id: paymentId } = ctx.params;
+      const { amount, reason, metadata = {} } = ctx.request.body;
+      if (!paymentId) {
+        return ctx.badRequest("Payment ID is required");
+      }
+      const payments = await strapi.documents("plugin::payment-plugin.payment").findMany({
+        filters: { documentId: paymentId }
       });
-      if (!product2) {
-        return ctx.notFound("Product not found");
+      if (payments.length === 0) {
+        return ctx.notFound("Payment not found");
       }
-      ctx.body = product2;
+      const payment2 = payments[0];
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const refund = await stripeService2.createRefund({
+        paymentIntentId: payment2.stripe_payment_intent_id,
+        amount,
+        reason,
+        metadata: { ...metadata, admin_refund: true }
+      });
+      await strapi.documents("plugin::payment-plugin.payment").update({
+        documentId: payment2.documentId,
+        data: { status: "refunded" }
+      });
+      ctx.body = {
+        success: true,
+        data: {
+          refundId: refund.id,
+          amount: refund.amount,
+          currency: refund.currency,
+          status: refund.status,
+          reason: refund.reason
+        }
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to create admin refund", { error });
+      ctx.internalServerError("Failed to create admin refund");
     }
   },
-  async delete(ctx) {
+  /**
+   * Admin list payments (no user restrictions)
+   */
+  async adminListPayments(ctx) {
     try {
-      const { id } = ctx.params;
-      const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-        where: { id }
-      });
-      if (!product2) {
-        return ctx.notFound("Product not found");
-      }
-      if (product2.stripeProductId) {
-        try {
-          await stripeDriver.deleteProduct(product2.stripeProductId);
-        } catch (stripeError) {
-          console.error("Error deleting product from Stripe:", stripeError);
+      const { page = 1, pageSize = 25, status, customer: customer2, order: order2 } = ctx.query;
+      const filters = {};
+      if (status) filters.status = { $eq: status };
+      if (customer2) filters.customer = { $eq: customer2 };
+      if (order2) filters.order = { $eq: order2 };
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [payments, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.payment").findMany({
+          filters,
+          populate: ["customer", "order"],
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.payment").count({ filters })
+      ]);
+      ctx.body = {
+        success: true,
+        data: payments,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
         }
-      }
-      await strapi.db.query("plugin::strapi-payment-plugin.product").delete({
-        where: { id }
-      });
-      ctx.body = { message: "Product deleted successfully" };
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to list admin payments", { error });
+      ctx.internalServerError("Failed to list admin payments");
     }
   },
-  async sync(ctx) {
+  /**
+   * Admin list customers (no user restrictions)
+   */
+  async adminListCustomers(ctx) {
     try {
-      const { id } = ctx.params;
-      const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-        where: { id }
+      const { page = 1, pageSize = 25, email } = ctx.query;
+      const filters = {};
+      if (email) filters.email = { $containsi: email };
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [customers, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.customer").findMany({
+          filters,
+          populate: {
+            payments: {
+              filters: { status: { $eq: "succeeded" } },
+              fields: ["amount"]
+            }
+          },
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.customer").count({ filters })
+      ]);
+      const customersWithTotals = customers.map((customer2) => {
+        const successfulPayments = customer2.payments || [];
+        const totalSpent = successfulPayments.reduce((sum, p) => sum + p.amount, 0);
+        const paymentCount = successfulPayments.length;
+        return {
+          ...customer2,
+          totalSpent,
+          paymentCount
+        };
       });
-      if (!product2) {
-        return ctx.notFound("Product not found");
-      }
-      if (product2.stripeProductId) {
-        const stripeProduct = await stripeDriver.updateProduct(product2.stripeProductId, {
-          name: product2.name,
-          description: product2.description
-        });
-        ctx.body = { message: "Product synced successfully", stripeProduct };
-      } else {
-        const stripeProduct = await stripeDriver.createProduct(product2);
-        await strapi.db.query("plugin::strapi-payment-plugin.product").update({
-          where: { id },
-          data: { stripeProductId: stripeProduct.id }
-        });
-        ctx.body = { message: "Product created in Stripe successfully", stripeProduct };
-      }
+      ctx.body = {
+        success: true,
+        data: customersWithTotals,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
+        }
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to list admin customers", { error });
+      ctx.internalServerError("Failed to list admin customers");
     }
   },
-  async getStripeProducts(ctx) {
+  /**
+   * Admin list orders (no user restrictions)
+   */
+  async adminListOrders(ctx) {
     try {
-      const stripeProducts = await stripeDriver.getStripeProducts();
-      ctx.body = stripeProducts;
+      const { page = 1, pageSize = 25, status, customer: customer2 } = ctx.query;
+      const filters = {};
+      if (status) filters.status = { $eq: status };
+      if (customer2) filters.customer = { $eq: customer2 };
+      const pageNum = parseInt(page);
+      const pageSizeNum = parseInt(pageSize);
+      const start = (pageNum - 1) * pageSizeNum;
+      const [orders, total] = await Promise.all([
+        strapi.documents("plugin::payment-plugin.order").findMany({
+          filters,
+          populate: ["customer"],
+          sort: { createdAt: "desc" },
+          start,
+          limit: pageSizeNum
+        }),
+        strapi.documents("plugin::payment-plugin.order").count({ filters })
+      ]);
+      ctx.body = {
+        success: true,
+        data: orders,
+        meta: {
+          pagination: {
+            page: pageNum,
+            pageSize: pageSizeNum,
+            pageCount: Math.ceil(total / pageSizeNum),
+            total
+          }
+        }
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to list admin orders", { error });
