npm - @umituz/react-native-subscription - Versions diffs - 2.37.102 → 2.37.104 - Mend

@umituz/react-native-subscription 2.37.102 → 2.37.104

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@umituz/react-native-subscription",
-  "version": "2.37.102",
+  "version": "2.37.104",
   "description": "Complete subscription management with RevenueCat, paywall UI, and credits system for React Native apps",
   "main": "./src/index.ts",
   "types": "./src/index.ts",

package/src/domains/credits/application/CreditsInitializer.ts CHANGED Viewed

@@ -2,19 +2,21 @@ import type { CreditsConfig } from "../core/Credits";
 import { getAppVersion, validatePlatform } from "../../../utils/appUtils";
 import type { InitializeCreditsMetadata, InitializationResult } from "../../subscription/application/SubscriptionInitializerTypes";
-import { runTransaction, type Transaction, type DocumentReference, type Firestore } from "@umituz/react-native-firebase";
+import { runTransaction, serverTimestamp, type Transaction, type DocumentReference, type Firestore } from "@umituz/react-native-firebase";
+import { doc } from "firebase/firestore";
 import { getCreditDocumentOrDefault } from "./creditDocumentHelpers";
 import { calculateNewCredits, buildCreditsData } from "./creditOperationUtils";
 import { calculateCreditLimit } from "./CreditLimitCalculator";
 import { generatePurchaseMetadata } from "./PurchaseMetadataGenerator";
-import { PURCHASE_ID_PREFIXES } from "../core/CreditsConstants";
+import { PURCHASE_ID_PREFIXES, GLOBAL_TRANSACTION_COLLECTION } from "../core/CreditsConstants";
 export async function initializeCreditsTransaction(
     _db: Firestore,
     creditsRef: DocumentReference,
     config: CreditsConfig,
     purchaseId: string,
-    metadata: InitializeCreditsMetadata
+    metadata: InitializeCreditsMetadata,
+    userId: string
 ): Promise<InitializationResult> {
     if (!purchaseId.startsWith(PURCHASE_ID_PREFIXES.PURCHASE) && !purchaseId.startsWith(PURCHASE_ID_PREFIXES.RENEWAL)) {
@@ -37,6 +39,26 @@ export async function initializeCreditsTransaction(
             };
         }
+        // Global cross-user deduplication: prevent the same Apple/Google transaction
+        // from allocating credits under multiple Firebase UIDs.
+        if (metadata.originalTransactionId) {
+            const globalRef = doc(_db, GLOBAL_TRANSACTION_COLLECTION, metadata.originalTransactionId);
+            const globalDoc = await transaction.get(globalRef);
+            if (globalDoc.exists()) {
+                const globalData = globalDoc.data();
+                if (globalData?.ownerUserId && globalData.ownerUserId !== userId) {
+                    console.warn(
+                        `[CreditsInitializer] Transaction ${metadata.originalTransactionId} already processed by user ${globalData.ownerUserId}, skipping for ${userId}`
+                    );
+                    return {
+                        credits: existingData.credits,
+                        alreadyProcessed: true,
+                        finalData: existingData
+                    };
+                }
+            }
+        }
         const creditLimit = calculateCreditLimit(metadata.productId, config);
         const { purchaseHistory } = generatePurchaseMetadata({
             productId: metadata.productId,
@@ -66,6 +88,17 @@ export async function initializeCreditsTransaction(
         transaction.set(creditsRef, creditsData, { merge: true });
+        // Register transaction globally so other UIDs cannot claim the same purchase.
+        if (metadata.originalTransactionId) {
+            const globalRef = doc(_db, GLOBAL_TRANSACTION_COLLECTION, metadata.originalTransactionId);
+            transaction.set(globalRef, {
+                ownerUserId: userId,
+                purchaseId,
+                productId: metadata.productId,
+                createdAt: serverTimestamp(),
+            });
+        }
         return {
             credits: newCredits,
             alreadyProcessed: false,

