payment-kit 1.18.29 → 1.18.31

package/api/src/routes/connect/subscribe.ts

@@ -8,9 +8,9 @@ import { getFastCheckoutAmount } from '../../libs/session';
 import { getTxMetadata } from '../../libs/util';
 import { invoiceQueue } from '../../queues/invoice';
 import { addSubscriptionJob } from '../../queues/subscription';
-import type { Invoice, TLineItemExpanded } from '../../store/models';
+import type { Invoice, Subscription, TLineItemExpanded } from '../../store/models';
 import {
-  ensureInvoiceForCheckout,
+  ensureInvoicesForSubscriptions,
   ensurePaymentIntent,
   executeOcapTransactions,
   getAuthPrincipalClaim,
@@ -20,6 +20,14 @@ import {
 import { ensureStakeInvoice } from '../../libs/invoice';
 import { EVM_CHAIN_TYPES } from '../../libs/constants';
 
+const updateInvoices = async (invoices: Invoice[], update: Partial<Invoice>) => {
+  await Promise.all(invoices.map((invoice) => invoice.update(update)));
+};
+
+const updateSubscriptions = async (subscriptions: Subscription[], update: Partial<Subscription>) => {
+  await Promise.all(subscriptions.map((subscription) => subscription.update(update)));
+};
+
 export default {
   action: 'subscription',
   authPrincipal: false,
@@ -33,12 +41,16 @@ export default {
   onConnect: async (args: CallbackArgs) => {
     const { userDid, userPk, extraParams } = args;
     const { checkoutSessionId, connectedDid, sessionUserDid } = extraParams;
-    const { checkoutSession, paymentMethod, paymentCurrency, subscription, customer } = await ensurePaymentIntent(
-      checkoutSessionId,
-      connectedDid || sessionUserDid || userDid
-    );
-    if (!subscription) {
-      throw new Error('Subscription for checkoutSession not found');
+    const {
+      checkoutSession,
+      paymentMethod,
+      paymentCurrency,
+      subscriptions,
+      customer,
+      subscription: primarySubscription,
+    } = await ensurePaymentIntent(checkoutSessionId, connectedDid || sessionUserDid || userDid);
+    if (!subscriptions || subscriptions.length === 0) {
+      throw new Error('No subscriptions found for checkoutSession');
     }
 
     const now = dayjs().unix();
@@ -52,6 +64,8 @@ export default {
     const minStakeAmount = Number(checkoutSession.subscription_data?.min_stake_amount || 0);
     const fastCheckoutAmount = getFastCheckoutAmount(items, checkoutSession.mode, paymentCurrency.id, trialing);
     const claimsList: any[] = [];
+
+    const allSubscriptionIds = subscriptions.map((sub) => sub.id);
     if (paymentMethod.type === 'arcblock') {
       const delegation = await isDelegationSufficientForPayment({
         paymentMethod,
@@ -61,14 +75,19 @@ export default {
       });
 
       // if we can complete purchase without any wallet interaction
-      if (delegation.sufficient === false) {
+      // we forced to delegate if we can skip stake
+      if (delegation.sufficient === false || checkoutSession.subscription_data?.no_stake) {
         claimsList.push({
           signature: await getDelegationTxClaim({
             mode: checkoutSession.mode,
             userDid,
             userPk,
             nonce: checkoutSession.id,
-            data: getTxMetadata({ subscriptionId: subscription.id, checkoutSessionId }),
+            data: getTxMetadata({
+              subscriptionId: primarySubscription?.id,
+              subscriptionIds: allSubscriptionIds,
+              checkoutSessionId,
+            }),
             paymentCurrency,
             paymentMethod,
             trialing,
@@ -78,17 +97,19 @@ export default {
         });
       }
 