+      ctx.internalServerError("Failed to list admin orders");
     }
   },
-  async importFromStripe(ctx) {
+  /**
+   * Test webhook endpoint
+   */
+  async testWebhook(ctx) {
     try {
-      const { stripeProductId } = ctx.request.body;
-      const productData = await stripeDriver.importProductFromStripe(stripeProductId);
-      const existingProduct = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-        where: { stripeProductId }
-      });
-      if (existingProduct) {
-        return ctx.badRequest("Product already imported");
-      }
-      const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").create({
-        data: productData
+      const { eventType = "payment_intent.succeeded" } = ctx.request.body;
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const testEvent = {
+        id: `evt_test_${Date.now()}`,
+        object: "event",
+        type: eventType,
+        data: {
+          object: {
+            id: `pi_test_${Date.now()}`,
+            object: "payment_intent",
+            amount: 1e3,
+            currency: "usd",
+            status: "succeeded",
+            metadata: { test: true }
+          }
+        }
+      };
+      await stripeService2.handleWebhook(testEvent);
+      ctx.body = {
+        success: true,
+        data: {
+          message: "Test webhook processed successfully",
+          eventId: testEvent.id,
+          eventType: testEvent.type
+        }
+      };
+    } catch (error) {
+      strapi.log.error("Failed to test webhook", { error });
+      ctx.internalServerError("Failed to test webhook");
+    }
+  },
+  /**
+   * Initialize a functional payment flow (Customer -> Order -> PI)
+   */
+  async initializePayment(ctx) {
+    try {
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const {
+        amount = 5e3,
+        currency = "usd",
+        email = `customer-${Date.now()}@example.com`,
+        firstName = "John",
+        lastName = "Doe",
+        confirm = false,
+        payment_method
+      } = ctx.request.body;
+      const flowResult = await stripeService2.initializePaymentFlow({
+        amount,
+        currency,
+        email,
+        firstName,
+        lastName,
+        confirm,
+        payment_method,
+        metadata: { source: "admin_dashboard_init" }
       });
-      ctx.body = { message: "Product imported successfully", product: product2 };
+      ctx.body = {
+        success: true,
+        data: flowResult
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to initialize payment", { error });
+      ctx.internalServerError(error instanceof Error ? error.message : "Failed to initialize payment");
     }
   },
-  async createPaymentLink(ctx) {
+  /**
+   * Create and confirm a sample payment for dashboard demonstration
+   */
+  async createSamplePayment(ctx) {
     try {
-      const { id } = ctx.params;
-      const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-        where: { id }
+      const stripeService2 = strapi.plugin("payment-plugin").service("stripe");
+      const flowResult = await stripeService2.initializePaymentFlow({
+        amount: 2500,
+        currency: "usd",
+        email: `sample@example.com`,
+        firstName: "Sample",
+        lastName: "Customer",
+        confirm: true,
+        payment_method: "pm_card_visa",
+        // Still using this for the 'test' button to show a success
+        metadata: { is_sample: "true" }
       });
-      if (!product2) {
-        return ctx.notFound("Product not found");
-      }
-      if (!product2.stripeProductId) {
-        return ctx.badRequest("Product is not synced with Stripe");
+      if (flowResult.stripePaymentIntent.status === "succeeded") {
+        await stripeService2.updateStrapiOrder(flowResult.order.documentId, {
+          status: "completed"
+        });
       }
-      const paymentLink = await stripeDriver.createPaymentLink(product2.stripeProductId, {
-        metadata: {
-          product_id: product2.id
-        }
-      });
-      ctx.body = { paymentLink };
+      ctx.body = {
+        success: true,
+        data: flowResult
+      };
     } catch (error) {
-      ctx.throw(500, error);
+      strapi.log.error("Failed to create sample payment", { error });
+      ctx.internalServerError(error instanceof Error ? error.message : "Failed to create sample payment");
     }
   }
-}));
-const subscription$1 = factories.createCoreController(
-  "plugin::strapi-payment-plugin.subscription",
-  ({ strapi }) => ({
-    async create(ctx) {
-      try {
-        const { data } = ctx.request.body;
-        const subscription2 = await strapi.service("plugin::strapi-payment-plugin.subscription").createSubscription(data);
-        ctx.body = subscription2;
-      } catch (error) {
-        ctx.throw(500, error);
+};
+const controllers = {
+  controller,
+  stripe: stripeController
+};
+const middlewares = {
+  /**
+   * Webhook signature validator
+   */
+  "webhook-validator": async (ctx, next) => {
+    try {
+      const signature = ctx.request.headers["stripe-signature"];
+      if (!signature) {
+        return ctx.badRequest("Missing Stripe signature header");
       }
-    },
-    async update(ctx) {
-      try {
-        const { id } = ctx.params;
-        const { data } = ctx.request.body;
-        const subscription2 = await strapi.service("plugin::strapi-payment-plugin.subscription").updateSubscription(id, data);
-        ctx.body = subscription2;
-      } catch (error) {
-        ctx.throw(500, error);
+      if (!ctx.request.body || typeof ctx.request.body === "object") {
+        strapi.log.warn("Webhook body already parsed - signature verification may fail");
       }
-    },
-    async find(ctx) {
-      try {
-        console.log("Fetching subscriptions...");
-        const subscriptions = await strapi.db.query("plugin::strapi-payment-plugin.subscription").findMany({
-          orderBy: { startDate: "desc" },
-          populate: ["product", "user"]
-        });
-        ctx.body = subscriptions;
-      } catch (error) {
-        ctx.throw(500, error);
+      ctx.state.isWebhook = true;
+      ctx.state.webhookSignature = signature;
+      await next();
+    } catch (error) {
+      strapi.log.error("Webhook validation failed", { error });
+      return ctx.badRequest("Invalid webhook signature");
+    }
+  },
+  /**
+   * Rate limiter middleware for sensitive operations
+   */
+  rateLimiter: async (ctx, next) => {
+    const clientIP = ctx.request.ip || ctx.request.connection?.remoteAddress || "unknown";
+    const now = Date.now();
+    const windowMs = 60 * 1e3;
+    const maxRequests = 10;
