@riligar/agents-kit 1.17.0 → 1.18.0

package/.agent/skills/riligar-infra-stripe/SKILL.md

@@ -151,7 +151,7 @@ Instrua o usuário:
 >
 > 1. Acesse https://dashboard.stripe.com/webhooks
 > 2. Clique em "Add endpoint"
-> 3. URL: `https://seu-dominio.com/webhook/stripe`
+> 3. URL: `https://seu-dominio.com/api/webhook`
 > 4. Selecione os eventos:
 >    - `checkout.session.completed`
 >    - `customer.subscription.updated`
@@ -171,14 +171,15 @@ Gere todos os arquivos necessários usando os templates de [assets/](assets/):
 | `routes/billing.js` | stripe-server.js (seção 2) |
 | `routes/webhook.js` | stripe-server.js (seção 3) |
 | `services/billing.js` | stripe-server.js (seção 4) |
-| `config/stripe-prices.js` | Price IDs coletados |
+| `config/stripe-prices.js` | Price IDs coletados (Step 9) |
+| `config/plans.js` | PLAN_MAP + PLAN_LIMITS (Step 9) |
 | `pages/Pricing.jsx` | stripe-client.js (seção 3) |
 | `components/BillingSettings.jsx` | stripe-client.js (seção 4) |
 | `hooks/useSubscription.js` | stripe-client.js (seção 2) |
 
-### Step 9: Criar Config de Preços
+### Step 9: Criar Configs de Planos e Preços
 
-Gere o arquivo de configuração com os Price IDs:
+**A) Arquivo de preços (config/stripe-prices.js):**
 
 ```javascript
 // config/stripe-prices.js
@@ -194,6 +195,12 @@ export const STRIPE_PRICES = {
         name: 'Pro',
         price: 99,
         features: ['Projetos ilimitados', 'Suporte prioritário', '10GB storage']
+    },
+    enterprise: {
+        priceId: 'price_COLETADO_ENTERPRISE',
+        name: 'Enterprise',
+        price: 299,
+        features: ['Tudo do Pro', 'Storage ilimitado', 'SLA garantido']
     }
 }
 
@@ -201,6 +208,40 @@ export const getPrice = (plan) => STRIPE_PRICES[plan]
 export const getPriceId = (plan) => STRIPE_PRICES[plan]?.priceId
 ```
 
+**B) Arquivo de mapeamento e limites (config/plans.js):**
+
+```javascript
+// config/plans.js
+
+// Mapeia Price IDs do Stripe para nomes de planos internos
+export const PLAN_MAP = {
+    'price_COLETADO_STARTER': 'starter',
+    'price_COLETADO_PRO': 'pro',
+    'price_COLETADO_ENTERPRISE': 'enterprise',
+}
+
+// Define limites de features por plano
+export const PLAN_LIMITS = {
+    free: {
+        maxFlows: 1,
+        maxContacts: 100,
+        // Adicione outros limites conforme necessário
+    },
+    starter: {
+        maxFlows: 3,
+        maxContacts: 500,
+    },
+    pro: {
+        maxFlows: 15,
+        maxContacts: 5000,
+    },
+    enterprise: {
+        maxFlows: 55,
+        maxContacts: Infinity,
+    },
+}
+```
+
 ---
 
 ## Checklist Final
@@ -211,11 +252,13 @@ Ao completar o setup, confirme:
 - [ ] Chaves no `.env.development` e `.env.production` (backend e frontend)
 - [ ] Produtos criados no Stripe
 - [ ] Price IDs configurados em `config/stripe-prices.js`
-- [ ] Schema do database atualizado
-- [ ] Webhook endpoint configurado no Stripe Dashboard
+- [ ] `PLAN_MAP` e `PLAN_LIMITS` configurados em `config/plans.js`
+- [ ] Schema do database atualizado (campos Stripe na tabela users)
+- [ ] Webhook endpoint configurado no Stripe Dashboard (`/api/webhook`)
 - [ ] Webhook secret nos arquivos de ambiente
-- [ ] Rotas de billing funcionando
-- [ ] Página de pricing criada
+- [ ] Rotas de billing funcionando (`/api/billing/*`)
+- [ ] Página de pricing criada (com token de auth no ky)
+- [ ] `useSubscription` hook com header Authorization
 - [ ] Testado com cartão 4242 4242 4242 4242
 
 ---
@@ -229,8 +272,8 @@ brew install stripe/stripe-cli/stripe
 # Login
 stripe login
 
-# Forward webhooks
-stripe listen --forward-to localhost:3000/webhook/stripe
+# Forward webhooks (ajuste a porta conforme seu backend)
+stripe listen --forward-to localhost:3333/api/webhook
 
 # Testar checkout
 stripe trigger checkout.session.completed

package/.agent/skills/riligar-infra-stripe/assets/stripe-client.js

@@ -32,6 +32,20 @@ export const elementsAppearance = {
 import { useState, useEffect } from 'react'
 import ky from 'ky'
 
