payment-kit 1.13.106 → 1.13.107

package/api/hooks/pre-flight.js

@@ -0,0 +1,12 @@
+/* eslint-disable global-require */
+
+const isDevelopment = process.env.BLOCKLET_MODE === 'development';
+
+if (isDevelopment) {
+  // rename `require` to skip deps resolve when bundling
+  const r = require;
+  r('ts-node').register();
+  r('../src/hooks/pre-flight');
+} else {
+  require('../dist/hooks/pre-flight');
+}

package/api/src/hooks/pre-flight.ts

@@ -0,0 +1,18 @@
+import '@blocklet/sdk/lib/error-handler';
+
+import dotenv from 'dotenv-flow';
+
+import { ensureSqliteBinaryFile } from '../libs/hooks';
+
+dotenv.config({ silent: true });
+
+(async () => {
+  try {
+    await ensureSqliteBinaryFile();
+    await import('../store/migrate').then((m) => m.default());
+    process.exit(0);
+  } catch (err) {
+    console.error('pre-flight error', err.message);
+    process.exit(1);
+  }
+})();

package/api/src/hooks/pre-start.ts

@@ -2,20 +2,19 @@ import '@blocklet/sdk/lib/error-handler';
 
 import dotenv from 'dotenv-flow';
 
-import { ensureSqliteBinaryFile } from '../libs/hooks';
-import logger from '../libs/logger';
+import { initPaywallResources } from '../libs/resource';
+import { initialize } from '../store/models';
+import { sequelize } from '../store/sequelize';
 
-dotenv.config();
-
-const { name } = require('../../../package.json');
+dotenv.config({ silent: true });
 
 (async () => {
   try {
-    await ensureSqliteBinaryFile();
-    await import('../store/migrate').then((m) => m.default());
+    initialize(sequelize);
+    await initPaywallResources();
     process.exit(0);
   } catch (err) {
-    logger.error(`${name} pre-start error`, err.message);
+    console.error('pre-start error', err.message);
     process.exit(1);
   }
 })();

package/api/src/integrations/blocklet/passport.ts

@@ -137,3 +137,12 @@ export async function ensurePassportRevoked(subscription: Subscription) {
     merge(info, { did: checkoutSession.customer_did, passports })
   );
 }
+
+export async function updatePassportExtra(name: string, updates: any) {
+  const { role } = await blocklet.getRole(name);
+  if (!role) {
+    throw new Error(`passport ${name} not found`);
+  }
+  const result = await blocklet.updateRole(name, { extra: JSON.stringify(merge(role.extra, updates)) });
+  return result.role;
+}

package/api/src/libs/hooks.ts

@@ -1,23 +1,20 @@
+/* eslint-disable no-console */
 import { spawnSync } from 'child_process';
 import { chmodSync, existsSync, mkdirSync, symlinkSync } from 'fs';
 import { dirname, join } from 'path';
 
-import logger from './logger';
-
-const { name } = require('../../../package.json');
-
 // eslint-disable-next-line import/prefer-default-export
 export async function ensureSqliteBinaryFile() {
-  logger.info(`${name} ensure sqlite3 installed`);
+  console.info('ensure sqlite3 installed');
 
   try {
     await import('sqlite3');
-    logger.info(`${name} sqlite3 already installed`);
+    console.info('sqlite3 already installed');
     return;
   } catch {
     /* empty */
   }
-  logger.info(`${name} try install sqlite3`);
+  console.info('try install sqlite3');
 
   const appDir = process.env.BLOCKLET_APP_DIR!;
 
@@ -31,7 +28,7 @@ export async function ensureSqliteBinaryFile() {
       chmodSync(binPath, '755');
     }
   } catch (error) {
-    logger.warn(error.message);
+    console.warn(error.message);
   }
 
   spawnSync('npm', ['run', 'install'], {

package/api/src/libs/logger.ts

@@ -8,19 +8,12 @@ interface Logger {
   warn: (...args: any[]) => void;
 }
 
-const consoleLogger: Logger = {
-  debug: console.log,
-  info: console.log,
-  error: console.log,
-  warn: console.warn,
-};
-
 const init = (label: string): Logger => {
   const instance = createLogger(label || '');
   return instance;
 };
 