-      // we always need to stake for the subscription
-      claimsList.push({
-        prepareTx: await getStakeTxClaim({
-          userDid,
-          userPk,
-          paymentCurrency,
-          paymentMethod,
-          items,
-          subscription,
-        }),
-      });
+      if (!checkoutSession.subscription_data?.no_stake) {
+        claimsList.push({
+          prepareTx: await getStakeTxClaim({
+            userDid,
+            userPk,
+            paymentCurrency,
+            paymentMethod,
+            items,
+            subscription: primarySubscription as Subscription,
+            subscriptions,
+          }),
+        });
+      }
 
       return claimsList;
     }
@@ -104,7 +125,11 @@ export default {
           userDid,
           userPk,
           nonce: checkoutSession.id,
-          data: getTxMetadata({ subscriptionId: subscription.id, checkoutSessionId }),
+          data: getTxMetadata({
+            subscriptionId: primarySubscription?.id,
+            subscriptionIds: allSubscriptionIds,
+            checkoutSessionId,
+          }),
           paymentCurrency,
           paymentMethod,
           trialing,
@@ -121,7 +146,7 @@ export default {
   onAuth: async (args: CallbackArgs) => {
     const { request, userDid, userPk, claims, extraParams, updateSession, step } = args;
     const { checkoutSessionId, connectedDid, sessionUserDid } = extraParams;
-    const { checkoutSession, customer, paymentMethod, subscription, paymentCurrency } = await ensurePaymentIntent(
+    const { checkoutSession, customer, paymentMethod, subscriptions, paymentCurrency } = await ensurePaymentIntent(
       checkoutSessionId,
       connectedDid || sessionUserDid || userDid
     );
@@ -134,7 +159,9 @@ export default {
       },
     });
     const staking = result.find((x: any) => x.claim?.type === 'prepareTx' && x.claim?.meta?.purpose === 'staking');
-    const isFinalStep = (paymentMethod.type === 'arcblock' && staking) || paymentMethod.type !== 'arcblock';
+    const isFinalStep =
+      (paymentMethod.type === 'arcblock' && (staking || checkoutSession.subscription_data?.no_stake)) ||
+      paymentMethod.type !== 'arcblock';
     if (!isFinalStep) {
       await updateSession({
         result,
@@ -151,10 +178,11 @@ export default {
       });
     }
     const claimsList = result.map((x: any) => x.claim);
-
-    if (!subscription) {
-      throw new Error('Subscription for checkoutSession not found');
+    if (!subscriptions || subscriptions.length === 0) {
+      throw new Error('No subscriptions found for checkoutSession');
     }
+    const primarySubscription = subscriptions[0] as Subscription;
+
     const paymentSettings = {
       payment_method_types: [paymentMethod.type],
       payment_method_options: {
@@ -162,31 +190,44 @@ export default {
       },
     };
     const prepareTxExecution = async () => {
-      await subscription.update({
-        payment_settings: paymentSettings,
-      });
+      await updateSubscriptions(subscriptions, { payment_settings: paymentSettings });
     };
 
-    const afterTxExecution = async (invoice: Invoice, paymentDetails: any) => {
-      await subscription.update({ payment_details: { [paymentMethod.type]: paymentDetails } });
-      if (invoice) {
-        invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
+    const afterTxExecution = async (invoices: Invoice[], paymentDetails: Record<string, any>) => {
+      await updateSubscriptions(subscriptions, { payment_details: { [paymentMethod.type]: paymentDetails } });
+
+      for (const invoice of invoices) {
+        if (invoice) {
+          invoiceQueue.pushAndWait({ id: invoice.id, job: { invoiceId: invoice.id, retryOnError: false } });
+        }
       }
-      await addSubscriptionJob(subscription, 'cycle', false, subscription.trial_end);
-      logger.info('CheckoutSession updated on subscription done', {
+
+      await Promise.all(
+        subscriptions.map((subscription) => addSubscriptionJob(subscription, 'cycle', false, subscription.trial_end))
+      );
+
+      logger.info('CheckoutSession updated with multiple subscriptions', {
         checkoutSession: checkoutSession.id,
-        subscription: subscription.id,
+        subscriptionIds: subscriptions.map((s) => s.id),
         paymentDetails,
       });
     };
 