+const api = ky.create({
+    prefixUrl: import.meta.env.VITE_API_URL || 'http://localhost:3333',
+    hooks: {
+        beforeRequest: [
+            request => {
+                const token = localStorage.getItem('auth:token')
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`)
+                }
+            },
+        ],
+    },
+})
+
 export function useSubscription() {
     const [subscription, setSubscription] = useState(null)
     const [loading, setLoading] = useState(true)
@@ -40,7 +54,7 @@ export function useSubscription() {
     const fetchSubscription = async () => {
         setLoading(true)
         try {
-            const data = await ky.get('/api/billing/subscription').json()
+            const data = await api.get('api/billing/subscription').json()
             setSubscription(data)
             setError(null)
         } catch (err) {
@@ -77,35 +91,52 @@ import { IconCheck } from '@tabler/icons-react'
 import { useState } from 'react'
 import ky from 'ky'
 
+// Importar do arquivo de configuração centralizado
+// import { STRIPE_PRICES } from '../config/stripe-prices'
+
 const plans = [
     {
         name: 'Starter',
-        priceId: 'price_starter_monthly',
+        priceId: 'price_starter_monthly', // Substituir pelo valor de STRIPE_PRICES.starter.priceId
         price: 29,
         features: ['5 projetos', 'Suporte por email', '1GB de storage']
     },
     {
         name: 'Pro',
-        priceId: 'price_pro_monthly',
+        priceId: 'price_pro_monthly', // Substituir pelo valor de STRIPE_PRICES.pro.priceId
         price: 99,
         popular: true,
         features: ['Projetos ilimitados', 'Suporte prioritário', '10GB de storage', 'API access']
     },
     {
         name: 'Enterprise',
-        priceId: 'price_enterprise_monthly',
+        priceId: 'price_enterprise_monthly', // Substituir pelo valor de STRIPE_PRICES.enterprise.priceId
         price: 299,
         features: ['Tudo do Pro', 'Suporte dedicado', 'Storage ilimitado', 'SLA garantido']
     }
 ]
 
+const api = ky.create({
+    prefixUrl: import.meta.env.VITE_API_URL || 'http://localhost:3333',
+    hooks: {
+        beforeRequest: [
+            request => {
+                const token = localStorage.getItem('auth:token')
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`)
+                }
+            },
+        ],
+    },
+})
+
 export default function Pricing() {
     const [loading, setLoading] = useState(null)
 
     const handleCheckout = async (priceId) => {
         setLoading(priceId)
         try {
-            const { url } = await ky.post('/api/billing/checkout', {
+            const { url } = await api.post('api/billing/checkout', {
                 json: { priceId, mode: 'subscription' }
             }).json()
             window.location.href = url
@@ -178,12 +209,26 @@ import { Button, Card, Group, Stack, Text, Title, Badge, Divider } from '@mantin
 import { useState, useEffect } from 'react'
 import ky from 'ky'
 
+const api = ky.create({
+    prefixUrl: import.meta.env.VITE_API_URL || 'http://localhost:3333',
+    hooks: {
+        beforeRequest: [
+            request => {
+                const token = localStorage.getItem('auth:token')
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`)
+                }
+            },
+        ],
+    },
+})
+
 export default function BillingSettings() {
     const [subscription, setSubscription] = useState(null)
     const [loading, setLoading] = useState(false)
 
     useEffect(() => {
-        ky.get('/api/billing/subscription').json()
+        api.get('api/billing/subscription').json()
             .then(setSubscription)
             .catch(console.error)
     }, [])
@@ -191,7 +236,7 @@ export default function BillingSettings() {
     const openPortal = async () => {
         setLoading(true)
         try {
-            const { url } = await ky.post('/api/billing/portal').json()
+            const { url } = await api.post('api/billing/portal').json()
             window.location.href = url
         } finally {
             setLoading(false)
@@ -201,9 +246,9 @@ export default function BillingSettings() {
     const cancelSubscription = async () => {
         setLoading(true)
         try {
-            await ky.post('/api/billing/subscription/cancel').json()
+            await api.post('api/billing/subscription/cancel').json()
             // Refresh subscription data
-            const data = await ky.get('/api/billing/subscription').json()
+            const data = await api.get('api/billing/subscription').json()
             setSubscription(data)
         } finally {
             setLoading(false)
@@ -356,12 +401,26 @@ import { IconDownload } from '@tabler/icons-react'
 import { useState, useEffect } from 'react'
 import ky from 'ky'
 
+const api = ky.create({
+    prefixUrl: import.meta.env.VITE_API_URL || 'http://localhost:3333',
+    hooks: {
+        beforeRequest: [
+            request => {
+                const token = localStorage.getItem('auth:token')
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`)
+                }
+            },
+        ],
+    },
+})
+
 export default function InvoiceList() {
     const [invoices, setInvoices] = useState([])
     const [loading, setLoading] = useState(true)
 
     useEffect(() => {
-        ky.get('/api/billing/invoices').json()
+        api.get('api/billing/invoices').json()
             .then(({ data }) => setInvoices(data))
             .catch(console.error)
             .finally(() => setLoading(false))

package/.agent/skills/riligar-infra-stripe/assets/stripe-server.js

@@ -22,36 +22,62 @@ export const stripePlugin = new Elysia({ name: 'stripe' })
 