-const logger = process.env.BLOCKLET_ENV === 'production' ? consoleLogger : init('app');
+const logger = init('app');
 
 export default logger;
 

package/api/src/libs/resource.ts

@@ -0,0 +1,265 @@
+/* eslint-disable no-continue */
+/* eslint-disable no-await-in-loop */
+/* eslint-disable no-console */
+import fs from 'fs';
+import path from 'path';
+
+import { getPackResources, getResources } from '@blocklet/sdk/lib/component';
+import { env } from '@blocklet/sdk/lib/config';
+import { fromTokenToUnit } from '@ocap/util';
+
+import { updatePassportExtra } from '../integrations/blocklet/passport';
+import { replace } from '../locales';
+import { createPaymentLink } from '../routes/payment-links';
+import { createPrice } from '../routes/prices';
+import { createProductAndPrices } from '../routes/products';
+import { PaymentCurrency, Price, Product, nextPriceId } from '../store/models';
+
+export async function getPackResource(type: string) {
+  const resources = await getPackResources({
+    types: [
+      {
+        did: env.componentDid,
+        type,
+      },
+    ],
+  });
+
+  if (resources) {
+    return resources[0] || null;
+  }
+
+  return null;
+}
+
+export async function getResourcesByType(type: string) {
+  const pack = await getPackResource(type);
+  const resources = await getResources({ types: [{ did: env.componentDid, type }] });
+  return pack ? [pack, ...resources] : resources;
+}
+
+export async function initPaywallResources() {
+  const resources = await getResourcesByType('paywall');
+  if (!resources.length) {
+    console.info('No paywall resource found');
+    return;
+  }
+
+  // TODO: use schema validation
+  for (const resource of resources) {
+    const configPath = resource.path;
+    try {
+      console.info('try import paywall resource', resource);
+
+      const config: any = JSON.parse(
+        replace(fs.readFileSync(path.join(configPath!, 'config.json'), 'utf8'), {
+          ...env,
+          // @ts-ignore
+          monthPrice: resource.env?.MONTH_PRICE || '5',
+          // @ts-ignore
+          yearPrice: resource.env?.YEAR_PRICE || '30',
+        })
+      );
+      console.info('try import paywall config', config);
+
+      if (!Array.isArray(config.passports) || !config.passports.length) {
+        console.warn(`invalid paywall resource from ${configPath}: passport empty`);
+        continue;
+      }
+
+      if (!config.product) {
+        console.warn(`invalid paywall resource from ${configPath}: product empty`);
+        continue;
+      }
+      if (!config.product.price) {
+        console.warn(`invalid paywall resource from ${configPath}: product price empty`);
+        continue;
+      }
+
+      const metadata = { source: resource.did };
+      const currency = await PaymentCurrency.findOne({
+        where: { is_base_currency: true, livemode: config.product.livemode },
+      });
+      if (!currency) {
+        console.warn(`invalid paywall resource from ${configPath}: base currency not found`);
+        continue;
+      }
+
+      const exist = await Product.findOne({
+        where: { 'metadata.source': resource.did },
+        include: [{ model: Price, as: 'prices', order: [['created_at', 'DESC']] }],
+      });
+      if (exist) {
+        console.warn(`paywall resource already imported from path: ${configPath}`);
+
+        // @ts-ignore
+        const monthPrice = exist.prices.find(
+          // @ts-ignore
+          (price) =>
+            price.nickname === 'monthly-member-price' &&
+            price.unit_amount === fromTokenToUnit(config.product.price.month, currency.decimal).toString()
+        );
+        // @ts-ignore
+        const yearPrice = exist.prices.find(
+          // @ts-ignore
+          (price) =>
+            price.nickname === 'yearly-member-price' &&
+            price.unit_amount === fromTokenToUnit(config.product.price.year, currency.decimal).toString()
+        );
+
+        let newMonthPriceId = '';
+        if (!monthPrice) {
+          newMonthPriceId = nextPriceId();
+          await createPrice({
+            id: newMonthPriceId,
+            product_id: exist.id,
+            type: 'recurring',
+            model: 'standard',
+            nickname: 'monthly-member-price',
+            unit_amount: +config.product.price.month,
+            currency_id: currency.id,
+            recurring: {
+              interval: 'month',
+              interval_count: 1,
+              usage_type: 'licensed',
+            },
+            metadata,
+          });
+          console.warn(`paywall resource month price recreated from path: ${configPath}`);
+        }
+
+        let newYearPriceId = '';
+        if (!yearPrice) {