     if (paymentMethod.type === 'arcblock') {
       await prepareTxExecution();
-      const { invoice } = await ensureInvoiceForCheckout({ checkoutSession, customer, subscription });
-      if (invoice) {
-        await invoice.update({ payment_settings: paymentSettings });
+
+      const { invoices } = await ensureInvoicesForSubscriptions({
+        checkoutSession,
+        customer,
+        subscriptions,
+      });
+
+      if (invoices.length === 0) {
+        throw new Error('No invoices found for subscriptions');
       }
 
+      await updateInvoices(invoices, { payment_settings: paymentSettings });
+
       const requestArray = result
         .map((item: { stepRequest?: Request }) => item.stepRequest)
         .filter(Boolean) as Request[];
@@ -199,40 +240,58 @@ export default {
         claimsList,
         paymentMethod,
         requestSource,
-        subscription?.id,
-        paymentCurrency?.contract
+        primarySubscription?.id, // use the primary subscription id
+        paymentCurrency?.contract,
+        subscriptions.map((s) => s.id).join('-') // use all subscription ids as nonce
       );
-      await ensureStakeInvoice(
-        {
-          total: stakingAmount,
-          description: 'Stake for subscription',
-          checkout_session_id: checkoutSessionId,
-          currency_id: paymentCurrency.id,
-          metadata: {
-            payment_details: {
-              arcblock: {
-                tx_hash: paymentDetails?.staking?.tx_hash,
-                payer: paymentDetails?.payer,
-                address: paymentDetails?.staking?.address,
+
+      // create a stake invoice
+      if (stakingAmount && stakingAmount !== '0') {
+        await ensureStakeInvoice(
+          {
+            total: stakingAmount,
+            description: 'Stake for subscription',
+            checkout_session_id: checkoutSessionId,
+            currency_id: paymentCurrency.id,
+            metadata: {
+              payment_details: {
+                arcblock: {
+                  tx_hash: paymentDetails?.staking?.tx_hash,
+                  payer: paymentDetails?.payer,
+                  address: paymentDetails?.staking?.address,
+                },
               },
+              subscription_ids: subscriptions.map((s) => s.id),
+              is_group_stake: subscriptions.length > 1,
             },
           },
-        },
-        subscription,
-        paymentMethod,
-        customer
-      );
-      await afterTxExecution(invoice!, paymentDetails);
+          primarySubscription,
+          paymentMethod,
+          customer,
+          subscriptions
+        );
+      }
+
+      await afterTxExecution(invoices, paymentDetails);
 
       return { hash: paymentDetails.tx_hash };
     }
 
     if (EVM_CHAIN_TYPES.includes(paymentMethod.type)) {
       await prepareTxExecution();
-      const { invoice } = await ensureInvoiceForCheckout({ checkoutSession, customer, subscription });
-      if (invoice) {
-        await invoice.update({ payment_settings: paymentSettings });
+
+      const { invoices } = await ensureInvoicesForSubscriptions({
+        checkoutSession,
+        customer,
+        subscriptions,
+      });
+
+      if (invoices.length === 0) {
+        throw new Error('No invoices found for subscriptions');
       }
+
+      await updateInvoices(invoices, { payment_settings: paymentSettings });
+
       broadcastEvmTransaction(checkoutSessionId, 'pending', claimsList);
 
       const paymentDetails = await executeEvmTransaction('approve', userDid, claimsList, paymentMethod);
@@ -242,7 +301,7 @@ export default {
         paymentMethod.confirmation.block
       )
         .then(async () => {
-          await afterTxExecution(invoice!, paymentDetails);
+          await afterTxExecution(invoices, paymentDetails);
           broadcastEvmTransaction(checkoutSessionId, 'confirmed', claimsList);
         })
         .catch(console.error);