package/src/domains/credits/core/CreditsConstants.ts CHANGED Viewed

@@ -11,3 +11,10 @@ export const PURCHASE_ID_PREFIXES = {
 } as const;
 export const PROCESSED_PURCHASES_WINDOW = 50;
+/**
+ * Global Firestore collection for cross-user transaction deduplication.
+ * Prevents the same Apple/Google transaction from allocating credits
+ * under multiple Firebase UIDs (e.g., anonymous + converted accounts).
+ */
+export const GLOBAL_TRANSACTION_COLLECTION = 'processedTransactions';

package/src/domains/credits/infrastructure/CreditsRepository.ts CHANGED Viewed

@@ -92,6 +92,7 @@ export class CreditsRepository extends BaseRepository {
     willRenew: boolean,
     expirationDate: string | null,
     periodType: string | null,
+    originalTransactionId?: string | null,
   ): Promise<boolean> {
     const db = requireFirestore();
     const creditLimit = calculateCreditLimit(productId, this.config);
@@ -102,6 +103,9 @@ export class CreditsRepository extends BaseRepository {
       willRenew,
       expirationDate,
       periodType,
+      db,
+      userId,
+      originalTransactionId,
     );
   }
 }

package/src/domains/credits/infrastructure/operations/CreditsInitializer.ts CHANGED Viewed

@@ -43,7 +43,7 @@ function isTransientError(error: unknown): boolean {
 }
 export async function initializeCreditsWithRetry(params: InitializeCreditsParams): Promise<CreditsResult> {
-  const { db, ref, config, purchaseId, productId, source, revenueCatData, type = PURCHASE_TYPE.INITIAL } = params;
+  const { db, ref, config, userId, purchaseId, productId, source, revenueCatData, type = PURCHASE_TYPE.INITIAL } = params;
   const creditLimit = calculateCreditLimit(productId, config);
   const cfg = { ...config, creditLimit };
@@ -72,7 +72,8 @@ export async function initializeCreditsWithRetry(params: InitializeCreditsParams
           ownershipType: revenueCatData.ownershipType,
           revenueCatUserId: revenueCatData.revenueCatUserId,
           type,
-        }
+        },
+        userId
       );
       return {

package/src/domains/credits/infrastructure/operations/CreditsWriter.ts CHANGED Viewed

@@ -1,11 +1,12 @@
-import type { DocumentReference, Transaction } from "@umituz/react-native-firebase";
+import type { DocumentReference, Transaction, Firestore } from "@umituz/react-native-firebase";
 import { runTransaction, serverTimestamp } from "@umituz/react-native-firebase";
-import { getDoc, setDoc } from "firebase/firestore";
+import { doc, getDoc, setDoc } from "firebase/firestore";
 import { SUBSCRIPTION_STATUS } from "../../../subscription/core/SubscriptionConstants";
 import { resolveSubscriptionStatus } from "../../../subscription/core/SubscriptionStatus";
 import { toTimestamp } from "../../../../shared/utils/dateConverter";
 import { isPast } from "../../../../utils/dateUtils";
 import { getAppVersion, validatePlatform } from "../../../../utils/appUtils";
+import { GLOBAL_TRANSACTION_COLLECTION } from "../../core/CreditsConstants";
 // Fix: was getDoc+setDoc (non-atomic) — now uses runTransaction so concurrent
 // initializeCreditsTransaction and deductCreditsOperation no longer see stale
@@ -76,6 +77,10 @@ export async function syncPremiumMetadata(
  * Recovery: creates a credits document for premium users who don't have one.
  * This handles edge cases like test store purchases, reinstalls, or failed initializations.
  * Returns true if a new document was created, false if one already existed.
+ *
+ * Cross-user guard: if originalTransactionId is provided and already registered
+ * to a different user in the global processedTransactions collection, the recovery
+ * document is NOT created (the subscription belongs to another UID).
  */
 export async function createRecoveryCreditsDocument(
   ref: DocumentReference,
@@ -84,9 +89,33 @@ export async function createRecoveryCreditsDocument(
   willRenew: boolean,
   expirationDate: string | null,
   periodType: string | null,
+  db?: Firestore,
+  userId?: string,
+  originalTransactionId?: string | null,
 ): Promise<boolean> {
-  const doc = await getDoc(ref);
-  if (doc.exists()) return false;
+  const existingDoc = await getDoc(ref);
+  if (existingDoc.exists()) return false;
+  // Cross-user deduplication: if this transaction was already processed by another
+  // user, skip recovery to prevent double credit allocation across UIDs.
+  if (db && userId && originalTransactionId) {
+    try {
+      const globalRef = doc(db, GLOBAL_TRANSACTION_COLLECTION, originalTransactionId);
+      const globalDoc = await getDoc(globalRef);
+      if (globalDoc.exists()) {
+        const globalData = globalDoc.data();
+        if (globalData?.ownerUserId && globalData.ownerUserId !== userId) {
+          console.warn(
+            `[CreditsWriter] Recovery skipped: transaction ${originalTransactionId} belongs to user ${globalData.ownerUserId}, not ${userId}`
+          );
+          return false;
+        }
+      }
+    } catch (error) {
+      // Non-fatal: if global check fails, still create recovery doc as safety net
+      console.warn('[CreditsWriter] Global transaction check failed during recovery:', error);
+    }
+  }
   const platform = validatePlatform();
   const appVersion = getAppVersion();

