mcpmake 0.1.0

package/dist/cloud/stripe.js

@@ -0,0 +1,317 @@
+/**
+ * Stripe payment integration.
+ *
+ * Optional module — if STRIPE_SECRET_KEY is not set, all functions return
+ * null or throw descriptive errors. Uses dynamic import for the `stripe`
+ * package to avoid a hard dependency (same pattern as `pg`).
+ *
+ * Environment variables:
+ *   STRIPE_SECRET_KEY      — Stripe secret API key
+ *   STRIPE_WEBHOOK_SECRET  — Webhook endpoint signing secret
+ *   STRIPE_PRICE_HOBBYIST  — Price ID for the Hobbyist plan
+ *   STRIPE_PRICE_PRO       — Price ID for the Pro plan
+ *   STRIPE_PRICE_TEAM      — Price ID for the Team plan
+ */
+import { logger } from '../utils/logger.js';
+import { getUserById, getUserByStripeCustomerId, updateUser } from './web/auth.js';
+import { getDb } from './shared-state.js';
+// ---------------------------------------------------------------------------
+// Price ID mapping
+// ---------------------------------------------------------------------------
+export const PLAN_PRICE_IDS = {
+    hobbyist: process.env.STRIPE_PRICE_HOBBYIST || '',
+    pro: process.env.STRIPE_PRICE_PRO || '',
+    team: process.env.STRIPE_PRICE_TEAM || '',
+};
+// ---------------------------------------------------------------------------
+// Client singleton
+// ---------------------------------------------------------------------------
+let _stripeClient;
+/**
+ * Get a configured Stripe client. Returns `null` when STRIPE_SECRET_KEY
+ * is not set. Caches the instance after first successful creation.
+ */
+export async function getStripeClient() {
+    if (_stripeClient !== undefined)
+        return _stripeClient;
+    const secretKey = process.env.STRIPE_SECRET_KEY;
+    if (!secretKey) {
+        _stripeClient = null;
+        return null;
+    }
+    try {
+        // Dynamic import — same indirection trick used for `pg` so TypeScript
+        // doesn't try to resolve the module at compile time.
+        let stripeMod;
+        const mod = 'stripe';
+        stripeMod = await Function('m', 'return import(m)')(mod);
+        const Stripe = stripeMod.default ?? stripeMod.Stripe ?? stripeMod;
+        _stripeClient = new Stripe(secretKey, { apiVersion: '2024-12-18.acacia' });
+        return _stripeClient;
+    }
+    catch (err) {
+        logger.warn(`Failed to load stripe package: ${err}`);
+        _stripeClient = null;
+        return null;
+    }
+}
+/**
+ * Returns true when Stripe is configured (secret key is present).
+ * Does NOT load the Stripe SDK — just checks the env var.
+ */
+export function isStripeConfigured() {
+    return !!process.env.STRIPE_SECRET_KEY;
+}
+// ---------------------------------------------------------------------------
+// Checkout
+// ---------------------------------------------------------------------------
+/**
+ * Create a Stripe Checkout session for a plan upgrade.
+ *
+ * @returns The checkout session URL to redirect the user to.
+ * @throws If Stripe is not configured or the plan has no price ID.
+ */
+export async function createCheckoutSession(opts) {
+    const stripe = await getStripeClient();
+    if (!stripe) {
+        throw new Error('Stripe is not configured');
+    }
+    const priceId = PLAN_PRICE_IDS[opts.plan];
+    if (!priceId) {
+        throw new Error(`No Stripe price ID configured for plan "${opts.plan}"`);
+    }
+    const session = await stripe.checkout.sessions.create({
+        mode: 'subscription',
+        customer_email: opts.email,
+        line_items: [{ price: priceId, quantity: 1 }],
+        success_url: opts.successUrl,
+        cancel_url: opts.cancelUrl,
+        client_reference_id: opts.userId,
+        metadata: {
+            userId: opts.userId,
+            plan: opts.plan,
+        },
+        // Propagate metadata onto the Subscription so that subscription.updated /
+        // subscription.deleted webhooks can resolve the user (they read
+        // subscription.metadata, not the checkout session's metadata).
+        subscription_data: {
+            metadata: {
+                userId: opts.userId,
+                plan: opts.plan,
+            },
+        },
+    });
+    if (!session.url) {
+        throw new Error('Stripe did not return a checkout URL');
+    }
+    return session.url;
+}
+// ---------------------------------------------------------------------------
+// Billing portal
+// ---------------------------------------------------------------------------
+/**
+ * Create a Stripe billing portal session so the customer can manage
+ * their subscription (cancel, change payment method, view invoices).
+ *
+ * @returns The portal session URL to redirect the user to.