package/api/src/routes/payment-currencies.ts

@@ -215,6 +215,10 @@ router.put('/:id/deposit-vault', auth, async (req, res) => {
   if (!paymentCurrency) {
     return res.status(404).json({ error: 'Payment currency not found' });
   }
+  const vaultAddress = await getVaultAddress();
+  if (!vaultAddress) {
+    return res.status(400).json({ error: 'Vault address not found' });
+  }
   depositVaultQueue.push({
     id: `deposit-vault-${paymentCurrency.id}`,
     job: { currencyId: paymentCurrency.id },
@@ -239,6 +243,7 @@ const UpdateVaultConfigSchema = Joi.object({
   enabled: Joi.boolean().required(),
   deposit_threshold: Joi.number().greater(0).required(),
   withdraw_threshold: Joi.number().min(0).required(),
+  buffer_threshold: Joi.number().min(0).required(),
 });
 router.put('/:id/vault-config', authOwner, async (req, res) => {
   try {
@@ -254,11 +259,17 @@ router.put('/:id/vault-config', authOwner, async (req, res) => {
       return res.status(404).json({ error: 'payment currency not found' });
     }
 
+    const vaultAddress = await getVaultAddress();
+    if (!vaultAddress) {
+      return res.status(400).json({ error: 'Vault address not found' });
+    }
+
     const updateData: Partial<TPaymentCurrency> = {
       vault_config: {
         enabled: vaultConfig.enabled,
         deposit_threshold: fromTokenToUnit(vaultConfig.deposit_threshold, paymentCurrency.decimal).toString(),
         withdraw_threshold: fromTokenToUnit(vaultConfig.withdraw_threshold, paymentCurrency.decimal).toString(),
+        buffer_threshold: fromTokenToUnit(vaultConfig.buffer_threshold || 0, paymentCurrency.decimal).toString(),
       },
     };
 

package/api/src/routes/payment-links.ts

@@ -51,6 +51,7 @@ const formatBeforeSave = (payload: any) => {
       cross_sell_behavior: 'auto',
       payment_intent_data: null,
       donation_settings: null,
+      enable_subscription_grouping: false,
     },
     pick(payload, [
       'name',
@@ -71,8 +72,15 @@ const formatBeforeSave = (payload: any) => {
       'cross_sell_behavior',
       'donation_settings',
       'metadata',
+      'enable_subscription_grouping',
     ])
   );
+
+  // TODO: need to support stake subscription
+  if (raw.enable_subscription_grouping === true && !raw.subscription_data?.no_stake) {
+    throw new Error('Subscription grouping is only supported for stake-free subscriptions');
+  }
+
   if (raw.after_completion?.type === 'hosted_confirmation') {
     // @ts-ignore
     raw.after_completion.redirect = null;
@@ -83,7 +91,7 @@ const formatBeforeSave = (payload: any) => {
   }
   if (typeof payload.include_free_trial === 'boolean' && !payload.include_free_trial) {
     // @ts-ignore
-    raw.subscription_data = null;
+    raw.subscription_data.trial_period_days = 0;
   }
 
   if (raw.nft_mint_settings?.enabled) {
@@ -181,6 +189,7 @@ const PaymentLinkCreateSchema = Joi.object({
     .min(0)
     .optional(),
   allow_promotion_codes: Joi.boolean().optional(),
+  enable_subscription_grouping: Joi.boolean().optional(),
   nft_mint_settings: Joi.object({
     enabled: Joi.boolean().required(),
     factory: Joi.string().max(40).empty('').optional(),
@@ -310,6 +319,7 @@ const PaymentLinkUpdateSchema = Joi.object({
     .min(0)
     .optional(),
   allow_promotion_codes: Joi.boolean().optional(),
+  enable_subscription_grouping: Joi.boolean().optional(),
   nft_mint_settings: Joi.object({
     enabled: Joi.boolean().required(),
     factory: Joi.string().max(40).empty('').optional(),