 // routes/billing.js
 import { Elysia, t } from 'elysia'
-import { stripePlugin } from '../plugins/stripe'
-import { billingService } from '../services/billing'
+import { stripePlugin } from '../plugins/stripe.js'
+import { billingService } from '../services/billing.js'
 
-export const billingRoutes = new Elysia({ prefix: '/billing' })
+export const billingRoutes = new Elysia({ prefix: '/api/billing' })
     .use(stripePlugin)
+    // Resolve localUser a partir do token de auth.
+    // Auto-cria usuário local e Stripe Customer se ainda não existirem.
+    .derive(async ({ stripe, user }) => {
+        if (!user) {
+            return { localUser: null }
+        }
+
+        const email = user.email || user.emailAddress || user.primaryEmail
+        let localUser = await billingService.getOrCreateUser(user.id, email)
+
+        if (!localUser) {
+            return { localUser: null }
+        }
+
+        if (!localUser.stripeCustomerId && email) {
+            try {
+                const stripeCustomerId = await billingService.getOrCreateStripeCustomer(stripe, user.id, email)
+                localUser.stripeCustomerId = stripeCustomerId
+            } catch (err) {
+                console.error('Failed to auto-create Stripe Customer:', err.message)
+            }
+        }
+
+        return { localUser }
+    })
 
     // Create checkout session
-    .post('/checkout', async ({ stripe, body, user }) => {
-        // Get or create Stripe customer
-        let customerId = user.stripeCustomerId
-        if (!customerId) {
-            const customer = await stripe.customers.create({
-                email: user.email,
-                name: user.name,
-                metadata: { userId: user.id }
-            })
-            customerId = customer.id
-            await billingService.linkStripeCustomer(user.id, customerId)
+    .post('/checkout', async ({ stripe, body, user, localUser, set }) => {
+        if (!user) {
+            set.status = 401
+            return { error: 'Unauthorized' }
         }
 
-        const session = await stripe.checkout.sessions.create({
-            mode: body.mode,
-            customer: customerId,
-            line_items: [{ price: body.priceId, quantity: 1 }],
-            success_url: `${process.env.APP_URL}/success?session_id={CHECKOUT_SESSION_ID}`,
-            cancel_url: `${process.env.APP_URL}/pricing`,
-            metadata: { userId: user.id }
-        })
+        try {
+            const stripeCustomerId = await billingService.getOrCreateStripeCustomer(stripe, user.id, user.email)
+
+            const session = await stripe.checkout.sessions.create({
+                mode: body.mode,
+                customer: stripeCustomerId,
+                line_items: [{ price: body.priceId, quantity: 1 }],
+                success_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing/success?session_id={CHECKOUT_SESSION_ID}`,
+                cancel_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing`,
+                metadata: { userId: user.id },
+            })
 
-        return { url: session.url }
+            return { url: session.url }
+        } catch (error) {
+            console.error('Checkout session creation failed:', error)
+            set.status = 500
+            return { error: 'Internal Server Error', message: error.message }
+        }
     }, {
         body: t.Object({
             priceId: t.String(),
@@ -60,45 +86,72 @@ export const billingRoutes = new Elysia({ prefix: '/billing' })
     })
 
     // Get subscription status
-    .get('/subscription', async ({ stripe, user }) => {
-        if (!user.stripeSubscriptionId) {
-            return { status: 'none', plan: null }
+    .get('/subscription', async ({ stripe, localUser }) => {
+        // Retorna dados do DB como base, enriquece com Stripe se houver assinatura
+        const baseResponse = {
+            status: localUser?.subscriptionStatus || 'none',
+            plan: localUser?.plan || 'free',
+            hasBillingAccount: !!localUser?.stripeCustomerId,
+            currentPeriodEnd: localUser?.currentPeriodEnd
+                ? Math.floor(new Date(localUser.currentPeriodEnd).getTime() / 1000)
+                : null,
         }
 
-        const subscription = await stripe.subscriptions.retrieve(user.stripeSubscriptionId)
+        if (!localUser?.stripeSubscriptionId) {
+            return baseResponse
+        }
 
-        return {
-            status: subscription.status,
-            plan: subscription.items.data[0].price.id,
-            currentPeriodEnd: subscription.current_period_end,
-            cancelAtPeriodEnd: subscription.cancel_at_period_end
+        try {
+            const subscription = await stripe.subscriptions.retrieve(localUser.stripeSubscriptionId)
+
+            // current_period_end pode estar nos items em versões mais recentes da API
+            let currentPeriodEnd = subscription.current_period_end
+            if (!currentPeriodEnd && subscription.items?.data?.length > 0) {
+                currentPeriodEnd = subscription.items.data[0].current_period_end
+            }
+
+            return {
+                ...baseResponse,
+                status: subscription.status,
+                currentPeriodEnd,
+                cancelAtPeriodEnd: subscription.cancel_at_period_end,
+            }
+        } catch (error) {
+            console.error('Failed to fetch subscription:', error.message)
+            return { ...baseResponse, status: 'error', message: error.message }
         }
     })
 