+    if (!strapi.plugin("payment-plugin").service("rateLimiter")) {
+      const config2 = strapi.config.get("plugin::payment-plugin") || {};
+      config2.rateLimits = config2.rateLimits || {};
+      await strapi.config.set("plugin::payment-plugin", config2);
+    }
+    const pluginConfig = strapi.config.get("plugin::payment-plugin") || {};
+    const rateLimits = pluginConfig.rateLimits || {};
+    const clientLimits = rateLimits[clientIP] || { count: 0, resetTime: now + windowMs };
+    if (now > clientLimits.resetTime) {
+      clientLimits.count = 0;
+      clientLimits.resetTime = now + windowMs;
+    }
+    if (clientLimits.count >= maxRequests) {
+      strapi.log.warn("Rate limit exceeded", { clientIP, endpoint: ctx.path });
+      return ctx.tooManyRequests("Too many requests. Please try again later.");
+    }
+    clientLimits.count++;
+    rateLimits[clientIP] = clientLimits;
+    pluginConfig.rateLimits = rateLimits;
+    await strapi.config.set("plugin::payment-plugin", pluginConfig);
+    await next();
+  },
+  /**
+   * Input sanitization middleware
+   */
+  inputSanitizer: async (ctx, next) => {
+    if (ctx.request.body && typeof ctx.request.body === "object") {
+      ctx.request.body = sanitizeObject(ctx.request.body);
+    }
+    if (ctx.query && typeof ctx.query === "object") {
+      ctx.query = sanitizeObject(ctx.query);
+    }
+    await next();
+  }
+};
+function sanitizeObject(obj) {
+  if (typeof obj === "string") {
+    return sanitizeString(obj);
+  }
+  if (Array.isArray(obj)) {
+    return obj.map(sanitizeObject);
+  }
+  if (obj && typeof obj === "object") {
+    const sanitized = {};
+    for (const [key, value] of Object.entries(obj)) {
+      if (/^[a-zA-Z0-9_.-]+$/.test(key)) {
+        sanitized[key] = sanitizeObject(value);
+      }
+    }
+    return sanitized;
+  }
+  return obj;
+}
+function sanitizeString(str) {
+  return str.replace(/[<>\"']/g, "").trim();
+}
+const policies = {
+  isAuthenticated: (ctx) => {
+    if (!ctx.state.user) {
+      return false;
+    }
+    return true;
+  }
+};
+const routes$2 = {
+  type: "content-api",
+  routes: [
+    // Stripe Webhook Handler
+    {
+      method: "POST",
+      path: "/webhook",
+      handler: "stripe.handleWebhook",
+      config: {
+        auth: false,
+        policies: []
       }
     },
-    async findOne(ctx) {
-      try {
-        const { id } = ctx.params;
-        const subscription2 = await strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-          where: { id },
-          populate: ["product", "user"]
-        });
-        if (!subscription2) {
-          return ctx.notFound("Subscription not found");
-        }
-        ctx.body = subscription2;
-      } catch (error) {
-        ctx.throw(500, error);
+    // Payment Intent Operations
+    {
+      method: "POST",
+      path: "/payments/create-intent",
+      handler: "stripe.createPaymentIntent",
+      config: {
+        policies: []
       }
     },
-    async delete(ctx) {
-      try {
-        const { id } = ctx.params;
-        const subscription2 = await strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-          where: { id }
-        });
-        if (!subscription2) {
-          return ctx.notFound("Subscription not found");
-        }
-        if (subscription2.stripeSubscriptionId) {
-          try {
-            const stripeDriver2 = strapi.service("plugin::strapi-payment-plugin.stripeDriver");
-            await stripeDriver2.cancelSubscription(subscription2.stripeSubscriptionId);
-          } catch (stripeError) {
-            console.error("Error canceling subscription in Stripe:", stripeError);
-          }
-        }
-        await strapi.db.query("plugin::strapi-payment-plugin.subscription").delete({
-          where: { id }
-        });
-        ctx.body = { message: "Subscription deleted successfully" };
-      } catch (error) {
-        ctx.throw(500, error);
+    {
+      method: "POST",
+      path: "/payments/confirm/:id",
+      handler: "stripe.confirmPayment",
+      config: {
+        policies: []
       }
     },
-    async sync(ctx) {
-      try {
-        const { id } = ctx.params;
-        const subscription2 = await strapi.service("plugin::strapi-payment-plugin.subscription").syncSubscriptionStatus(id);
-        ctx.body = { message: "Subscription synced successfully", subscription: subscription2 };
-      } catch (error) {
-        ctx.throw(500, error);
+    {
+      method: "GET",
+      path: "/payments/:id",
+      handler: "stripe.getPaymentDetails",
+      config: {
+        policies: []
       }
     },
-    async cancel(ctx) {
-      try {
-        const { id } = ctx.params;
-        const subscription2 = await strapi.service("plugin::strapi-payment-plugin.subscription").cancelSubscription(id);
-        ctx.body = { message: "Subscription canceled successfully", subscription: subscription2 };
-      } catch (error) {
-        ctx.throw(500, error);
-      }
-    }
-  })
-);
-const controllers = {
-  controller,
-  product: product$1,
-  subscription: subscription$1
-};
-const middlewares = {};
-const policies = {};
-const adminRoutes = {
-  type: "admin",
-  routes: [
     {
       method: "GET",
-      path: "/transactions",
-      handler: "controller.getTransactions",
+      path: "/payments",
+      handler: "stripe.listPayments",
+      config: {
+        policies: []
+      }
+    },
+    // Customer Operations
+    {
+      method: "POST",
+      path: "/customers",
+      handler: "stripe.createCustomer",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
     {
       method: "GET",
-      path: "/products",
-      handler: "product.find",
+      path: "/customers/:id",
+      handler: "stripe.retrieveCustomer",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
     {
       method: "GET",
-      path: "/subscriptions",
-      handler: "subscription.find",
+      path: "/customers",
+      handler: "stripe.listCustomers",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
+    // Order Operations
     {
       method: "POST",
-      path: "/config",
-      handler: "controller.saveConfiguration",
+      path: "/orders",
+      handler: "stripe.createOrder",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
     {
       method: "GET",
-      path: "/config-status",
-      handler: "controller.getConfigStatus",
+      path: "/orders/:id",
+      handler: "stripe.getOrderDetails",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
     {
-      method: "POST",
-      path: "/products",
-      handler: "product.create",
+      method: "GET",
+      path: "/orders",
+      handler: "stripe.listOrders",