+ */
+export async function createPortalSession(customerId, returnUrl) {
+    const stripe = await getStripeClient();
+    if (!stripe) {
+        throw new Error('Stripe is not configured');
+    }
+    const session = await stripe.billingPortal.sessions.create({
+        customer: customerId,
+        return_url: returnUrl,
+    });
+    return session.url;
+}
+// ---------------------------------------------------------------------------
+// Webhook handler
+// ---------------------------------------------------------------------------
+// ---------------------------------------------------------------------------
+// Webhook idempotency
+// ---------------------------------------------------------------------------
+/** In-memory fallback ledger of processed event IDs (used when no DB). */
+const recentEventIds = new Set();
+const MAX_RECENT_EVENTS = 5_000;
+/** Whether this Stripe event has already been processed (replay protection). */
+async function alreadyProcessed(eventId) {
+    const db = getDb();
+    if (db) {
+        const { rows } = await db.query('SELECT id FROM processed_stripe_events WHERE id = $1', [eventId]);
+        return rows.length > 0;
+    }
+    return recentEventIds.has(eventId);
+}
+/** Record an event as processed. Called only after successful handling so a
+ * failed delivery is re-tried by Stripe rather than silently dropped. */
+async function markProcessed(eventId) {
+    const db = getDb();
+    if (db) {
+        await db.query('INSERT INTO processed_stripe_events (id) VALUES ($1) ON CONFLICT (id) DO NOTHING', [eventId]);
+        return;
+    }
+    recentEventIds.add(eventId);
+    if (recentEventIds.size > MAX_RECENT_EVENTS) {
+        const keep = [...recentEventIds].slice(-Math.floor(MAX_RECENT_EVENTS / 2));
+        recentEventIds.clear();
+        for (const id of keep)
+            recentEventIds.add(id);
+    }
+}
+/** Map Stripe price IDs back to plan names. */
+function planFromPriceId(priceId) {
+    for (const [plan, id] of Object.entries(PLAN_PRICE_IDS)) {
+        if (id && id === priceId)
+            return plan;
+    }
+    return undefined;
+}
+/**
+ * Verify and handle an incoming Stripe webhook event.
+ *
+ * Handles:
+ *   - checkout.session.completed  — activate subscription, store customer ID
+ *   - customer.subscription.updated — plan change / renewal
+ *   - customer.subscription.deleted — cancellation, downgrade to free
+ *
+ * @param payload   - The raw request body as a Buffer (required for signature verification)
+ * @param signature - The `stripe-signature` header value
+ */
+export async function handleWebhookEvent(payload, signature) {
+    const stripe = await getStripeClient();
+    if (!stripe) {
+        throw new Error('Stripe is not configured');
+    }
+    const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+    if (!webhookSecret) {
+        throw new Error('STRIPE_WEBHOOK_SECRET is not set');
+    }
+    // Verify signature — throws on invalid signature
+    const event = stripe.webhooks.constructEvent(payload, signature, webhookSecret);
+    // Idempotency: Stripe may deliver the same event more than once. Skip events
+    // we've already applied so a replay can't double-apply a plan change.
+    if (event.id && (await alreadyProcessed(event.id))) {
+        logger.info(`[stripe] Duplicate webhook ${event.id} (${event.type}) ignored`);
+        return;
+    }
+    switch (event.type) {
+        case 'checkout.session.completed': {
+            await handleCheckoutCompleted(event.data.object);
+            break;
+        }
+        case 'customer.subscription.updated': {
+            await handleSubscriptionUpdated(event.data.object);
+            break;
+        }
+        case 'customer.subscription.deleted': {
+            await handleSubscriptionDeleted(event.data.object);
+            break;
+        }
+        default:
+            logger.info(`[stripe] Unhandled webhook event type: ${event.type}`);
+    }
+    // Mark processed only after successful handling (above throws propagate to the
+    // caller → 400 → Stripe retries, which is what we want on a transient failure).
+    if (event.id)
+        await markProcessed(event.id);
+}
+/**
+ * Handle checkout.session.completed — the user just completed payment.
+ * Save the Stripe customer ID on the user and upgrade their plan.
+ */
+async function handleCheckoutCompleted(session) {
+    const userId = session.client_reference_id ?? session.metadata?.userId;
+    const plan = session.metadata?.plan;
+    const customerId = session.customer;
+    if (!userId) {
+        logger.warn('[stripe] checkout.session.completed missing client_reference_id');
+        return;
+    }
+    const user = await getUserById(userId);
+    if (!user) {
+        logger.warn(`[stripe] checkout.session.completed: user ${userId} not found`);
+        return;
+    }
+    const updates = {
+        stripeCustomerId: customerId,
+    };
+    if (plan && ['hobbyist', 'pro', 'team', 'enterprise'].includes(plan)) {
+        updates.plan = plan;
+    }
+    await updateUser(userId, updates);
+    logger.info(`[stripe] User ${userId} upgraded to ${plan ?? 'unknown'}, customer=${customerId}`);
+}
+/**
+ * Resolve the local user for a Stripe subscription. Prefers the userId stored
+ * in subscription metadata (set via subscription_data.metadata at checkout),
+ * and falls back to looking up by the Stripe customer ID so that subscriptions
+ * created without metadata (or before this fix) are still attributed.