     // Customer portal
-    .post('/portal', async ({ stripe, user, set }) => {
-        if (!user.stripeCustomerId) {
+    .post('/portal', async ({ stripe, localUser, set }) => {
+        if (!localUser?.stripeCustomerId) {
             set.status = 400
             return { error: 'No billing account' }
         }
 
-        const portal = await stripe.billingPortal.sessions.create({
-            customer: user.stripeCustomerId,
-            return_url: `${process.env.APP_URL}/account`
-        })
+        try {
+            const portal = await stripe.billingPortal.sessions.create({
+                customer: localUser.stripeCustomerId,
+                return_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing`,
+            })
 
-        return { url: portal.url }
+            return { url: portal.url }
+        } catch (error) {
+            console.error('Failed to create portal session:', error)
+            set.status = 500
+            return { error: 'Internal Server Error' }
+        }
     })
 
     // Cancel subscription
-    .post('/subscription/cancel', async ({ stripe, user, set }) => {
-        if (!user.stripeSubscriptionId) {
+    .post('/subscription/cancel', async ({ stripe, localUser, set }) => {
+        if (!localUser?.stripeSubscriptionId) {
             set.status = 400
             return { error: 'No active subscription' }
         }
 
         const subscription = await stripe.subscriptions.update(
-            user.stripeSubscriptionId,
+            localUser.stripeSubscriptionId,
             { cancel_at_period_end: true }
         )
 
@@ -109,14 +162,14 @@ export const billingRoutes = new Elysia({ prefix: '/billing' })
     })
 
     // Resume subscription
-    .post('/subscription/resume', async ({ stripe, user, set }) => {
-        if (!user.stripeSubscriptionId) {
+    .post('/subscription/resume', async ({ stripe, localUser, set }) => {
+        if (!localUser?.stripeSubscriptionId) {
             set.status = 400
             return { error: 'No subscription to resume' }
         }
 
         const subscription = await stripe.subscriptions.update(
-            user.stripeSubscriptionId,
+            localUser.stripeSubscriptionId,
             { cancel_at_period_end: false }
         )
 
@@ -124,13 +177,13 @@ export const billingRoutes = new Elysia({ prefix: '/billing' })
     })
 
     // List invoices
-    .get('/invoices', async ({ stripe, user, query }) => {
-        if (!user.stripeCustomerId) {
+    .get('/invoices', async ({ stripe, localUser, query }) => {
+        if (!localUser?.stripeCustomerId) {
             return { data: [], hasMore: false }
         }
 
         const invoices = await stripe.invoices.list({
-            customer: user.stripeCustomerId,
+            customer: localUser.stripeCustomerId,
             limit: query.limit
         })
 
@@ -157,46 +210,87 @@ export const billingRoutes = new Elysia({ prefix: '/billing' })
 // routes/webhook.js
 import { Elysia } from 'elysia'
 import Stripe from 'stripe'
-import { billingService } from '../services/billing'
+import { billingService } from '../services/billing.js'
+import { PLAN_MAP } from '../config/plans.js'
 
 const stripe = new Stripe(process.env.STRIPE_SECRET_KEY)
 
-export const webhookRoutes = new Elysia()
-    .post('/webhook/stripe', async ({ request, set }) => {
+export const stripeWebhookRoutes = new Elysia()
+    .post('/api/webhook', async ({ request, set }) => {
         const sig = request.headers.get('stripe-signature')
         const body = await request.text()
 
         let event
 
         try {
-            event = stripe.webhooks.constructEvent(
-                body,
-                sig,
-                process.env.STRIPE_WEBHOOK_SECRET
-            )
+            event = await stripe.webhooks.constructEventAsync(body, sig, process.env.STRIPE_WEBHOOK_SECRET)
         } catch (err) {
             console.error('Webhook signature failed:', err.message)
             set.status = 400
             return { error: 'Invalid signature' }
         }
 
-        // Handle events
+        console.log(`Stripe Webhook received: ${event.type}`)
+
         switch (event.type) {
             case 'checkout.session.completed': {
                 const session = event.data.object
                 const userId = session.metadata.userId
+                const email = session.customer_details?.email
+
+                // Garante que o usuário existe localmente antes de ativar
+                if (userId && email) {
+                    await billingService.getOrCreateUser(userId, email)
+                }
+
+                let periodEnd = null
+                let plan = 'starter' // Fallback padrão
+
+                // "Trust but Verify": busca a assinatura completa no Stripe
+                // para garantir dados corretos (plano real e período)
+                if (session.subscription) {
+                    try {
+                        const sub = await stripe.subscriptions.retrieve(session.subscription)
+
+                        // current_period_end pode estar nos items em versões mais recentes da API
+                        let retrievedPeriodEnd = sub.current_period_end
+                        let priceId = null
+
+                        if (sub.items?.data?.length > 0) {
+                            const mainItem = sub.items.data[0]
+                            if (!retrievedPeriodEnd) {
+                                retrievedPeriodEnd = mainItem.current_period_end
+                            }
+                            priceId = mainItem.price?.id
+                        }
+
+                        if (priceId && PLAN_MAP[priceId]) {
+                            plan = PLAN_MAP[priceId]
+                        }
+
+                        periodEnd = retrievedPeriodEnd ? new Date(retrievedPeriodEnd * 1000) : null
+                    } catch (err) {
+                        console.error('Failed to fetch subscription details:', err.message)
+                    }
+                }
 