package/src/domains/revenuecat/core/types/RevenueCatConfig.ts CHANGED Viewed

@@ -11,7 +11,8 @@ export interface RevenueCatConfig {
     productId?: string,
     expiresAt?: string,
     willRenew?: boolean,
-    periodType?: string
+    periodType?: string,
+    originalTransactionId?: string
   ) => Promise<void> | void;
   onPurchaseCompleted?: (
     userId: string,

package/src/domains/revenuecat/infrastructure/services/userSwitchHandler.ts CHANGED Viewed

@@ -211,13 +211,17 @@ export async function handleInitialConfiguration(
         );
         if (premiumEntitlement) {
+          const subscription = customerInfo.subscriptionsByProductIdentifier?.[premiumEntitlement.productIdentifier];
+          const originalTransactionId = subscription?.storeTransactionId ?? undefined;
           await deps.config.onPremiumStatusChanged(
             normalizedUserId,
             true,
             premiumEntitlement.productIdentifier,
             premiumEntitlement.expirationDate ?? undefined,
             premiumEntitlement.willRenew,
-            premiumEntitlement.periodType as PeriodType | undefined
+            premiumEntitlement.periodType as PeriodType | undefined,
+            originalTransactionId
           );
         } else {
           await deps.config.onPremiumStatusChanged(
@@ -226,6 +230,7 @@ export async function handleInitialConfiguration(
             undefined,
             undefined,
             undefined,
+            undefined,
             undefined
           );
         }

package/src/domains/subscription/application/SubscriptionSyncProcessor.ts CHANGED Viewed

@@ -106,7 +106,8 @@ export class SubscriptionSyncProcessor {
     productId?: string,
     expiresAt?: string,
     willRenew?: boolean,
-    periodType?: PeriodType
+    periodType?: PeriodType,
+    originalTransactionId?: string
   ) {
     // If a purchase is in progress, skip metadata sync (purchase handler does it)
     // but still allow recovery to run — the purchase handler's credit initialization
@@ -123,7 +124,12 @@ export class SubscriptionSyncProcessor {
           productId,
           expiresAt ?? null,
           willRenew ?? false,
-          periodType ?? null
+          periodType ?? null,
+          undefined,
+          undefined,
+          undefined,
+          undefined,
+          originalTransactionId
         );
       }
       return;
@@ -157,7 +163,12 @@ export class SubscriptionSyncProcessor {
       productId,
       expiresAt ?? null,
       willRenew ?? false,
-      periodType ?? null
+      periodType ?? null,
+      undefined,
+      undefined,
+      undefined,
+      undefined,
+      originalTransactionId
     );
   }
 }

package/src/domains/subscription/application/SubscriptionSyncService.ts CHANGED Viewed