+ */
+async function resolveSubscriptionUserId(subscription) {
+    const fromMetadata = subscription.metadata?.userId;
+    if (fromMetadata)
+        return fromMetadata;
+    const customerId = subscription.customer;
+    if (customerId && typeof customerId === 'string') {
+        const user = await getUserByStripeCustomerId(customerId);
+        if (user)
+            return user.id;
+    }
+    return undefined;
+}
+/** Extract the current period end (epoch ms) from a subscription, if present. */
+function periodEndMs(subscription) {
+    const seconds = subscription.current_period_end;
+    return typeof seconds === 'number' ? seconds * 1000 : undefined;
+}
+/**
+ * Handle customer.subscription.updated — plan change or renewal.
+ * Look up the user by metadata or customer ID and update their plan + period.
+ */
+async function handleSubscriptionUpdated(subscription) {
+    const userId = await resolveSubscriptionUserId(subscription);
+    if (!userId) {
+        logger.warn('[stripe] subscription.updated: could not resolve user — skipping');
+        return;
+    }
+    const user = await getUserById(userId);
+    if (!user) {
+        logger.warn(`[stripe] subscription.updated: user ${userId} not found`);
+        return;
+    }
+    const updates = {};
+    // Determine the new plan from the first subscription item's price.
+    const items = subscription.items?.data;
+    const priceId = items?.[0]?.price?.id;
+    const plan = priceId ? planFromPriceId(priceId) : undefined;
+    if (plan)
+        updates.plan = plan;
+    // Capture the billing period anchor so usage quotas align to the subscription.
+    const end = periodEndMs(subscription);
+    if (end)
+        updates.subscriptionPeriodEnd = end;
+    if (Object.keys(updates).length === 0)
+        return;
+    await updateUser(userId, updates);
+    logger.info(`[stripe] User ${userId} subscription updated (plan: ${plan ?? 'unchanged'})`);
+}
+/**
+ * Handle customer.subscription.deleted — cancellation.
+ * Downgrade the user to the free plan.
+ */
+async function handleSubscriptionDeleted(subscription) {
+    const userId = await resolveSubscriptionUserId(subscription);
+    if (!userId) {
+        logger.warn('[stripe] subscription.deleted: could not resolve user — skipping');
+        return;
+    }
+    const user = await getUserById(userId);
+    if (!user) {
+        logger.warn(`[stripe] subscription.deleted: user ${userId} not found`);
+        return;
+    }
+    await updateUser(userId, { plan: 'free' });
+    logger.info(`[stripe] User ${userId} subscription canceled — downgraded to free`);
+}

package/dist/cloud/telemetry-store.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Storage for CLI crash/error reports received at POST /api/telemetry/report.
+ *
+ * Reports are already validated, whitelisted, truncated, and stripped of PII
+ * (home-dir paths / tokens) by the time they reach here — the endpoint and the
+ * CLI's `fail()` helper own that. This layer only persists and groups them.
+ *
+ * Backed by the `telemetry_reports` Postgres table when a database is
+ * configured; otherwise a bounded in-memory ring (dev / single-process).
+ */
+import type { Database } from './db/index.js';
+export interface TelemetryReport {
+    receivedAt: string;
+    /** Hashed client IP (never the raw address). */
+    clientIp: string;
+    cliVersion: string;
+    platform: string;
+    nodeVersion: string;
+    command: string;
+    errorMessage: string;
+    stack: string;
+    /** Hash of (command + normalized message) — groups duplicate failures. */
+    fingerprint: string;
+}
+/** A group of reports sharing a fingerprint, for the admin view. */
+export interface TelemetryGroup {
+    fingerprint: string;
+    count: number;
+    lastSeen: string;
+    command: string;
+    errorMessage: string;
+    cliVersion: string;
+    platform: string;
+}
+export interface TelemetryStore {
+    save(report: TelemetryReport): Promise<void>;
+    /** Most-recent reports grouped by fingerprint (most recent first). */
+    recentGrouped(limit: number): Promise<TelemetryGroup[]>;
+    prune(olderThanMs: number): Promise<void>;
+}
+export declare class InMemoryTelemetryStore implements TelemetryStore {
+    private reports;
+    save(report: TelemetryReport): Promise<void>;
+    recentGrouped(limit: number): Promise<TelemetryGroup[]>;
+    prune(olderThanMs: number): Promise<void>;
+}
+export declare class PgTelemetryStore implements TelemetryStore {
+    private db;
+    constructor(db: Database);
+    save(report: TelemetryReport): Promise<void>;
+    recentGrouped(limit: number): Promise<TelemetryGroup[]>;
+    prune(olderThanMs: number): Promise<void>;
+}

package/dist/cloud/telemetry-store.js

@@ -0,0 +1,108 @@
+/**
+ * Storage for CLI crash/error reports received at POST /api/telemetry/report.