                 await billingService.activateSubscription(userId, {
                     subscriptionId: session.subscription,
-                    plan: 'pro', // Map from price ID
-                    periodEnd: new Date(session.expires_at * 1000)
+                    plan,
+                    periodEnd,
                 })
                 break
             }
 
             case 'customer.subscription.updated': {
                 const subscription = event.data.object
-                // Handle plan changes, status updates
+
+                await billingService.updateSubscription(subscription.id, {
+                    status: subscription.status,
+                    periodEnd: subscription.current_period_end
+                        ? new Date(subscription.current_period_end * 1000)
+                        : null,
+                })
                 break
             }
 
@@ -208,13 +302,13 @@ export const webhookRoutes = new Elysia()
 
             case 'invoice.paid': {
                 const invoice = event.data.object
-                // Record successful payment
+                // TODO: Registrar fatura no banco local se necessário
                 break
             }
 
             case 'invoice.payment_failed': {
                 const invoice = event.data.object
-                // Handle failed payment - notify user
+                // TODO: Notificar usuário sobre falha no pagamento
                 break
             }
         }
@@ -227,37 +321,100 @@ export const webhookRoutes = new Elysia()
 // ============================================
 
 // services/billing.js
-import { db } from '../database'
-import { users } from '../database/schema'
-import { eq } from 'drizzle-orm'
+import { db, users, flows } from '../db/index.js'
+import { eq, sql } from 'drizzle-orm'
+import { PLAN_LIMITS } from '../config/plans.js'
 
 export const billingService = {
+    async getOrCreateUser(userId, email) {
+        if (!userId) throw new Error('User ID is required')
+
+        let [user] = await db.select().from(users).where(eq(users.id, userId)).limit(1)
+
+        if (!user) {
+            if (!email) {
+                console.warn('[BillingService] Cannot create user record: No email provided', { userId })
+                return null
+            }
+
+            console.log('[BillingService] Creating local user record:', { userId, email })
+            try {
+                ;[user] = await db
+                    .insert(users)
+                    .values({ id: userId, email })
+                    .returning()
+            } catch (err) {
+                console.error('[BillingService] Failed to insert user record:', err.message)
+                throw err
+            }
+        } else if (email && user.email !== email) {
+            console.log('[BillingService] Updating email for user:', { userId, from: user.email, to: email })
+            await db.update(users).set({ email }).where(eq(users.id, userId))
+            user.email = email
+        }
+
+        return user
+    },
+
+    async getOrCreateStripeCustomer(stripe, userId, email) {
+        const user = await this.getOrCreateUser(userId, email)
+        if (!user) throw new Error('Local user record not found or could not be created')
+
+        if (user.stripeCustomerId) return user.stripeCustomerId
+
+        if (!user.email) throw new Error('User email is required for Stripe registration')
+
+        console.log('[BillingService] Creating Stripe customer for:', user.email)
+        const customer = await stripe.customers.create({
+            email: user.email,
+            metadata: { userId: user.id },
+        })
+
+        await db.update(users).set({ stripeCustomerId: customer.id }).where(eq(users.id, userId))
+        return customer.id
+    },
+
     async linkStripeCustomer(userId, stripeCustomerId) {
         await db.update(users)
-            .set({ stripeCustomerId, updatedAt: new Date() })
+            .set({ stripeCustomerId })
             .where(eq(users.id, userId))
     },
 
     async activateSubscription(userId, { subscriptionId, plan, periodEnd }) {
-        await db.update(users)
-            .set({
-                stripeSubscriptionId: subscriptionId,
-                plan,
-                subscriptionStatus: 'active',
-                currentPeriodEnd: periodEnd,
-                cancelAtPeriodEnd: false,
-                updatedAt: new Date()
-            })
-            .where(eq(users.id, userId))
+        try {
+            await db
+                .update(users)
+                .set({
+                    stripeSubscriptionId: subscriptionId,
+                    plan,
+                    subscriptionStatus: 'active',
+                    currentPeriodEnd: periodEnd,
+                })
+                .where(eq(users.id, userId))
+        } catch (error) {
+            console.error('[BillingService] Failed to update user:', error)
+            throw error
+        }
     },
 
     async deactivateSubscription(subscriptionId) {
-        await db.update(users)
+        await db
+            .update(users)
             .set({
                 plan: 'free',
                 subscriptionStatus: 'canceled',
                 stripeSubscriptionId: null,
-                updatedAt: new Date()
+            })
+            .where(eq(users.stripeSubscriptionId, subscriptionId))
+    },
+
+    async updateSubscription(subscriptionId, { periodEnd, status, plan }) {
+        await db
+            .update(users)
+            .set({
+                currentPeriodEnd: periodEnd,
+                subscriptionStatus: status,
+                ...(plan ? { plan } : {}),
             })
             .where(eq(users.stripeSubscriptionId, subscriptionId))
     },
@@ -272,7 +429,29 @@ export const billingService = {
 
