payment-kit 1.19.23 → 1.20.0

package/api/src/integrations/stripe/resource.ts

@@ -732,6 +732,16 @@ export async function createStripeInvoiceForAutoRecharge(params: {
     // Ensure stripe customer exists
     const stripeCustomer = await ensureStripeCustomer(customer, paymentMethod);
 
+    if (invoice.metadata?.stripe_id) {
+      const existInvoice = await client.invoices.retrieve(invoice.metadata?.stripe_id);
+      if (existInvoice) {
+        logger.info('Stripe invoice already exists, skipping', {
+          localInvoiceId: invoice.id,
+        });
+        return existInvoice;
+      }
+    }
+
     const stripeInvoice = await client.invoices.create({
       customer: stripeCustomer.id,
       currency: currency.symbol.toLowerCase(),
@@ -751,6 +761,18 @@ export async function createStripeInvoiceForAutoRecharge(params: {
       customerId: customer.id,
     });
 
+    await invoice.update({
+      metadata: {
+        ...invoice.metadata,
+        stripe_id: stripeInvoice.id,
+      },
+    });
+
+    logger.info('Stripe invoice updated', {
+      localInvoiceId: invoice.id,
+      stripeInvoiceId: stripeInvoice.id,
+    });
+
     // Create invoice items from local invoice items
     const invoiceItems = await InvoiceItem.findAll({ where: { invoice_id: invoice.id } });
     for (const item of invoiceItems) {
@@ -759,7 +781,7 @@ export async function createStripeInvoiceForAutoRecharge(params: {
         continue;
       }
       const stripePrice = await ensureStripePrice(price as Price, paymentMethod, currency);
-      await client.invoiceItems.create({
+      const stripeInvoiceItem = await client.invoiceItems.create({
         customer: stripeCustomer.id,
         invoice: stripeInvoice.id,
         price: stripePrice.id,
@@ -777,6 +799,12 @@ export async function createStripeInvoiceForAutoRecharge(params: {
         priceId: price.id,
         quantity: item.quantity,
       });
+      await item.update({
+        metadata: {
+          ...item.metadata,
+          stripe_id: stripeInvoiceItem.id,
+        },
+      });
     }
 