+          newYearPriceId = nextPriceId();
+          await createPrice({
+            id: newYearPriceId,
+            product_id: exist.id,
+            type: 'recurring',
+            model: 'standard',
+            nickname: 'yearly-member-price',
+            unit_amount: +config.product.price.year,
+            currency_id: currency.id,
+            recurring: {
+              interval: 'year',
+              interval_count: 1,
+              usage_type: 'licensed',
+            },
+            metadata,
+          });
+          console.warn(`paywall resource year price recreated from path: ${configPath}`);
+        }
+
+        // update upsell relation
+        if (newYearPriceId) {
+          console.warn(`paywall resource upsell recreated from path: ${configPath}`);
+          if (newMonthPriceId) {
+            await Price.update({ upsell: { upsells_to_id: newYearPriceId } }, { where: { id: newMonthPriceId } });
+          } else {
+            await Price.update({ upsell: { upsells_to_id: newYearPriceId } }, { where: { id: monthPrice.id } });
+          }
+        }
+
+        // Create another payment link and redo updatePassportExtra
+        if (newMonthPriceId) {
+          await Product.update({ default_price_id: newMonthPriceId }, { where: { id: exist.id }, limit: 1 });
+
+          const link = await createPaymentLink({
+            name: `Paywall for membership of ${config.product.name}`,
+            livemode: config.product.livemode,
+            currency_id: currency.id,
+            line_items: [
+              {
+                price_id: newMonthPriceId,
+                quantity: 1,
+              },
+            ],
+            metadata,
+          });
+          console.info('payment link recreated for paywall resource', { link: link.id });
+
+          await Promise.all(
+            config.passports.map((x: string) =>
+              updatePassportExtra(x, {
+                payment: { product: exist.id },
+                acquire: { pay: link.id },
+              })
+            )
+          );
+          console.info('product and payment link reassociated with passport');
+        }
+      } else {
+        const monthPriceId = nextPriceId();
+        const yearPriceId = nextPriceId();
+
+        const product = await createProductAndPrices({
+          name: config.product.name,
+          type: 'service',
+          description: config.product.description,
+          livemode: config.product.livemode,
+          images: [],
+          features: [],
+          metadata,
+          prices: [
+            {
+              id: monthPriceId,
+              type: 'recurring',
+              model: 'standard',
+              nickname: 'monthly-member-price',
+              unit_amount: +config.product.price.month,
+              currency_id: currency.id,
+              recurring: {
+                interval: 'month',
+                interval_count: 1,
+                usage_type: 'licensed',
+              },
+              upsell: config.product.price.upsell ? { upsells_to_id: yearPriceId } : undefined,
+              metadata,
+            },
+            {
+              id: yearPriceId,
+              type: 'recurring',
+              model: 'standard',
+              nickname: 'yearly-member-price',
+              unit_amount: +config.product.price.year,
+              currency_id: currency.id,
+              recurring: {
+                interval: 'year',
+                interval_count: 1,
+                usage_type: 'licensed',
+              },
+              metadata,
+            },
+          ],
+        });
+        console.info('product created for paywall resource', { product: product.id });
+
+        const link = await createPaymentLink({
+          name: `Paywall for membership of ${config.product.name}`,
+          livemode: config.product.livemode,
+          currency_id: currency.id,
+          line_items: [
+            {
+              price_id: monthPriceId,
+              quantity: 1,
+            },
+          ],
+          metadata,
+        });
+        console.info('payment link created for paywall resource', { link: link.id });
+
+        await Promise.all(
+          config.passports.map((x: string) =>
+            updatePassportExtra(x, {
+              payment: { product: product.id },
+              acquire: { pay: link.id },
+            })
+          )
+        );
+        console.info('product and payment link associated with passport');
+      }
+      console.info(`paywall resource successfully imported from path: ${configPath}`);
+    } catch (err) {
+      console.error(`failed to import paywall resource from ${configPath}`, err);
+    }
+  }
+}