       config: {
-        policies: [],
-        auth: false
+        policies: []
       }
     },
+    // Refund Operations
     {
       method: "POST",
-      path: "/products/:id/sync",
-      handler: "product.sync",
+      path: "/payments/:id/refund",
+      handler: "stripe.createRefund",
+      config: {
+        policies: []
+      }
+    }
+  ]
+};
+const routes$1 = {
+  type: "admin",
+  routes: [
+    // Admin Dashboard and Analytics
+    {
+      method: "GET",
+      path: "/admin/dashboard",
+      handler: "stripe.getDashboardData",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Payment Reports
     {
-      method: "DELETE",
-      path: "/products/:id",
-      handler: "product.delete",
+      method: "GET",
+      path: "/admin/reports",
+      handler: "stripe.getPaymentReports",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Configuration Management
     {
-      method: "POST",
-      path: "/subscriptions/:id/sync",
-      handler: "subscription.sync",
+      method: "GET",
+      path: "/admin/config",
+      handler: "stripe.getPluginConfig",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
     {
-      method: "POST",
-      path: "/products/import",
-      handler: "product.importFromStripe",
+      method: "PUT",
+      path: "/admin/config",
+      handler: "stripe.updatePluginConfig",
+      config: {
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
+      }
+    },
+    // Admin Analytics
+    {
+      method: "GET",
+      path: "/admin/analytics",
+      handler: "stripe.getAnalytics",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Admin Payment Management
     {
       method: "POST",
-      path: "/subscriptions/:id/sync",
-      handler: "subscription.sync",
+      path: "/admin/payments/:id/refund",
+      handler: "stripe.adminCreateRefund",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
     {
       method: "GET",
-      path: "/products/stripeProducts",
-      handler: "product.getStripeProducts",
+      path: "/admin/payments",
+      handler: "stripe.adminListPayments",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Admin Customer Management
     {
-      method: "POST",
-      path: "/test-payment",
-      handler: "controller.testPayment",
+      method: "GET",
+      path: "/admin/customers",
+      handler: "stripe.adminListCustomers",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Admin Order Management
     {
-      method: "POST",
-      path: "/test-payment-with-redirect",
-      handler: "controller.testPaymentWithRedirect",
+      method: "GET",
+      path: "/admin/orders",
+      handler: "stripe.adminListOrders",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
-    }
-  ]
-};
-const refundRoutes = {
-  type: "admin",
-  routes: [
+    },
+    // Test Webhook
     {
       method: "POST",
-      path: "/refund",
-      handler: "controller.refundPayment",
+      path: "/admin/test-webhook",
+      handler: "stripe.testWebhook",
       config: {
-        policies: [],
-        auth: false
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
-    }
-  ]
-};
-const contentApi = {
-  type: "content-api",
-  routes: [
+    },
+    // Functional Flow Initializer (Admin/Manual)
     {
       method: "POST",
-      path: "/initiate-payment",
-      handler: "controller.initiatePayment",
+      path: "/admin/initialize-payment",
+      handler: "stripe.initializePayment",
       config: {
-        policies: []
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     },
+    // Sample Payment (for Dashboard)
     {
       method: "POST",
-      path: "/webhook/:gateway",
-      handler: "controller.processWebhook",
+      path: "/admin/create-sample-payment",
+      handler: "stripe.createSamplePayment",
       config: {
-        policies: []
+        policies: ["admin::isAuthenticatedAdmin"],
+        middlewares: []
       }
     }
   ]
 };
-const productRoutes = factories.createCoreRouter("plugin::strapi-payment-plugin.product", {
-  config: {}
-});
-const subscriptionRoutes = factories.createCoreRouter("plugin::strapi-payment-plugin.subscription");
 const routes = {
-  adminRoutes,
-  refundRoutes,
-  contentApi,
-  productRoutes,
-  subscriptionRoutes
-};
-const paypalDriver = {
-  async initializePayment(amount, currency, orderId, options) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async processWebhook(payload, signature) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async refundPayment(transactionId, amount, options) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async getPaymentDetails(transactionId) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async createProduct(productData) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async updateProduct(productId, productData) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async createSubscription(customerId, planId, options) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async updateSubscription(subscriptionId, options) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async cancelSubscription(subscriptionId, reason) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async getSubscription(subscriptionId) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  },
-  async getTransactions(limit, page) {
-    console.warn("PayPal is disabled");
-    return {
-      status: "disabled",
-      message: "PayPal functionality is currently disabled"
-    };
-  }
-};
-const drivers = {
-  stripe: stripeDriver,
-  paypal: paypalDriver
+  "content-api": routes$2,
+  admin: routes$1
 };
-const service = ({ strapi }) => ({
-  async initializePayment(gateway, amount, currency, orderId, options) {
-    const driver = drivers[gateway];
-    if (!driver) throw new Error("Invalid payment gateway");
-    return driver.initializePayment(amount, currency, orderId, options);
-  },
-  async processWebhook(gateway, payload, signature) {
-    const driver = drivers[gateway];
-    if (!driver) throw new Error("Invalid payment gateway");
-    return driver.processWebhook(payload, signature);
-  },
-  async refundPayment(gateway, transactionId, amount, options) {
-    const driver = drivers[gateway];
-    if (!driver) throw new Error("Invalid payment gateway");
-    return driver.refundPayment(transactionId, amount, options);
-  },
-  async getPaymentDetails(gateway, transactionId) {
-    const driver = drivers[gateway];
-    if (!driver) throw new Error("Invalid payment gateway");
-    return driver.getPaymentDetails(transactionId);
-  },
-  async getTransactions(gateway, status, limit = 10, offset = 0) {
-    if (gateway == "all") {