     // Finalize and pay the invoice automatically

package/api/src/libs/notification/template/customer-auto-recharge-failed.ts

@@ -0,0 +1,202 @@
+/* eslint-disable @typescript-eslint/brace-style */
+/* eslint-disable @typescript-eslint/indent */
+import camelCase from 'lodash/camelCase';
+
+import { getUserLocale } from '../../../integrations/blocklet/notification';
+import { translate } from '../../../locales';
+import { AutoRechargeConfig, Customer, Invoice, PaymentMethod, Price, Product } from '../../../store/models';
+import { PaymentCurrency } from '../../../store/models/payment-currency';
+import { getCustomerInvoicePageUrl } from '../../invoice';
+import { SufficientForPaymentResult, getPaymentDetail } from '../../payment';
+import { formatTime } from '../../time';
+import { formatCurrencyInfo } from '../../util';
+import type { BaseEmailTemplate, BaseEmailTemplateType } from './base';
+
+export interface CustomerAutoRechargeFailedEmailTemplateOptions {
+  customerId: string;
+  autoRechargeConfigId: string;
+  invoiceId: string;
+  paymentIntentId: string;
+  result: SufficientForPaymentResult;
+}
+
+interface CustomerAutoRechargeFailedEmailTemplateContext {
+  locale: string;
+  userDid: string;
+  at: string;
+  reason: string;
+  paymentInfo: string;
+  autoRechargeAmount: string;
+  creditCurrencyName: string;
+  viewInvoiceLink: string;
+}
+
+export class CustomerAutoRechargeFailedEmailTemplate
+  implements BaseEmailTemplate<CustomerAutoRechargeFailedEmailTemplateContext>
+{
+  options: CustomerAutoRechargeFailedEmailTemplateOptions;
+
+  constructor(options: CustomerAutoRechargeFailedEmailTemplateOptions) {
+    this.options = options;
+  }
+
+  private async getReason(userDid: string, invoice: Invoice, locale: string): Promise<string> {
+    if (this.options.result?.sufficient) {
+      throw new Error(`SufficientForPaymentResult.sufficient should be false: ${JSON.stringify(this.options.result)}`);
+    }
+
+    const i18nText = `notification.autoRechargeFailed.reason.${camelCase(this.options.result.reason as string)}`;
+
+    const paymentDetail = await getPaymentDetail(userDid, invoice);
+    const reason = translate(i18nText, locale, {
+      balance: `${paymentDetail.balance} ${paymentDetail.symbol}`,
+      price: `${paymentDetail.price} ${paymentDetail.symbol}`,
+    });
+
+    return reason;
+  }
+
+  async getContext(): Promise<CustomerAutoRechargeFailedEmailTemplateContext> {
+    const customer = await Customer.findByPk(this.options.customerId);
+    if (!customer) {
+      throw new Error(`Customer not found: ${this.options.customerId}`);
+    }
+
+    const autoRechargeConfig = await AutoRechargeConfig.findByPk(this.options.autoRechargeConfigId, {
+      include: [
+        {
+          model: Price,
+          as: 'price',
+          include: [{ model: Product, as: 'product' }],
+        },
+      ],
+    });
+    if (!autoRechargeConfig) {
+      throw new Error(`AutoRechargeConfig not found: ${this.options.autoRechargeConfigId}`);
+    }
+
+    const invoice = await Invoice.findByPk(this.options.invoiceId);
+    if (!invoice) {
+      throw new Error(`Invoice not found: ${this.options.invoiceId}`);
+    }
+
+    const paymentCurrency = (await PaymentCurrency.findOne({
+      where: {
+        id: invoice.currency_id,
+      },
+    })) as PaymentCurrency;
+
+    const userDid: string = customer.did;
+    const locale = await getUserLocale(userDid);
+    const at: string = formatTime(Date.now());
+    const reason: string = await this.getReason(userDid, invoice, locale);
+
+    const paymentMethod: PaymentMethod | null = await PaymentMethod.findByPk(invoice.default_payment_method_id);
+    const paymentInfo: string = formatCurrencyInfo(invoice.amount_remaining, paymentCurrency, paymentMethod);
+
+    // 获取 credit currency
+    const creditCurrency = await PaymentCurrency.findByPk(autoRechargeConfig.currency_id);
+    if (!creditCurrency) {
+      throw new Error(`Credit currency not found: ${autoRechargeConfig.currency_id}`);
+    }
+
+    // 格式化自动充值金额（根据 invoice 的金额）
+    const autoRechargeAmount = formatCurrencyInfo(invoice.amount_remaining, paymentCurrency, paymentMethod);
+
+    const creditCurrencyName = creditCurrency.name || 'Credits';
+
+    const viewInvoiceLink = getCustomerInvoicePageUrl({
+      invoiceId: invoice.id,
+      userDid,
+      locale,
+      action: 'pay',
+    });
+
+    return {
+      locale,
+      userDid,
+      at,
+      reason,
+      paymentInfo,
+      autoRechargeAmount,
+      creditCurrencyName,
+      viewInvoiceLink,
+    };
+  }
+
+  async getTemplate(): Promise<BaseEmailTemplateType> {
+    const { locale, userDid, at, reason, paymentInfo, creditCurrencyName, viewInvoiceLink } = await this.getContext();
+
+    const template: BaseEmailTemplateType = {
+      title: translate('notification.autoRechargeFailed.title', locale),
+      body: translate('notification.autoRechargeFailed.body', locale, {
+        at,
+        creditCurrencyName,
+      }),
+      // @ts-expect-error
+      attachments: [
+        {
+          type: 'section',
+          fields: [
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                color: '#9397A1',
+                text: translate('notification.common.account', locale),
+              },
+            },
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                text: userDid,
+              },
+            },
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                color: '#9397A1',
+                text: translate('notification.common.paymentAmount', locale),
+              },
+            },
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                text: paymentInfo,
+              },
+            },
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                color: '#9397A1',
+                text: translate('notification.common.failReason', locale),
+              },
+            },
+            {
+              type: 'text',
+              data: {
+                type: 'plain',
+                color: '#FF0000',
+                text: reason,
+              },
+            },
+          ].filter(Boolean),
+        },
+      ].filter(Boolean),
+      // @ts-ignore
+      actions: [
+        {
+          name: translate('notification.common.renewNow', locale),
+          title: translate('notification.common.renewNow', locale),
+          link: viewInvoiceLink,
+        },
+      ].filter(Boolean),
+    };
+
+    return template;
+  }
+}