+ *
+ * Reports are already validated, whitelisted, truncated, and stripped of PII
+ * (home-dir paths / tokens) by the time they reach here — the endpoint and the
+ * CLI's `fail()` helper own that. This layer only persists and groups them.
+ *
+ * Backed by the `telemetry_reports` Postgres table when a database is
+ * configured; otherwise a bounded in-memory ring (dev / single-process).
+ */
+import { randomBytes } from 'node:crypto';
+// ---------------------------------------------------------------------------
+// In-memory (dev / no database) — bounded ring
+// ---------------------------------------------------------------------------
+const MAX_INMEMORY_REPORTS = 1_000;
+export class InMemoryTelemetryStore {
+    reports = [];
+    async save(report) {
+        this.reports.push(report);
+        if (this.reports.length > MAX_INMEMORY_REPORTS) {
+            this.reports.splice(0, this.reports.length - MAX_INMEMORY_REPORTS);
+        }
+    }
+    async recentGrouped(limit) {
+        const groups = new Map();
+        // Iterate newest-first so each group keeps the latest sample fields.
+        for (let i = this.reports.length - 1; i >= 0; i--) {
+            const r = this.reports[i];
+            const existing = groups.get(r.fingerprint);
+            if (existing) {
+                existing.count++;
+                if (r.receivedAt > existing.lastSeen)
+                    existing.lastSeen = r.receivedAt;
+            }
+            else {
+                groups.set(r.fingerprint, {
+                    fingerprint: r.fingerprint,
+                    count: 1,
+                    lastSeen: r.receivedAt,
+                    command: r.command,
+                    errorMessage: r.errorMessage,
+                    cliVersion: r.cliVersion,
+                    platform: r.platform,
+                });
+            }
+        }
+        return [...groups.values()].sort((a, b) => (a.lastSeen < b.lastSeen ? 1 : -1)).slice(0, limit);
+    }
+    async prune(olderThanMs) {
+        const cutoff = Date.now() - olderThanMs;
+        this.reports = this.reports.filter((r) => Date.parse(r.receivedAt) >= cutoff);
+    }
+}
+// ---------------------------------------------------------------------------
+// Postgres
+// ---------------------------------------------------------------------------
+export class PgTelemetryStore {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    async save(report) {
+        await this.db.query(`INSERT INTO telemetry_reports
+         (id, received_at, client_ip, cli_version, platform, node_version,
+          command, error_message, stack, fingerprint)
+       VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)`, [
+            randomBytes(16).toString('hex'),
+            report.receivedAt,
+            report.clientIp,
+            report.cliVersion,
+            report.platform,
+            report.nodeVersion,
+            report.command,
+            report.errorMessage,
+            report.stack,
+            report.fingerprint,
+        ]);
+    }
+    async recentGrouped(limit) {
+        const { rows } = await this.db.query(`SELECT fingerprint,
+              count(*)                                              AS count,
+              max(received_at)                                      AS last_seen,
+              (array_agg(command       ORDER BY received_at DESC))[1] AS command,
+              (array_agg(error_message ORDER BY received_at DESC))[1] AS error_message,
+              (array_agg(cli_version   ORDER BY received_at DESC))[1] AS cli_version,
+              (array_agg(platform      ORDER BY received_at DESC))[1] AS platform
+       FROM telemetry_reports
+       GROUP BY fingerprint
+       ORDER BY last_seen DESC
+       LIMIT $1`, [limit]);
+        return rows.map((row) => {
+            const lastSeen = row.last_seen;
+            return {
+                fingerprint: String(row.fingerprint ?? ''),
+                count: typeof row.count === 'number' ? row.count : Number(row.count ?? 0),
+                lastSeen: typeof lastSeen === 'string' ? lastSeen : new Date(lastSeen).toISOString(),
+                command: String(row.command ?? ''),
+                errorMessage: String(row.error_message ?? ''),
+                cliVersion: String(row.cli_version ?? ''),
+                platform: String(row.platform ?? ''),
+            };
+        });
+    }
+    async prune(olderThanMs) {
+        const cutoff = new Date(Date.now() - olderThanMs).toISOString();
+        await this.db.query('DELETE FROM telemetry_reports WHERE received_at < $1', [cutoff]);
+    }
+}