package/api/src/routes/payment-stats.ts

@@ -1,6 +1,6 @@
 import { Router } from 'express';
 import Joi from 'joi';
-import { Op } from 'sequelize';
+import { Op, type WhereOptions } from 'sequelize';
 import { joinURL } from 'ufo';
 
 import { getPaymentStat } from '../crons/payment-stat';
@@ -33,7 +33,7 @@ const schema = createListParamSchema<{ currency_id?: string; start?: number; end
 });
 router.get('/', auth, async (req, res) => {
   const { page, pageSize, ...query } = await schema.validateAsync(req.query, { stripUnknown: true });
-  const where: any = {};
+  const where: WhereOptions = {};
 
   if (typeof query.livemode === 'boolean') {
     where.livemode = query.livemode;

package/api/src/routes/payouts.ts

@@ -4,6 +4,7 @@ import Joi from 'joi';
 import pick from 'lodash/pick';
 
 import sessionMiddleware from '@blocklet/sdk/lib/middlewares/session';
+import type { WhereOptions } from 'sequelize';
 import { createListParamSchema, getOrder, getWhereFromKvQuery, MetadataSchema } from '../libs/api';
 import { authenticate } from '../libs/security';
 import { formatMetadata } from '../libs/util';
@@ -136,7 +137,7 @@ router.get('/mine', sessionMiddleware(), async (req, res) => {
       throw new Error(`Customer not found: ${req.user?.did}`);
     }
 
-    const where: any = { customer_id: customer.id };
+    const where: WhereOptions = { customer_id: customer.id };
     if (currencyId) {
       where.currency_id = currencyId;
     }

package/api/src/routes/settings.ts

@@ -171,6 +171,18 @@ router.post('/', async (req, res) => {
         raw.settings.amount = settings.amount;
       }
     }
+    if (type === 'notification') {
+      const notificationSchema = Joi.object({
+        self_handle: Joi.boolean().required().default(false),
+        include_events: Joi.array().items(Joi.string()).optional(),
+        exclude_events: Joi.array().items(Joi.string()).optional(),
+      });
+      const { error: notificationError, value: notificationSettings } = notificationSchema.validate(settings);
+      if (notificationError) {
+        return res.status(400).json({ error: notificationError.message });
+      }
+      raw.settings = notificationSettings;
+    }
     const exist = await Setting.findOne({
       where: {
         type,
@@ -251,6 +263,18 @@ router.put('/:mountLocationOrId', authAdmin, async (req, res) => {
         raw.settings.amount = settings.amount;
       }
     }
+    if (setting.type === 'notification') {
+      const notificationSchema = Joi.object({
+        self_handle: Joi.boolean().required().default(false),
+        include_events: Joi.array().items(Joi.string()).optional(),
+        exclude_events: Joi.array().items(Joi.string()).optional(),
+      });
+      const { error: notificationError, value: notificationSettings } = notificationSchema.validate(settings);
+      if (notificationError) {
+        return res.status(400).json({ error: notificationError.message });
+      }
+      raw.settings = notificationSettings;
+    }
     const doc = await setting.update(raw);
     return res.json(doc);
   } catch (err) {
@@ -284,4 +308,25 @@ router.delete('/:mountLocationOrId', authAdmin, async (req, res) => {
   }
 });
 
+router.get('/:mountLocationOrId', authAdmin, async (req, res) => {
+  try {
+    const setting = await Setting.findOne({
+      where: {
+        [Op.or]: [
+          {
+            id: req.params.mountLocationOrId,
+          },
+          {
+            mount_location: req.params.mountLocationOrId,
+          },
+        ],
+      },
+    });
+    return res.json(setting);
+  } catch (err) {
+    logger.error(err);
+    return res.status(400).json({ error: err.message });
+  }
+});
+
 export default router;