package/api/src/libs/security.ts

@@ -21,6 +21,7 @@ type PermissionSpec<T extends Model> = {
   };
   mine?: boolean;
   embed?: boolean;
+  ensureLogin?: boolean;
 };
 
 /**
@@ -29,7 +30,14 @@ type PermissionSpec<T extends Model> = {
  * If a request is authenticated by component call, it will set `req.user` to the component user.
  * If a request is authenticated by record owner, it will set `req.user` to the session user and set `req.doc` to the record.
  */
-export function authenticate<T extends Model>({ component, roles, record, mine, embed }: PermissionSpec<T>) {
+export function authenticate<T extends Model>({
+  component,
+  roles,
+  record,
+  mine,
+  embed,
+  ensureLogin,
+}: PermissionSpec<T>) {
   return async (req: Request, res: Response, next: NextFunction) => {
     // authenticate by component call
     const sig = req.get('x-component-sig');
@@ -78,7 +86,7 @@ export function authenticate<T extends Model>({ component, roles, record, mine,
     }
 
     if (req.headers['x-user-did']) {
-      const role = (<string>req.headers['x-user-role'] || '').replace('blocklet-', '');
+      const role = (<string>req.headers['x-user-role'] || '').replace('blocklet-', '') || 'guest';
       req.user = {
         did: <string>req.headers['x-user-did'],
         role,
@@ -95,6 +103,11 @@ export function authenticate<T extends Model>({ component, roles, record, mine,
         }
       }
 
+      if (ensureLogin) {
+        req.user.via = 'api';
+        return next();
+      }
+
       if (mine) {
         const customer = await Customer.findOne({ where: { did: req.user.did } });
         if (customer) {

package/api/src/libs/session.ts

@@ -158,11 +158,23 @@ export function getRecurringPeriod(recurring: PriceRecurring) {
   }
 }
 
-export function expandLineItems(items: any[], products: Product[], prices: Price[]) {
+export function expandLineItems(
+  items: any[],
+  products: Product[],
+  prices: Price[],
+  creditCurrencies?: TPaymentCurrency[]
+) {
   items.forEach((item) => {
     item.price = prices.find((x) => x.id === item.price_id);
     if (item.price) {
       item.price.product = products.find((x) => x.id === item.price.product_id);
+      if (item.price.product?.type === 'credit' && item.price.metadata?.credit_config) {
+        item.price.credit = {
+          amount: Number(item.price.metadata.credit_config.credit_amount || 0) * Number(item.quantity),
+          currency_id: item.price.metadata.credit_config.currency_id,
+          currency: creditCurrencies?.find((x) => x.id === item.price.metadata.credit_config.currency_id),
+        };
+      }
     }
   });
 