-      const allTransactions = [];
-      for (const key of Object.keys(drivers)) {
-        const transactions = await this.getTransactions(key, status, limit, offset);
-        allTransactions.push(...transactions.data);
-      }
-      return {
-        data: allTransactions,
-        meta: {
-          total: allTransactions.length,
-          limit,
-          offset
-        }
+const stripeService = ({ strapi: strapi2 }) => {
+  let stripe = null;
+  const getConfig = () => {
+    return strapi2.config.get("plugin::payment-plugin") || {};
+  };
+  const getLogger = () => {
+    return strapi2.log;
+  };
+  const getCombinedConfig = async () => {
+    const staticConfig = strapi2.config.get("plugin::payment-plugin") || {};
+    try {
+      const store = strapi2.store({ type: "plugin", name: "payment-plugin" });
+      const dbConfig = await store.get({ key: "settings" });
+      const safeDbConfig = dbConfig && typeof dbConfig === "object" ? dbConfig : {};
+      return { ...staticConfig, ...safeDbConfig };
+    } catch (error) {
+      return staticConfig;
+    }
+  };
+  const initializeStripe = async () => {
+    if (stripe) {
+      return stripe;
+    }
+    const config2 = await getCombinedConfig();
+    const stripeConfig = config2.stripe || {};
+    const secretKey = stripeConfig.secretKey || process.env.STRIPE_SECRET_KEY || (process.env.STRIPE_WEBHOOK_SECRET?.startsWith("sk_") ? process.env.STRIPE_WEBHOOK_SECRET : null) || (process.env.STRIPE_API_KEY?.startsWith("sk_") ? process.env.STRIPE_API_KEY : null);
+    if (!secretKey) {
+      throw new Error("Stripe Secret Key not found. Please configure it in the plugin settings or set the STRIPE_SECRET_KEY environment variable.");
+    }
+    const apiVersion = stripeConfig.apiVersion || "2024-06-20";
+    stripe = new Stripe(secretKey, {
+      apiVersion
+    });
+    getLogger().info("Stripe service initialized successfully");
+    return stripe;
+  };
+  const getStripe = () => {
+    return stripe;
+  };
+  const createPaymentIntent = async (params) => {
+    try {
+      const stripe2 = await initializeStripe();
+      const config2 = await getCombinedConfig();
+      const logger = getLogger();
+      const { amount, currency, metadata = {}, customer: customer2, orderId, customerId, payment_method, confirm } = params;
+      const enhancedMetadata = {
+        ...metadata,
+        ...orderId && { strapi_order_id: orderId.toString() },
+        ...customerId && { strapi_customer_id: customerId.toString() },
+        source: "strapi_payment_plugin"
       };
-    } else if (drivers[gateway]) {
-      const driver = drivers[gateway];
-      let transactions = [];
-      if (gateway === "stripe") {
-        let startingAfter = null;
-        if (offset > 0) {
-          startingAfter = offset.toString();
+      const paymentIntentData = {
+        amount,
+        currency,
+        metadata: enhancedMetadata,
+        automatic_payment_methods: {
+          enabled: true,
+          ...confirm && { allow_redirects: "never" }
         }
-        transactions = await driver.getTransactions(limit, startingAfter);
-      } else if (gateway === "paypal") {
-        console.warn("Paypal is disabled for now");
+      };
+      if (customer2) {
+        paymentIntentData.customer = customer2;
       }
-      if (!transactions) {
-        return;
+      if (payment_method) {
+        paymentIntentData.payment_method = payment_method;
       }
-      const formattedTransactions = transactions.map((txn) => {
-        let amount, currency, customer, paymentMethod, txnStatus, date;
-        if (gateway === "stripe") {
-          amount = (txn.amount_received || txn.amount) / 100;
-          currency = txn.currency.toUpperCase();
-          customer = txn.metadata?.customer || txn.customer || "unknown";
-          paymentMethod = txn.payment_method_types?.[0] || "unknown";
-          txnStatus = txn.status;
-          date = new Date(txn.created * 1e3).toISOString();
-        } else if (gateway === "paypal") {
-          amount = parseFloat(txn.amount_with_breakdown?.gross_amount?.value || "0");
-          currency = txn.amount_with_breakdown?.gross_amount?.currency_code || "USD";
-          customer = txn.payer_info?.email_address || "unknown";
-          paymentMethod = txn.payment_source?.paypal?.name || "paypal";
-          txnStatus = txn.status;
-          date = new Date(txn.create_time).toISOString();
-        }
-        return {
-          id: txn.id,
-          amount,
-          currency,
-          status: txnStatus,
-          date,
-          customer,
-          paymentMethod,
-          gateway
-        };
+      if (confirm) {
+        paymentIntentData.confirm = confirm;
+      }
+      const paymentIntent = await stripe2.paymentIntents.create(paymentIntentData);
+      logger.info("Payment intent created", {
+        paymentIntentId: paymentIntent.id,
+        amount,
+        currency,
+        orderId,
+        customerId
       });
-      return {
-        data: formattedTransactions,
-        meta: {
-          total: formattedTransactions.length,
-          limit,
-          offset
+      return paymentIntent;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to create payment intent", { error, params });
+      throw error;
+    }
+  };
+  const confirmPayment = async (paymentIntentId) => {
+    try {
+      const stripe2 = await initializeStripe();
+      const logger = getLogger();
+      const paymentIntent = await stripe2.paymentIntents.confirm(paymentIntentId);
+      logger.info("Payment confirmed", { paymentIntentId, status: paymentIntent.status });
+      return paymentIntent;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to confirm payment", { error, paymentIntentId });
+      throw error;
+    }
+  };
+  const createCustomer = async (params) => {
+    try {
+      const stripe2 = await initializeStripe();
+      const logger = getLogger();
+      const { email, firstName, lastName, phone, address, metadata = {}, strapiCustomerId } = params;
+      const customerData = {
+        email,
+        name: `${firstName} ${lastName}`,
+        phone,
+        address,
+        metadata: {
+          ...metadata,
+          ...strapiCustomerId && { strapi_customer_id: strapiCustomerId.toString() },
+          first_name: firstName,
+          last_name: lastName,
+          source: "strapi_payment_plugin"
         }
       };
-    } else {
-      throw new Error("Invalid payment gateway");
+      const customer2 = await stripe2.customers.create(customerData);
+      logger.info("Customer created in Stripe", {
+        customerId: customer2.id,