@@ -49,10 +49,11 @@ export class SubscriptionSyncService {
     productId?: string,
     expiresAt?: string,
     willRenew?: boolean,
-    periodType?: PeriodType
+    periodType?: PeriodType,
+    originalTransactionId?: string
   ) {
     try {
-      await this.processor.processStatusChange(userId, isPremium, productId, expiresAt, willRenew, periodType);
+      await this.processor.processStatusChange(userId, isPremium, productId, expiresAt, willRenew, periodType, originalTransactionId);
       subscriptionEventBus.emit(SUBSCRIPTION_EVENTS.PREMIUM_STATUS_CHANGED, { userId, isPremium });
     } catch (error) {
       console.error('[SubscriptionSyncService] Status change processing failed', {

package/src/domains/subscription/application/initializer/ServiceConfigurator.ts CHANGED Viewed

@@ -48,10 +48,11 @@ export function configureServices(config: SubscriptionInitConfig, apiKey: string
         pId?: string,
         exp?: string,
         willR?: boolean,
-        pt?: string
+        pt?: string,
+        txnId?: string
       ) => {
         const validPeriodType = pt && Object.values(PERIOD_TYPE).includes(pt as PeriodType) ? pt as PeriodType : undefined;
-        return syncService.handlePremiumStatusChanged(u, isP, pId, exp, willR, validPeriodType);
+        return syncService.handlePremiumStatusChanged(u, isP, pId, exp, willR, validPeriodType, txnId);
       },
       onCreditsUpdated,
     },

package/src/domains/subscription/application/statusChangeHandlers.ts CHANGED Viewed

@@ -17,12 +17,15 @@ export const handlePremiumStatusSync = async (
   unsubscribeDetectedAt?: string | null,
   billingIssueDetectedAt?: string | null,
   store?: string | null,
-  ownershipType?: string | null
+  ownershipType?: string | null,
+  originalTransactionId?: string
 ): Promise<void> => {
   const repo = getCreditsRepository();
   // Recovery: if premium user has no credits document, create one.
   // Handles edge cases like test store, reinstalls, or failed purchase initialization.
+  // The originalTransactionId is passed for cross-user deduplication: if this
+  // transaction was already processed by another UID, recovery is skipped.
   if (isPremium) {
     const created = await repo.ensurePremiumCreditsExist(
       userId,
@@ -30,6 +33,7 @@ export const handlePremiumStatusSync = async (
       willRenew,
       expiresAt,
       periodType,
+      originalTransactionId,
     );
     if (__DEV__ && created) {
       console.log('[handlePremiumStatusSync] Recovery: created missing credits document for premium user', { userId, productId });

package/src/domains/subscription/infrastructure/utils/PremiumStatusSyncer.ts CHANGED Viewed

@@ -28,16 +28,20 @@ export async function syncPremiumStatus(
     try {
         if (premiumEntitlement) {
+            const subscription = customerInfo.subscriptionsByProductIdentifier?.[premiumEntitlement.productIdentifier];
+            const originalTransactionId = subscription?.storeTransactionId ?? undefined;
             await config.onPremiumStatusChanged(
                 userId,
                 true,
                 premiumEntitlement.productIdentifier,
                 premiumEntitlement.expirationDate ?? undefined,
                 premiumEntitlement.willRenew,
-                premiumEntitlement.periodType as "NORMAL" | "INTRO" | undefined
+                premiumEntitlement.periodType as "NORMAL" | "INTRO" | undefined,
+                originalTransactionId
             );
         } else {
-            await config.onPremiumStatusChanged(userId, false, undefined, undefined, undefined, undefined);
+            await config.onPremiumStatusChanged(userId, false, undefined, undefined, undefined, undefined, undefined);
         }
         return { success: true };
     } catch (error) {