package/api/src/locales/en.ts

@@ -142,6 +142,26 @@ export default flat({
       },
     },
 
+    autoRechargeFailed: {
+      title: 'Auto Top-Up payment failed',
+      body: 'We are sorry to inform you that your {creditCurrencyName} auto top-up failed to go through the automatic payment on {at}. If you have any questions, please contact us in time. Thank you!',
+      reason: {
+        noDidWallet: 'You have not bound DID Wallet, please bind DID Wallet to ensure sufficient balance',
+        noDelegation: 'Your DID Wallet has not been authorized, please update authorization',
+        noTransferPermission:
+          'Your DID Wallet has not granted transfer permission to the application, please update authorization',
+        noTokenPermission:
+          'Your DID Wallet has not granted token transfer permission to the application, please update authorization',
+        noTransferTo:
+          'Your DID Wallet has not granted the application automatic payment permission, please update authorization',
+        noEnoughAllowance: 'The deduction amount exceeds the single transfer limit, please update authorization',
+        noToken: 'Your account has no tokens, please add funds',
+        noEnoughToken: 'Your account token balance is {balance}, insufficient for {price}, please add funds',
+        noSupported: 'It is not supported to automatically pay with tokens, please check your package',
+        txSendFailed: 'Failed to send automatic payment transaction',
+      },
+    },
+
     subscriptionRefundSucceeded: {
       title: '{productName} refund successful',
       body: 'Your subscription to {productName} has been successfully refunded on {at}, with a refund amount of {refundInfo}. If you have any questions, please feel free to contact us.',

package/api/src/locales/zh.ts

@@ -137,6 +137,22 @@ export default flat({
         txSendFailed: '扣费交易发送失败。',
       },
     },
+    autoRechargeFailed: {
+      title: '自动充值扣费失败',
+      body: '很抱歉地通知您，您的 {creditCurrencyName} 自动充值于 {at} 扣费失败。如有任何疑问，请及时联系我们。谢谢！',
+      reason: {
+        noDidWallet: '您尚未绑定 DID Wallet，请绑定 DID Wallet，确保余额充足。',
+        noDelegation: '您的 DID Wallet 尚未授权，请更新授权。',
+        noTransferPermission: '您的 DID Wallet 未授予应用转账权限，请更新授权。',
+        noTokenPermission: '您的 DID Wallet 未授予应用对应通证的转账权限，请更新授权。',
+        noTransferTo: '您的 DID Wallet 未授予应用扣费权限，请更新授权。',
+        noEnoughAllowance: '扣款金额超出单笔转账限额，请更新授权。',
+        noToken: '您的账户没有任何代币，请充值代币。',
+        noEnoughToken: '您的账户代币余额为 {balance}，不足 {price}，请充值代币。',
+        noSupported: '不支持使用代币扣费，请检查您的套餐。',
+        txSendFailed: '扣费交易发送失败。',
+      },
+    },
 
     subscriptionRefundSucceeded: {
       title: '{productName} 退款成功',

package/api/src/queues/auto-recharge.ts

@@ -1,6 +1,5 @@
 import { BN } from '@ocap/util';
 
-import { CustomError } from '@blocklet/error';
 import { Op } from 'sequelize';
 import createQueue from '../libs/queue';
 import {
@@ -16,7 +15,6 @@ import {
 } from '../store/models';
 import logger from '../libs/logger';
 import { getPriceUintAmountByCurrency } from '../libs/session';
-import { isDelegationSufficientForPayment } from '../libs/payment';
 import { createStripeInvoiceForAutoRecharge } from '../integrations/stripe/resource';
 import { ensureInvoiceAndItems } from '../libs/invoice';
 import dayjs from '../libs/dayjs';
@@ -146,8 +144,9 @@ async function createInvoiceForAutoRecharge({
     where: {
       customer_id: customer.id,
       currency_id: rechargeCurrency.id,
+      billing_reason: 'auto_recharge',
       status: {
-        [Op.in]: ['open', 'draft'],
+        [Op.in]: ['open', 'draft', 'uncollectible'],
       },
     },
   });
@@ -228,17 +227,7 @@ async function executeAutoRecharge(
     if (!payer) {
       throw new Error('No payer found for auto recharge');
     }
-    if (paymentMethod.type !== 'stripe') {
-      const delegationCheck = await isDelegationSufficientForPayment({
-        paymentMethod,
-        paymentCurrency: rechargeCurrency,
-        userDid: payer,
-        amount: totalAmount.toString(),
-      });
-      if (!delegationCheck.sufficient) {
-        throw new CustomError(delegationCheck.reason, 'insufficient delegation or balance');
-      }
-    }
+
     const invoice = await createInvoiceForAutoRecharge({
       customer,
       config,