+        email,
+        strapiCustomerId
+      });
+      return customer2;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to create customer", { error, params });
+      throw error;
     }
-  },
-  async saveConfiguration(configData) {
-    return {
-      success: true,
-      message: "Configuration saved successfully",
-      data: configData
-    };
-  },
-  async getConfigStatus() {
-    const stripeConfigured = !!(process.env.STRIPE_SECRET_KEY && process.env.STRIPE_PUBLISHABLE_KEY && process.env.STRIPE_WEBHOOK_SECRET);
-    const paypalConfigured = !!(process.env.PAYPAL_CLIENT_ID && process.env.PAYPAL_CLIENT_SECRET && process.env.PAYPAL_WEBHOOK_ID);
-    return {
-      stripe: stripeConfigured,
-      paypal: paypalConfigured
-    };
-  }
-});
-const product = factories.createCoreService("plugin::strapi-payment-plugin.product", ({ strapi }) => ({
-  async createProduct(productData) {
-    const strapiProduct = await strapi.db.query("plugin::strapi-payment-plugin.product").create({
-      data: productData
-    });
-    if (config.stripe.secretKey) {
-      try {
-        const stripeProduct = await stripeDriver.createProduct(productData);
-        await strapi.db.query("plugin::strapi-payment-plugin.product").update({
-          where: { id: strapiProduct.id },
-          data: {
-            stripeProductId: stripeProduct.id
-          }
-        });
-      } catch (error) {
-        console.error("Error creating product in Stripe:", error);
-      }
+  };
+  const retrieveCustomer = async (customerId) => {
+    try {
+      const stripe2 = await initializeStripe();
+      const logger = getLogger();
+      const customer2 = await stripe2.customers.retrieve(customerId);
+      logger.info("Customer retrieved from Stripe", { customerId });
+      return customer2;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to retrieve customer", { error, customerId });
+      throw error;
     }
-    if (config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        console.warn("PayPal is disabled");
-      } catch (error) {
-        console.error("Error creating product in PayPal:", error);
+  };
+  const createRefund = async (params) => {
+    try {
+      const stripe2 = await initializeStripe();
+      const logger = getLogger();
+      const { paymentIntentId, amount, reason, metadata = {} } = params;
+      const refundData = {
+        payment_intent: paymentIntentId,
+        metadata: {
+          ...metadata,
+          source: "strapi_payment_plugin",
+          refunded_at: (/* @__PURE__ */ new Date()).toISOString()
+        }
+      };
+      if (amount) {
+        refundData.amount = amount;
       }
-    }
-    return strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-      where: { id: strapiProduct.id }
-    });
-  },
-  async updateProduct(id, productData) {
-    const updatedProduct = await strapi.db.query("plugin::strapi-payment-plugin.product").update({
-      where: { id },
-      data: productData
-    });
-    if (updatedProduct.stripeProductId && config.stripe.secretKey) {
-      try {
-        await stripeDriver.updateProduct(updatedProduct.stripeProductId, productData);
-      } catch (error) {
-        console.error("Error updating product in Stripe:", error);
+      if (reason) {
+        refundData.reason = reason;
       }
+      const refund = await stripe2.refunds.create(refundData);
+      logger.info("Refund processed", {
+        refundId: refund.id,
+        paymentIntentId,
+        amount: refund.amount
+      });
+      return refund;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to create refund", { error, params });
+      throw error;
     }
-    if (updatedProduct.paypalProductId && config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        await paypalDriver.updateProduct(updatedProduct.paypalProductId, productData);
-      } catch (error) {
-        console.error("Error updating product in PayPal:", error);
-      }
+  };
+  const constructEvent = async (payload, signature) => {
+    const stripe2 = await initializeStripe();
+    const config2 = await getCombinedConfig();
+    const stripeConfig = config2.stripe || {};
+    const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET || stripeConfig.webhookSecret;
+    if (!webhookSecret) {
+      throw new Error("Stripe webhook secret not configured. Please set STRIPE_WEBHOOK_SECRET environment variable.");
     }
-    return updatedProduct;
-  }
-}));
-const subscription = factories.createCoreService("plugin::strapi-payment-plugin.subscription", ({ strapi }) => ({
-  async createSubscription(subscriptionData) {
-    const strapiSubscription = await strapi.db.query("plugin::strapi-payment-plugin.subscription").create({
-      data: subscriptionData
-    });
-    const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-      where: { id: subscriptionData.product }
-    });
-    if (product2.stripeProductId && config.stripe.secretKey) {
-      try {
-        let customerId = subscriptionData.stripeCustomerId;
-        if (!customerId) {
-          const customer = await stripeDriver.customers.create({
-            email: subscriptionData.email || "customer@example.com",
-            name: subscriptionData.customerName || "Customer"
-          });
-          customerId = customer.id;
-          await strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-            where: { id: strapiSubscription.id },
-            data: {
-              stripeCustomerId: customerId
-            }
-          });
+    try {
+      return stripe2.webhooks.constructEvent(payload, signature, webhookSecret);
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to construct webhook event", { error });
+      throw error;
+    }
+  };
+  const updateStrapiPayment = async (stripePaymentIntentId, data) => {
+    try {
+      const existingPayments = await strapi2.documents("plugin::payment-plugin.payment").findMany({
+        filters: {
+          stripe_payment_intent_id: stripePaymentIntentId
         }
-        const stripeSubscription = await stripeDriver.createSubscription(
-          customerId,
-          product2.stripeProductId,
-          {
-            metadata: { strapiSubscriptionId: strapiSubscription.id }
-          }
-        );
-        await strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-          where: { id: strapiSubscription.id },
-          data: {
-            stripeSubscriptionId: stripeSubscription.id
-          }
+      });
+      if (existingPayments.length > 0) {
+        await strapi2.documents("plugin::payment-plugin.payment").update({
+          documentId: existingPayments[0].documentId,