package/api/src/libs/util.ts

@@ -14,6 +14,8 @@ export const MAX_SUBSCRIPTION_ITEM_COUNT = 20;
 export const MAX_RETRY_COUNT = 20; // 2^20 seconds ~~ 12 days, total retry time: 24 days
 export const MIN_RETRY_MAIL = 13; // total retry time before sending first mail: 6 hours
 
+export const CHECKOUT_SESSION_TTL = 24 * 60 * 60; // expires in 24 hours
+
 export const STRIPE_API_VERSION = '2023-08-16';
 export const STRIPE_ENDPOINT: string = getUrl('/api/integrations/stripe/webhook');
 export const STRIPE_EVENTS: any[] = [

package/api/src/queues/checkout-session.ts

@@ -1,10 +1,71 @@
+/* eslint-disable no-await-in-loop */
+import { Op } from 'sequelize';
+
 import { mintNftForCheckoutSession } from '../integrations/blockchain/nft';
 import { ensurePassportIssued, ensurePassportRevoked } from '../integrations/blocklet/passport';
+import dayjs from '../libs/dayjs';
 import { events } from '../libs/event';
 import logger from '../libs/logger';
-import { CheckoutSession, Price, Subscription } from '../store/models';
+import createQueue from '../libs/queue';
+import {
+  CheckoutSession,
+  Invoice,
+  InvoiceItem,
+  PaymentIntent,
+  Price,
+  SetupIntent,
+  Subscription,
+  SubscriptionItem,
+} from '../store/models';
 import { subscriptionQueue } from './subscription';
 