package/api/src/queues/notification.ts

@@ -1,5 +1,5 @@
-/* eslint-disable @typescript-eslint/indent */
 import { Op } from 'sequelize';
+/* eslint-disable @typescript-eslint/indent */
 import { events } from '../libs/event';
 import logger from '../libs/logger';
 import dayjs from '../libs/dayjs';
@@ -98,6 +98,10 @@ import {
   CustomerCreditLowBalanceEmailTemplate,
   CustomerCreditLowBalanceEmailTemplateOptions,
 } from '../libs/notification/template/customer-credit-low-balance';
+import {
+  CustomerAutoRechargeFailedEmailTemplate,
+  CustomerAutoRechargeFailedEmailTemplateOptions,
+} from '../libs/notification/template/customer-auto-recharge-failed';
 import {
   CustomerRevenueSucceededEmailTemplate,
   CustomerRevenueSucceededEmailTemplateOptions,
@@ -129,7 +133,8 @@ export type NotificationQueueJobType =
   | 'subscription.overdraftProtection.exhausted'
   | 'customer.credit.insufficient'
   | 'customer.credit_grant.granted'
-  | 'customer.credit.low_balance';
+  | 'customer.credit.low_balance'
+  | 'customer.auto_recharge.failed';
 
 export type NotificationQueueJob = {
   type: NotificationQueueJobType;
@@ -271,6 +276,10 @@ async function getNotificationTemplate(job: NotificationQueueJob): Promise<BaseE
     return new CustomerCreditLowBalanceEmailTemplate(job.options as CustomerCreditLowBalanceEmailTemplateOptions);
   }
 
+  if (job.type === 'customer.auto_recharge.failed') {
+    return new CustomerAutoRechargeFailedEmailTemplate(job.options as CustomerAutoRechargeFailedEmailTemplateOptions);
+  }
+
   throw new Error(`Unknown job type: ${job.type}`);
 }
 
@@ -633,6 +642,27 @@ export async function startNotificationQueue() {
       24 * 3600 // 1天
     );
   });
+
+  events.on(
+    'customer.auto_recharge.failed',
+    async (customer: Customer, { autoRechargeConfigId, invoiceId, paymentIntentId }) => {
+      const invoice = await Invoice.findByPk(invoiceId);
+      logger.info('addNotificationJob:customer.auto_recharge.failed', autoRechargeConfigId);
+      if (invoice && autoRechargeConfigId && invoice.metadata?.auto_recharge_failed_reason) {
+        addNotificationJob(
+          'customer.auto_recharge.failed',
+          {
+            customerId: customer.id,
+            autoRechargeConfigId,
+            invoiceId,
+            paymentIntentId,
+            result: invoice.metadata?.auto_recharge_failed_reason,
+          },
+          [customer.id, autoRechargeConfigId, invoiceId]
+        );
+      }
+    }
+  );
 }
 
 export async function handleNotificationPreferenceChange(

package/api/src/queues/payment.ts

@@ -1065,10 +1065,11 @@ export const handlePayment = async (job: PaymentJob) => {
 
       // 只有在 第一次重试 或者 重试次数超过阈值 的时候才发送邮件，不然邮件频率太高了
       const minRetryMail = updates.minRetryMail || MIN_RETRY_MAIL;
+      const needSendMail = attemptCount === 1 || attemptCount >= minRetryMail;
 
       logger.warn('catch:PaymentIntent capture failed', { id: paymentIntent.id, attemptCount, minRetryMail, invoice });
 
-      if ((attemptCount === 1 || attemptCount >= minRetryMail) && invoice.billing_reason === 'subscription_cycle') {
+      if (needSendMail && invoice.billing_reason === 'subscription_cycle') {
         const subscription = await Subscription.findByPk(invoice.subscription_id);
         if (subscription) {
           await subscription.update({
@@ -1087,6 +1088,20 @@ export const handlePayment = async (job: PaymentJob) => {
           }
         }
       }
+
+      if (needSendMail && invoice.billing_reason === 'auto_recharge') {
+        await invoice.update({
+          metadata: {
+            ...invoice.metadata,
+            auto_recharge_failed_reason: result || { sufficient: false, reason: 'TX_SEND_FAILED' },
+          },
+        });
+        createEvent('Customer', 'customer.auto_recharge.failed', customer, {
+          autoRechargeConfigId: invoice.metadata?.auto_recharge?.config_id,
+          invoiceId: invoice.id,
+          paymentIntentId: paymentIntent.id,
+        });
+      }
       // reschedule next attempt
       const retryAt = updates.invoice.next_payment_attempt;
       if (retryAt) {