+          data
         });
-      } catch (error) {
-        console.error("Error creating subscription in Stripe:", error);
-      }
-    }
-    if (product2.paypalProductId && config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        console.warn("PayPal is disabled");
-      } catch (error) {
-        console.error("Error creating subscription in PayPal:", error);
       }
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to update Strapi payment record", {
+        error,
+        stripePaymentIntentId,
+        data
+      });
     }
-    return strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-      where: { id: strapiSubscription.id }
-    });
-  },
-  async updateSubscription(id, subscriptionData) {
-    const updatedSubscription = await strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-      where: { id },
-      data: subscriptionData
-    });
-    if (updatedSubscription.stripeSubscriptionId && config.stripe.secretKey) {
-      try {
-        await stripeDriver.updateSubscription(updatedSubscription.stripeSubscriptionId, {
-          metadata: { strapiSubscriptionId: updatedSubscription.id }
-        });
-      } catch (error) {
-        console.error("Error updating subscription in Stripe:", error);
-      }
+  };
+  const updateStrapiOrder = async (orderId, data) => {
+    try {
+      await strapi2.documents("plugin::payment-plugin.order").update({
+        documentId: orderId,
+        data
+      });
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to update Strapi order record", {
+        error,
+        orderId,
+        data
+      });
     }
-    if (updatedSubscription.paypalSubscriptionId && config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        const product2 = await strapi.db.query("plugin::strapi-payment-plugin.product").findOne({
-          where: { id: updatedSubscription.product }
-        });
-        await paypalDriver.updateSubscription(updatedSubscription.paypalSubscriptionId, {
-          plan_id: product2.paypalProductId
-        });
-      } catch (error) {
-        console.error("Error updating subscription in PayPal:", error);
-      }
+  };
+  const updateStrapiCustomer = async (customerId, data) => {
+    try {
+      await strapi2.documents("plugin::payment-plugin.customer").update({
+        documentId: customerId,
+        data
+      });
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to update Strapi customer record", {
+        error,
+        customerId,
+        data
+      });
     }
-    return updatedSubscription;
-  },
-  async cancelSubscription(id) {
-    const subscription2 = await strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-      where: { id }
+  };
+  const createCustomerRecord = async (data) => {
+    return strapi2.documents("plugin::payment-plugin.customer").create({
+      data
     });
-    if (!subscription2) {
-      throw new Error("Subscription not found");
-    }
-    if (subscription2.stripeSubscriptionId && config.stripe.secretKey) {
-      try {
-        await stripeDriver.cancelSubscription(subscription2.stripeSubscriptionId);
-      } catch (error) {
-        console.error("Error canceling subscription in Stripe:", error);
-      }
-    }
-    if (subscription2.paypalSubscriptionId && config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        console.warn("PayPal is disabled");
-      } catch (error) {
-        console.error("Error canceling subscription in PayPal:", error);
-      }
-    }
-    return strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-      where: { id },
+  };
+  const createOrderRecord = async (data) => {
+    return strapi2.documents("plugin::payment-plugin.order").create({
       data: {
-        status: "canceled",
-        endDate: /* @__PURE__ */ new Date()
+        ...data,
+        status: data.status || "pending"
       }
     });
-  },
-  async syncSubscriptionStatus(id) {
-    const subscription2 = await strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-      where: { id }
+  };
+  const createStrapiPaymentRecord = async (paymentIntent) => {
+    try {
+      const metadata = paymentIntent.metadata || {};
+      const customerId = metadata.strapi_customer_id;
+      const orderId = metadata.strapi_order_id;
+      const paymentData = {
+        stripe_payment_intent_id: paymentIntent.id,
+        amount: paymentIntent.amount / 100,
+        currency: paymentIntent.currency,
+        status: paymentIntent.status,
+        payment_method: paymentIntent.payment_method || "card",
+        metadata: paymentIntent.metadata,
+        customer: customerId,
+        order: orderId
+      };
+      const record = await strapi2.documents("plugin::payment-plugin.payment").create({
+        data: paymentData
+      });
+      getLogger().info("Created Strapi payment record", {
+        paymentIntentId: paymentIntent.id,
+        strapiOrderId: orderId,
+        strapiCustomerId: customerId
+      });
+      return record;
+    } catch (error) {
+      const logger = getLogger();
+      logger.error("Failed to create Strapi payment record", {
+        error,
+        paymentIntentId: paymentIntent.id
+      });
+      throw error;
+    }
+  };
+  const initializePaymentFlow = async (params) => {
+    const {
+      amount,
+      currency,
+      email,
+      firstName,
+      lastName,
+      items = [{ name: "Default Item", amount, quantity: 1 }],
+      metadata = {},
+      confirm = false,
+      payment_method,
+      orderNumber = `ORD-${Date.now()}`
+    } = params;
+    const stripeCustomer = await createCustomer({
+      email,
+      firstName,
+      lastName
     });
-    if (!subscription2) {
-      throw new Error("Subscription not found");
+    const customers = await strapi2.documents("plugin::payment-plugin.customer").findMany({
+      filters: { email: { $eq: email } }
+    });
+    let strapiCustomer;
+    if (customers.length > 0) {
+      strapiCustomer = customers[0];
+      await updateStrapiCustomer(strapiCustomer.documentId, {
+        stripe_customer_id: stripeCustomer.id
+      });
+    } else {
+      strapiCustomer = await createCustomerRecord({
+        email,
+        first_name: firstName,
+        last_name: lastName,
+        stripe_customer_id: stripeCustomer.id
+      });
     }
-    if (subscription2.stripeSubscriptionId && config.stripe.secretKey) {
-      try {
-        const stripeSubscription = await stripeDriver.getSubscription(
-          subscription2.stripeSubscriptionId
-        );
-        await strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-          where: { id },
-          data: {