         const planHierarchy = { free: 0, starter: 1, pro: 2, enterprise: 3 }
         return (planHierarchy[user.plan] || 0) >= (planHierarchy[requiredPlan] || 0)
-    }
+    },
+
+    async checkFlowLimit(userId) {
+        const [user] = await db.select().from(users).where(eq(users.id, userId)).limit(1)
+        if (!user) throw new Error('User not found')
+
+        const userPlan = user.plan || 'free'
+        const limit = PLAN_LIMITS[userPlan]?.maxFlows || 1
+
+        const [result] = await db
+            .select({ count: sql`count(*)` })
+            .from(flows)
+            .where(eq(flows.userId, userId))
+
+        const currentCount = result?.count || 0
+
+        return {
+            allowed: currentCount < limit,
+            current: currentCount,
+            limit: limit,
+            plan: userPlan,
+        }
+    },
 }
 
 // ============================================

package/.agent/skills/riligar-infra-stripe/references/stripe-elysia.md

@@ -20,22 +20,61 @@ export const stripePlugin = new Elysia({ name: 'stripe' })
 ```javascript
 // routes/billing.js
 import { Elysia, t } from 'elysia'
+import { billingService } from '../services/billing.js'
 
-export const billingRoutes = new Elysia({ prefix: '/billing' })
+export const billingRoutes = new Elysia({ prefix: '/api/billing' })
     .use(stripePlugin)
 
+    // Resolve localUser a partir do token de auth
+    .derive(async ({ stripe, user }) => {
+        if (!user) {
+            return { localUser: null }
+        }
+
+        const email = user.email || user.emailAddress || user.primaryEmail
+        let localUser = await billingService.getOrCreateUser(user.id, email)
+
+        if (!localUser) {
+            return { localUser: null }
+        }
+
+        if (!localUser.stripeCustomerId && email) {
+            try {
+                const stripeCustomerId = await billingService.getOrCreateStripeCustomer(stripe, user.id, email)
+                localUser.stripeCustomerId = stripeCustomerId
+            } catch (err) {
+                console.error('Failed to auto-create Stripe Customer:', err.message)
+            }
+        }
+
+        return { localUser }
+    })
+
     // Create checkout session
-    .post('/checkout', async ({ stripe, body, user, set }) => {
-        const session = await stripe.checkout.sessions.create({
-            mode: body.mode,
-            customer_email: user.email,
-            line_items: [{ price: body.priceId, quantity: 1 }],
-            success_url: `${process.env.APP_URL}/success?session_id={CHECKOUT_SESSION_ID}`,
-            cancel_url: `${process.env.APP_URL}/pricing`,
-            metadata: { userId: user.id }
-        })
+    .post('/checkout', async ({ stripe, body, user, localUser, set }) => {
+        if (!user) {
+            set.status = 401
+            return { error: 'Unauthorized' }
+        }
 
-        return { url: session.url }
+        try {
+            const stripeCustomerId = await billingService.getOrCreateStripeCustomer(stripe, user.id, user.email)
+
+            const session = await stripe.checkout.sessions.create({
+                mode: body.mode,
+                customer: stripeCustomerId,
+                line_items: [{ price: body.priceId, quantity: 1 }],
+                success_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing/success?session_id={CHECKOUT_SESSION_ID}`,
+                cancel_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing`,
+                metadata: { userId: user.id }
+            })
+
+            return { url: session.url }
+        } catch (error) {
+            console.error('Checkout session creation failed:', error)
+            set.status = 500
+            return { error: 'Internal Server Error', message: error.message }
+        }
     }, {
         body: t.Object({
             priceId: t.String(),
@@ -44,75 +83,117 @@ export const billingRoutes = new Elysia({ prefix: '/billing' })
     })
 
     // Customer portal
-    .post('/portal', async ({ stripe, user }) => {
-        const portal = await stripe.billingPortal.sessions.create({
-            customer: user.stripeCustomerId,
-            return_url: `${process.env.APP_URL}/account`
-        })
+    .post('/portal', async ({ stripe, localUser, set }) => {
+        if (!localUser?.stripeCustomerId) {
+            set.status = 400
+            return { error: 'No billing account' }
+        }
 
-        return { url: portal.url }
+        try {
+            const portal = await stripe.billingPortal.sessions.create({
+                customer: localUser.stripeCustomerId,
+                return_url: `${process.env.APP_URL || 'http://localhost:5173'}/billing`
+            })
+
+            return { url: portal.url }
+        } catch (error) {
+            console.error('Failed to create portal session:', error)
+            set.status = 500
+            return { error: 'Internal Server Error' }
+        }
     })
 
     // Get subscription status
-    .get('/subscription', async ({ stripe, user }) => {
-        if (!user.stripeSubscriptionId) {
-            return { status: 'none', plan: null }
+    .get('/subscription', async ({ stripe, localUser }) => {
+        const baseResponse = {
+            status: localUser?.subscriptionStatus || 'none',
+            plan: localUser?.plan || 'free',
+            hasBillingAccount: !!localUser?.stripeCustomerId,
+            currentPeriodEnd: localUser?.currentPeriodEnd
+                ? Math.floor(new Date(localUser.currentPeriodEnd).getTime() / 1000)
+                : null,
         }
 
-        const subscription = await stripe.subscriptions.retrieve(user.stripeSubscriptionId)
+        if (!localUser?.stripeSubscriptionId) {
+            return baseResponse
+        }
 
-        return {
-            status: subscription.status,
-            plan: subscription.items.data[0].price.id,
-            currentPeriodEnd: subscription.current_period_end,
-            cancelAtPeriodEnd: subscription.cancel_at_period_end
+        try {
+            const subscription = await stripe.subscriptions.retrieve(localUser.stripeSubscriptionId)
+
+            // current_period_end pode estar nos items em versões mais recentes da API
+            let currentPeriodEnd = subscription.current_period_end
+            if (!currentPeriodEnd && subscription.items?.data?.length > 0) {
+                currentPeriodEnd = subscription.items.data[0].current_period_end
+            }
+
+            return {
+                ...baseResponse,
+                status: subscription.status,
+                currentPeriodEnd,
+                cancelAtPeriodEnd: subscription.cancel_at_period_end,
+            }
+        } catch (error) {
+            console.error('Failed to fetch subscription:', error.message)
+            return { ...baseResponse, status: 'error', message: error.message }
         }
     })
 ```
 