+type CheckoutSessionJob = {
+  id: string;
+  action: 'expire';
+};
+
+export const checkoutSessionQueue = createQueue<CheckoutSessionJob>({
+  name: 'checkoutSession',
+  onJob: handleCheckoutSessionJob,
+  options: {
+    concurrency: 10,
+    maxRetries: 3,
+    enableScheduledJob: true,
+  },
+});
+
+export async function handleCheckoutSessionJob(job: CheckoutSessionJob): Promise<void> {
+  const checkoutSession = await CheckoutSession.findByPk(job.id);
+  if (!checkoutSession) {
+    return;
+  }
+  if (job.action === 'expire') {
+    if (checkoutSession.status !== 'open') {
+      return;
+    }
+    if (checkoutSession.payment_status === 'paid') {
+      logger.info('Skip expire CheckoutSession since payment status is paid', {
+        checkoutSession: checkoutSession.id,
+        paymentIntent: checkoutSession.payment_intent_id,
+      });
+      return;
+    }
+
+    const now = dayjs().unix();
+    if (checkoutSession.expires_at > now) {
+      checkoutSessionQueue.push({
+        id: checkoutSession.id,
+        job: { id: checkoutSession.id, action: 'expire' },
+        runAt: checkoutSession.expires_at,
+      });
+      return;
+    }
+
+    await checkoutSession.update({ status: 'expired' });
+    logger.info('CheckoutSession expired', { checkoutSession: checkoutSession.id });
+  }
+}
+
 // eslint-disable-next-line require-await
 export async function startCheckoutSessionQueue() {
   events.on('checkout.session.completed', (checkoutSession: CheckoutSession) => {
@@ -42,4 +103,83 @@ export async function startCheckoutSessionQueue() {
       runAt: subscription.current_period_end,
     });
   });
+
+  events.on('checkout.session.created', (checkoutSession: CheckoutSession) => {
+    if (checkoutSession.expires_at) {
+      checkoutSessionQueue.push({
+        id: checkoutSession.id,
+        job: { id: checkoutSession.id, action: 'expire' },
+        runAt: checkoutSession.expires_at,
+      });
+    }
+  });
+
+  events.on('checkout.session.expired', async (checkoutSession: CheckoutSession) => {
+    // Do some cleanup
+    if (checkoutSession.invoice_id) {
+      await InvoiceItem.destroy({ where: { invoice_id: checkoutSession.invoice_id } });
+      await Invoice.destroy({ where: { id: checkoutSession.invoice_id } });
+      logger.info('Invoice and InvoiceItem for checkout session deleted on expire', {
+        checkoutSession: checkoutSession.id,
+        invoice: checkoutSession.invoice_id,
+      });
+    }
+    if (checkoutSession.setup_intent_id) {
+      await SetupIntent.destroy({ where: { id: checkoutSession.setup_intent_id } });
+      logger.info('SetupIntent for checkout session deleted on expire', {
+        checkoutSession: checkoutSession.id,
+        setupIntent: checkoutSession.setup_intent_id,
+      });
+    }
+    if (checkoutSession.payment_intent_id && checkoutSession.payment_status !== 'paid') {
+      await PaymentIntent.destroy({ where: { id: checkoutSession.payment_intent_id } });
+      logger.info('PaymentIntent for checkout session deleted on expire', {
+        checkoutSession: checkoutSession.id,
+        paymentIntent: checkoutSession.payment_intent_id,
+      });
+    }
+    if (checkoutSession.subscription_id) {
+      await SubscriptionItem.destroy({ where: { subscription_id: checkoutSession.subscription_id } });
+      await Subscription.destroy({ where: { id: checkoutSession.subscription_id } });
+      logger.info('Subscription and SubscriptionItem for checkout session deleted on expire', {
+        checkoutSession: checkoutSession.id,
+        subscription: checkoutSession.subscription_id,
+      });
+    }
+
+    // update price lock status
+    for (const item of checkoutSession.line_items) {
+      const price = await Price.findByPk(item.price_id);
+      if (price?.locked) {
+        const used = await price.isUsed();
+        if (!used) {
+          await price.update({ locked: false });
+          logger.info('Price for checkout session unlocked on expire', {
+            checkoutSession: checkoutSession.id,
+            priceId: item.price_id,
+          });
+        }
+      }
+    }
+  });
+
+  // Auto populate subscription queue
+  const now = dayjs().unix();
+  const checkoutSessions = await CheckoutSession.findAll({
+    where: {
+      status: 'open',
+      expires_at: { [Op.lte]: now },
+    },
+  });
+
+  checkoutSessions.forEach(async (checkoutSession) => {
+    const exist = await checkoutSessionQueue.get(checkoutSession.id);
+    if (!exist) {
+      checkoutSessionQueue.push({
+        id: checkoutSession.id,
+        job: { id: checkoutSession.id, action: 'expire' },
+        runAt: checkoutSession.expires_at,
+      });
+    }
+  });
 }

package/api/src/routes/checkout-sessions.ts

@@ -33,7 +33,7 @@ import {
   isLineItemAligned,
 } from '../libs/session';
 import { getDaysUntilDue } from '../libs/subscription';
-import { createCodeGenerator, formatMetadata, getDataObjectFromQuery } from '../libs/util';
+import { CHECKOUT_SESSION_TTL, createCodeGenerator, formatMetadata, getDataObjectFromQuery } from '../libs/util';
 import { invoiceQueue } from '../queues/invoice';
 import { paymentQueue } from '../queues/payment';
 import { subscriptionQueue } from '../queues/subscription';
@@ -127,7 +127,7 @@ export const formatCheckoutSession = async (payload: any, throwOnEmptyItems = tr
   }
 