package/api/src/routes/subscriptions.ts

@@ -15,12 +15,11 @@ import dayjs from '../libs/dayjs';
 import logger from '../libs/logger';
 import { isDelegationSufficientForPayment } from '../libs/payment';
 import { authenticate } from '../libs/security';
-import { expandLineItems, getFastCheckoutAmount, isLineItemAligned } from '../libs/session';
+import { expandLineItems, getFastCheckoutAmount, getSubscriptionCreateSetup, isLineItemAligned } from '../libs/session';
 import {
   createProration,
   finalizeSubscriptionUpdate,
   getPastInvoicesAmount,
-  getSubscriptionCreateSetup,
   getSubscriptionPaymentAddress,
   getSubscriptionRefundSetup,
   getSubscriptionStakeReturnSetup,

package/api/src/store/migrations/20250408-subscription-grouping.ts

@@ -0,0 +1,39 @@
+import { DataTypes } from 'sequelize';
+
+import { Migration, safeApplyColumnChanges } from '../migrate';
+
+export const up: Migration = async ({ context }) => {
+  await safeApplyColumnChanges(context, {
+    checkout_sessions: [
+      {
+        name: 'enable_subscription_grouping',
+        field: {
+          type: DataTypes.BOOLEAN,
+          defaultValue: false,
+        },
+      },
+      {
+        name: 'subscription_groups',
+        field: {
+          type: DataTypes.JSON,
+          allowNull: true,
+        },
+      },
+    ],
+    payment_links: [
+      {
+        name: 'enable_subscription_grouping',
+        field: {
+          type: DataTypes.BOOLEAN,
+          defaultValue: false,
+        },
+      },
+    ],
+  });
+};
+
+export const down: Migration = async ({ context }) => {
+  await context.removeColumn('checkout_sessions', 'enable_subscription_grouping');
+  await context.removeColumn('checkout_sessions', 'subscription_groups');
+  await context.removeColumn('payment_links', 'enable_subscription_grouping');
+};

package/api/src/store/migrations/20250419-subscription-grouping.ts

@@ -0,0 +1,69 @@
+import { DataTypes, QueryTypes } from 'sequelize';
+import { Migration, safeApplyColumnChanges } from '../migrate';
+
+export const up: Migration = async ({ context }) => {
+  try {
+    // 添加 success_subscription_count 字段
+    await safeApplyColumnChanges(context, {
+      checkout_sessions: [
+        {
+          name: 'success_subscription_count',
+          field: {
+            type: DataTypes.INTEGER,
+            defaultValue: 0,
+          },
+        },
+      ],
+    });
+
+    const sessions = (await context.sequelize.query(
+      `SELECT id, subscription_id, subscription_groups 
+     FROM checkout_sessions 
+     WHERE payment_status = 'paid' AND (mode = 'subscription' OR mode = 'setup')`,
+      { type: QueryTypes.SELECT }
+    )) as any[];
+
+    if (sessions.length > 0) {
+      // 收集更新数据
+      const updates: { id: string; count: number }[] = [];
+      for (const session of sessions) {
+        let count = 0;
+        if (session.subscription_groups) {
+          try {
+            const groups = JSON.parse(session.subscription_groups);
+            count = Object.keys(groups).length;
+          } catch (e) {
+            console.warn(`Failed to parse subscription_groups for session ${session.id}`);
+          }
+        }
+
+        if (count === 0 && session.subscription_id) {
+          count = 1;
+        }
+
+        if (count > 0) {
+          updates.push({ id: session.id, count });
+        }
+      }
+
+      // 使用事务确保原子性
+      await context.sequelize.transaction(async (t) => {
+        for (const update of updates) {
+          // eslint-disable-next-line no-await-in-loop
+          await context.sequelize.query('UPDATE checkout_sessions SET success_subscription_count = ? WHERE id = ?', {
+            replacements: [update.count, update.id],
+            transaction: t,
+            type: QueryTypes.UPDATE,
+          });
+        }
+      });
+    }
+  } catch (error) {
+    console.error('Migration failed:', error);
+    throw error;
+  }
+};
+
+export const down: Migration = async ({ context }) => {
+  await context.removeColumn('checkout_sessions', 'success_subscription_count');
+};