package/api/src/routes/auto-recharge-configs.ts

@@ -284,6 +284,15 @@ async function checkSufficientBalance({
       payer,
     };
   }
+  if (forceReauthorize) {
+    return {
+      sufficient: false,
+      delegation: {
+        sufficient: false,
+        reason: 'NEED_REAUTHORIZE',
+      },
+    };
+  }
   const delegation = await isDelegationSufficientForPayment({
     paymentMethod,
     paymentCurrency: rechargeCurrency,

package/api/src/routes/checkout-sessions.ts

@@ -15,6 +15,7 @@ import type { WhereOptions } from 'sequelize';
 
 import { CustomError, formatError, getStatusFromError } from '@blocklet/error';
 import pAll from 'p-all';
+import { withQuery } from 'ufo';
 import { MetadataSchema } from '../libs/api';
 import { checkPassportForPaymentLink } from '../integrations/blocklet/passport';
 import dayjs from '../libs/dayjs';
@@ -48,6 +49,7 @@ import {
   CHECKOUT_SESSION_TTL,
   formatAmountPrecisionLimit,
   formatMetadata,
+  getConnectQueryParam,
   getDataObjectFromQuery,
   getUserOrAppInfo,
   isUserInBlocklist,
@@ -98,6 +100,8 @@ const router = Router();
 const user = sessionMiddleware({ accessKey: true });
 const auth = authenticate<CheckoutSession>({ component: true, roles: ['owner', 'admin'] });
 
+const authLogin = authenticate<CheckoutSession>({ component: true, roles: ['owner', 'admin'], ensureLogin: true });
+
 const getPaymentMethods = async (doc: CheckoutSession) => {
   const paymentMethods = await PaymentMethod.expand(doc.livemode, { type: doc.payment_method_types });
   const supportedCurrencies = getSupportedPaymentCurrencies(doc.line_items as any[]);
@@ -769,22 +773,54 @@ async function processSubscriptionFastCheckout({
 }
 
 // create checkout session
-router.post('/', auth, async (req, res) => {
-  const raw: Partial<CheckoutSession> = await formatCheckoutSession(req.body);
-  raw.livemode = !!req.livemode;
-  raw.created_via = req.user?.via as string;
-  if (raw.line_items) {
-    try {
-      await validateInventory(raw.line_items, true);
-    } catch (err) {
-      logger.error('validateInventory failed', { error: err, line_items: raw.line_items });
-      return res.status(400).json({ error: err.message });
+router.post('/', authLogin, async (req, res) => {
+  try {
+    const raw: Partial<CheckoutSession> = await formatCheckoutSession(req.body);
+    raw.livemode = !!req.livemode;
+    raw.created_via = req.user?.via as string;
+
+    // Customer permission validation and createMine handling
+    const { create_mine: createMine } = req.body;
+    const currentUserDid = req.user?.did;
+    // Handle createMine parameter
+    if (createMine === true) {
+      if (!currentUserDid) {
+        return res.status(400).json({ error: 'User not authenticated, cannot create checkout session for self' });
+      }
+
+      const currentCustomer = await Customer.findOne({ where: { did: currentUserDid } });
+
+      // Set customer info and record who created it
+      raw.customer_id = currentCustomer?.id;
+      raw.customer_did = currentUserDid;
+      raw.metadata = {
+        ...(raw.metadata || {}),
+        createdBy: currentUserDid,
+      };
+    } else if (!['owner', 'admin'].includes(req.user?.role as string)) {
+      return res.status(403).json({ error: 'Not authorized to perform this action' });
+    }
+
+    if (raw.line_items) {
+      try {
+        await validateInventory(raw.line_items, true);
+      } catch (err) {
+        logger.error('validateInventory failed', { error: err, line_items: raw.line_items });
+        return res.status(400).json({ error: err.message });
+      }
     }
-  }
 