 ## Customer Management
 
-### Create or Get Customer
+### getOrCreateUser (Billing Service)
+
+Garante que o usuário existe localmente antes de qualquer operação de billing:
 
 ```javascript
-const getOrCreateCustomer = async (stripe, user, db) => {
-    // Check if user already has a Stripe customer
-    if (user.stripeCustomerId) {
-        return user.stripeCustomerId
-    }
+// services/billing.js
+async getOrCreateUser(userId, email) {
+    if (!userId) throw new Error('User ID is required')
 
-    // Create new customer
-    const customer = await stripe.customers.create({
-        email: user.email,
-        name: user.name,
-        metadata: { userId: user.id }
-    })
+    let [user] = await db.select().from(users).where(eq(users.id, userId)).limit(1)
 
-    // Store customer ID
-    await db.update(users)
-        .set({ stripeCustomerId: customer.id })
-        .where(eq(users.id, user.id))
+    if (!user) {
+        if (!email) {
+            console.warn('Cannot create user record: No email provided', { userId })
+            return null
+        }
 
-    return customer.id
+        console.log('Creating local user record:', { userId, email })
+        ;[user] = await db
+            .insert(users)
+            .values({ id: userId, email })
+            .returning()
+    } else if (email && user.email !== email) {
+        await db.update(users).set({ email }).where(eq(users.id, userId))
+        user.email = email
+    }
+
+    return user
 }
 ```
 
-### Checkout with Existing Customer
+### getOrCreateStripeCustomer (Billing Service)
+
+Cria ou retorna o Stripe Customer ID:
 
 ```javascript
-.post('/checkout', async ({ stripe, body, user, db }) => {
-    const customerId = await getOrCreateCustomer(stripe, user, db)
-
-    const session = await stripe.checkout.sessions.create({
-        mode: 'subscription',
-        customer: customerId,  // Use existing customer
-        line_items: [{ price: body.priceId, quantity: 1 }],
-        success_url: `${process.env.APP_URL}/success`,
-        cancel_url: `${process.env.APP_URL}/pricing`,
+async getOrCreateStripeCustomer(stripe, userId, email) {
+    const user = await this.getOrCreateUser(userId, email)
+    if (!user) throw new Error('Local user record not found or could not be created')
+
+    if (user.stripeCustomerId) return user.stripeCustomerId
+
+    if (!user.email) throw new Error('User email is required for Stripe registration')
+
+    const customer = await stripe.customers.create({
+        email: user.email,
+        metadata: { userId: user.id },
     })
 
-    return { url: session.url }
-})
+    await db.update(users).set({ stripeCustomerId: customer.id }).where(eq(users.id, userId))
+    return customer.id
+}
 ```
 
 ## Subscription Operations

package/.agent/skills/riligar-infra-stripe/references/stripe-webhooks.md

@@ -12,14 +12,14 @@ import Stripe from 'stripe'
 const stripe = new Stripe(process.env.STRIPE_SECRET_KEY)
 
 export const webhookRoutes = new Elysia()
-    .post('/webhook/stripe', async ({ request, set }) => {
+    .post('/api/webhook', async ({ request, set }) => {
         const sig = request.headers.get('stripe-signature')
         const body = await request.text()
 