-            status: stripeSubscription.status
-          }
+    const strapiOrder = await createOrderRecord({
+      order_number: orderNumber,
+      total_amount: amount / 100,
+      currency,
+      customer: strapiCustomer.documentId,
+      items,
+      metadata
+    });
+    const paymentIntent = await createPaymentIntent({
+      amount,
+      currency,
+      customerId: strapiCustomer.documentId,
+      orderId: strapiOrder.documentId,
+      customer: stripeCustomer.id,
+      confirm,
+      payment_method,
+      metadata: { ...metadata, flow: "functional_api" }
+    });
+    const strapiPayment = await createStrapiPaymentRecord(paymentIntent);
+    return {
+      payment: strapiPayment,
+      order: strapiOrder,
+      customer: strapiCustomer,
+      stripePaymentIntent: paymentIntent
+    };
+  };
+  const handleWebhook = async (event) => {
+    const logger = getLogger();
+    const config2 = getConfig();
+    const webhookConfig = config2.logging || {};
+    try {
+      if (webhookConfig.enableWebhookLogging) {
+        logger.info("Processing Stripe webhook", {
+          eventType: event.type,
+          eventId: event.id
         });
-      } catch (error) {
-        console.error("Error syncing subscription status from Stripe:", error);
       }
-    }
-    if (subscription2.paypalSubscriptionId && config.paypal.clientId && config.paypal.clientSecret) {
-      try {
-        const paypalSubscription = await paypalDriver.getSubscription(
-          subscription2.paypalSubscriptionId
-        );
-        await strapi.db.query("plugin::strapi-payment-plugin.subscription").update({
-          where: { id },
-          data: {
-            status: paypalSubscription.status
+      switch (event.type) {
+        case "payment_intent.succeeded": {
+          const paymentIntent = event.data.object;
+          try {
+            const existingPayments = await strapi2.documents("plugin::payment-plugin.payment").findMany({
+              filters: {
+                stripe_payment_intent_id: paymentIntent.id
+              }
+            });
+            if (existingPayments.length > 0) {
+              await strapi2.documents("plugin::payment-plugin.payment").update({
+                documentId: existingPayments[0].documentId,
+                data: {
+                  status: "succeeded",
+                  metadata: paymentIntent.metadata
+                }
+              });
+            } else {
+              await createStrapiPaymentRecord(paymentIntent);
+            }
+          } catch (error) {
+            await createStrapiPaymentRecord(paymentIntent);
           }
-        });
-      } catch (error) {
-        console.error("Error syncing subscription status from PayPal:", error);
+          const orderId = paymentIntent.metadata?.strapi_order_id;
+          if (orderId) {
+            await updateStrapiOrder(orderId, {
+              status: "completed"
+            });
+          }
+          logger.info("Payment succeeded", {
+            paymentIntentId: paymentIntent.id,
+            amount: paymentIntent.amount,
+            orderId
+          });
+          break;
+        }
+        case "payment_intent.payment_failed": {
+          const paymentIntent = event.data.object;
+          await updateStrapiPayment(paymentIntent.id, {
+            status: "failed",
+            metadata: paymentIntent.metadata
+          });
+          const orderId = paymentIntent.metadata?.strapi_order_id;
+          if (orderId) {
+            await updateStrapiOrder(orderId, {
+              status: "failed"
+            });
+          }
+          logger.warn("Payment failed", {
+            paymentIntentId: paymentIntent.id,
+            orderId,
+            lastError: paymentIntent.last_payment_error
+          });
+          break;
+        }
+        case "payment_intent.canceled": {
+          const paymentIntent = event.data.object;
+          await updateStrapiPayment(paymentIntent.id, {
+            status: "canceled",
+            metadata: paymentIntent.metadata
+          });
+          const orderId = paymentIntent.metadata?.strapi_order_id;
+          if (orderId) {
+            await updateStrapiOrder(orderId, {
+              status: "failed"
+            });
+          }
+          logger.info("Payment canceled", {
+            paymentIntentId: paymentIntent.id,
+            orderId
+          });
+          break;
+        }
+        case "charge.refunded": {
+          const charge = event.data.object;
+          if (charge.payment_intent) {
+            await updateStrapiPayment(charge.payment_intent, {
+              status: "refunded"
+            });
+            const orderId = charge.metadata?.strapi_order_id;
+            if (orderId) {
+              await updateStrapiOrder(orderId, {
+                status: "refunded"
+              });
+            }
+          }
+          logger.info("Charge refunded", {
+            chargeId: charge.id,
+            paymentIntentId: charge.payment_intent,
+            amount: charge.amount_refunded,
+            orderId: charge.metadata?.strapi_order_id
+          });
+          break;
+        }
+        case "customer.created": {
+          const customer2 = event.data.object;
+          const strapiCustomerId = customer2.metadata?.strapi_customer_id;
+          if (strapiCustomerId) {
+            await updateStrapiCustomer(strapiCustomerId, {
+              stripe_customer_id: customer2.id,
+              metadata: customer2.metadata
+            });
+          }
+          logger.info("Customer created in Stripe", {
+            stripeCustomerId: customer2.id,
+            strapiCustomerId
+          });
+          break;
+        }
+        default:
+          logger.info("Unhandled webhook event type", { eventType: event.type });
       }
+    } catch (error) {
+      logger.error("Error processing webhook", {
+        error,
+        eventType: event.type,
+        eventId: event.id
+      });
+      throw error;
     }
-    return strapi.db.query("plugin::strapi-payment-plugin.subscription").findOne({
-      where: { id }
-    });
-  }
-}));
+  };
+  return {
+    initializeStripe,
+    createPaymentIntent,
+    confirmPayment,
+    createCustomer,
+    retrieveCustomer,
+    createRefund,
+    handleWebhook,
+    constructEvent,
+    updateStrapiOrder,
+    updateStrapiCustomer,
+    createStrapiPaymentRecord,
+    createCustomerRecord,
+    createOrderRecord,
+    initializePaymentFlow,
+    getStripe
+  };
+};
 const services = {
-  service,
-  product,
-  subscription
+  stripe: stripeService
 };
 const index = {
   register,