   if (!raw.expires_at) {
-    raw.expires_at = dayjs().unix() + 60 * 60 * 24; // 24 hours after creation
+    raw.expires_at = dayjs().unix() + CHECKOUT_SESSION_TTL; // 24 hours after creation
   }
 
   if (raw.nft_mint_settings?.enabled) {
@@ -924,6 +924,16 @@ router.put('/:id/downsell', user, ensureCheckoutSessionOpen, async (req, res) =>
 router.put('/:id/expire', auth, ensureCheckoutSessionOpen, async (req, res) => {
   const doc = req.doc as CheckoutSession;
 
+  if (doc.status === 'complete') {
+    return res.status(400).json({ error: 'Cannot expire checkout session that is already completed' });
+  }
+  if (doc.status === 'expired') {
+    return res.status(400).json({ error: 'Cannot expire checkout session that is already expired' });
+  }
+  if (doc.payment_status === 'paid') {
+    return res.status(400).json({ error: 'Cannot expire checkout session that is already paid' });
+  }
+
   await doc.update({ status: 'expired', expires_at: dayjs().unix() });
 
   res.json(doc);

package/api/src/routes/passports.ts

@@ -1,6 +1,6 @@
 import { Router } from 'express';
-import merge from 'lodash/merge';
 
+import { updatePassportExtra } from '../integrations/blocklet/passport';
 import { blocklet } from '../libs/auth';
 import { authenticate } from '../libs/security';
 import { PaymentLink, PricingTable, Product } from '../store/models';
@@ -13,15 +13,6 @@ router.get('/', auth, async (_, res) => {
   res.json(result.roles);
 });
 
-const updateRoleExtra = async (name: string, updates: any) => {
-  const { role } = await blocklet.getRole(name);
-  if (!role) {
-    throw new Error(`passport ${name} not found`);
-  }
-  const result = await blocklet.updateRole(name, { extra: JSON.stringify(merge(role.extra, updates)) });
-  return result.role;
-};
-
 router.put('/assign', auth, async (req, res) => {
   const { name, id } = req.body;
 
@@ -38,7 +29,7 @@ router.put('/assign', auth, async (req, res) => {
       return res.status(400).json({ message: 'payment link is not active' });
     }
 
-    const result = await updateRoleExtra(name, { acquire: { pay: id } });
+    const result = await updatePassportExtra(name, { acquire: { pay: id } });
     return res.json(result);
   }
 
@@ -48,7 +39,7 @@ router.put('/assign', auth, async (req, res) => {
       return res.status(400).json({ message: 'pricing table is not active' });
     }
 
-    const result = await updateRoleExtra(name, { acquire: { pay: id } });
+    const result = await updatePassportExtra(name, { acquire: { pay: id } });
     return res.json(result);
   }
 
@@ -59,7 +50,7 @@ router.put('/assign', auth, async (req, res) => {
     }
 
     await doc.update({ metadata: { ...doc.metadata, passport: name } });
-    const result = await updateRoleExtra(name, { payment: { product: id } });
+    const result = await updatePassportExtra(name, { payment: { product: id } });
     return res.json(result);
   }
 
@@ -67,7 +58,10 @@ router.put('/assign', auth, async (req, res) => {
 });
 
 router.delete('/assign/:name', auth, async (req, res) => {
-  const result = await updateRoleExtra(req.params.name as string, { payment: { product: '' }, acquire: { pay: '' } });
+  const result = await updatePassportExtra(req.params.name as string, {
+    payment: { product: '' },
+    acquire: { pay: '' },
+  });
   return res.json(result);
 });