         let event
 
         try {
-            event = stripe.webhooks.constructEvent(
+            event = await stripe.webhooks.constructEventAsync(
                 body,
                 sig,
                 process.env.STRIPE_WEBHOOK_SECRET
@@ -98,23 +98,66 @@ export async function handleWebhookEvent(event) {
 
 ```javascript
 async function handleCheckoutComplete(session) {
-    const { customer, subscription, metadata } = session
+    const { customer, subscription, metadata, customer_details } = session
     const userId = metadata.userId
+    const email = customer_details?.email
 
-    // Update user with Stripe IDs
+    // CRÍTICO: Garante que o usuário existe localmente antes de ativar
+    if (userId && email) {
+        await billingService.getOrCreateUser(userId, email)
+    }
+
+    let plan = 'starter' // Fallback padrão
+    let periodEnd = null
+
+    // "Trust but Verify": Busca a assinatura completa no Stripe
+    // para obter dados reais (plano e período corretos)
+    if (subscription) {
+        try {
+            const sub = await stripe.subscriptions.retrieve(subscription)
+
+            // current_period_end pode estar nos items em versões mais recentes da API
+            let retrievedPeriodEnd = sub.current_period_end
+            let priceId = null
+
+            if (sub.items?.data?.length > 0) {
+                const mainItem = sub.items.data[0]
+                if (!retrievedPeriodEnd) {
+                    retrievedPeriodEnd = mainItem.current_period_end
+                }
+                priceId = mainItem.price?.id
+            }
+
+            // Mapeia price ID para plano (importar PLAN_MAP de config/plans.js)
+            const PLAN_MAP = {
+                'price_starter_monthly': 'starter',
+                'price_pro_monthly': 'pro',
+                'price_enterprise_monthly': 'enterprise'
+            }
+
+            if (priceId && PLAN_MAP[priceId]) {
+                plan = PLAN_MAP[priceId]
+            }
+
+            periodEnd = retrievedPeriodEnd ? new Date(retrievedPeriodEnd * 1000) : null
+        } catch (err) {
+            console.error('Failed to fetch subscription details:', err.message)
+        }
+    }
+
+    // Update user with validated data
     await db.update(users)
         .set({
             stripeCustomerId: customer,
             stripeSubscriptionId: subscription,
-            plan: 'pro',  // or extract from session
+            plan,
+            subscriptionStatus: 'active',
+            currentPeriodEnd: periodEnd,
             updatedAt: new Date()
         })
         .where(eq(users.id, userId))
 
-    // Optional: send welcome email
-    // await sendWelcomeEmail(userId)
-
-    console.log(`Checkout completed for user ${userId}`)
+    console.log(`Checkout completed for user ${userId}, plan: ${plan}`)
 }
 ```
 
@@ -123,7 +166,7 @@ async function handleCheckoutComplete(session) {
 ```javascript
 async function handleSubscriptionChange(subscription) {
     const { id, status, items, current_period_end, cancel_at_period_end } = subscription
-    const priceId = items.data[0].price.id
+    const priceId = items.data[0]?.price?.id
 
     // Find user by subscription ID
     const [user] = await db.select()
@@ -136,18 +179,24 @@ async function handleSubscriptionChange(subscription) {
         return
     }
 
-    // Map price ID to plan name
-    const planMap = {
+    // Map price ID to plan name (importar PLAN_MAP de config/plans.js)
+    const PLAN_MAP = {
         'price_starter_monthly': 'starter',
         'price_pro_monthly': 'pro',
         'price_enterprise_monthly': 'enterprise'
     }
 
+    // current_period_end pode estar nos items em versões mais recentes da API
+    let periodEnd = current_period_end
+    if (!periodEnd && items?.data?.length > 0) {
+        periodEnd = items.data[0].current_period_end
+    }
+
     await db.update(users)
         .set({
-            plan: planMap[priceId] || 'free',
+            plan: PLAN_MAP[priceId] || 'free',
             subscriptionStatus: status,
-            currentPeriodEnd: new Date(current_period_end * 1000),
+            currentPeriodEnd: periodEnd ? new Date(periodEnd * 1000) : null,
             cancelAtPeriodEnd: cancel_at_period_end,
             updatedAt: new Date()
         })
@@ -282,8 +331,8 @@ brew install stripe/stripe-cli/stripe
 # Login to Stripe
 stripe login
 
-# Forward webhooks to local server
-stripe listen --forward-to localhost:3000/webhook/stripe
+# Forward webhooks to local server (ajuste a porta conforme necessário)
+stripe listen --forward-to localhost:3333/api/webhook
 
 # Copy the webhook signing secret (whsec_...) to .env.development
 
@@ -331,7 +380,7 @@ stripe trigger invoice.payment_failed
 
 ```javascript
 export const webhookRoutes = new Elysia()
-    .post('/webhook/stripe', async ({ request, set }) => {
+    .post('/api/webhook', async ({ request, set }) => {
         const sig = request.headers.get('stripe-signature')
         const body = await request.text()
 
@@ -339,7 +388,7 @@ export const webhookRoutes = new Elysia()
 
         // Verify signature
         try {
-            event = stripe.webhooks.constructEvent(
+            event = await stripe.webhooks.constructEventAsync(
                 body,
                 sig,
                 process.env.STRIPE_WEBHOOK_SECRET

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@riligar/agents-kit",
-    "version": "1.17.0",
+    "version": "1.18.0",
     "publishConfig": {
         "access": "public"
     },