-  const doc = await CheckoutSession.create(raw as any);
+    const doc = await CheckoutSession.create(raw as any);
+    let url = getUrl(`/checkout/${doc.submit_type}/${doc.id}`);
+    if (createMine && currentUserDid) {
+      url = withQuery(url, getConnectQueryParam({ userDid: currentUserDid }));
+    }
 
-  res.json({ ...doc.toJSON(), url: getUrl(`/checkout/${doc.submit_type}/${doc.id}`) });
+    res.json({ ...doc.toJSON(), url });
+  } catch (error) {
+    logger.error('Create checkout session failed', { error: error.message, body: req.body });
+    res.status(500).json({ error: error.message });
+  }
 });
 
 export async function startCheckoutSessionFromPaymentLink(id: string, req: Request, res: Response) {
@@ -1083,6 +1119,17 @@ router.put('/:id/submit', user, ensureCheckoutSessionOpen, async (req, res) => {
       }
     }
 
+    // Validate checkout session ownership if it was created for a specific customer
+    if (checkoutSession.customer_did && checkoutSession.metadata?.createdBy) {
+      const createdByDid = checkoutSession.metadata.createdBy;
+      if (createdByDid !== req.user.did) {
+        return res.status(403).json({
+          error:
+            "It's not allowed to submit checkout sessions created by other users, please create your own checkout session",
+        });
+      }
+    }
+
     let customer = await Customer.findOne({ where: { did: req.user.did } });
     if (!customer) {
       const { user: userInfo } = await blocklet.getUser(req.user.did);
@@ -1631,6 +1678,17 @@ router.post('/:id/fast-checkout-confirm', user, ensureCheckoutSessionOpen, async
       return res.status(400).json({ error: 'Payment method not supported for fast checkout' });
     }
 
+    // Validate checkout session ownership if it was created for a specific customer
+    if (checkoutSession.customer_id && checkoutSession.metadata?.createdBy) {
+      const createdByDid = checkoutSession.metadata.createdBy;
+      if (createdByDid !== req.user.did) {
+        return res.status(403).json({
+          error:
+            "It's not allowed to submit checkout sessions created by other users, please create your own checkout session",
+        });
+      }
+    }
+
     const customer = await Customer.findByPkOrDid(req.user.did);
     if (!customer) {
       return res.status(400).json({ error: '' });

package/api/src/routes/invoices.ts

@@ -635,8 +635,15 @@ router.get('/:id', authPortal, async (req, res) => {
       }
       const products = (await Product.findAll()).map((x) => x.toJSON());
       const prices = (await Price.findAll()).map((x) => x.toJSON());
+      const paymentCurrencies = (
+        await PaymentCurrency.findAll({
+          where: {
+            type: 'credit',
+          },
+        })
+      ).map((x) => x.toJSON());
       // @ts-ignore
-      expandLineItems(json.lines, products, prices);
+      expandLineItems(json.lines, products, prices, paymentCurrencies);
       if (doc.metadata?.invoice_id || doc.metadata?.prev_invoice_id) {
         const relatedInvoice = await Invoice.findByPk(doc.metadata.invoice_id || doc.metadata.prev_invoice_id, {
           attributes: ['id', 'number', 'status', 'billing_reason'],

package/api/src/store/models/checkout-session.ts

@@ -178,6 +178,7 @@ export class CheckoutSession extends Model<InferAttributes<CheckoutSession>, Inf
     };
     days_until_due?: number;
     days_until_cancel?: number;
+    no_stake?: boolean;
   };
 
   // 3rd party payment tx hash

package/blocklet.yml

@@ -14,7 +14,7 @@ repository:
   type: git
   url: git+https://github.com/blocklet/payment-kit.git
 specVersion: 1.2.8
-version: 1.19.23
+version: 1.20.0
 logo: logo.png
 files:
   - dist

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "payment-kit",
-  "version": "1.19.23",
+  "version": "1.20.0",
   "scripts": {
     "dev": "blocklet dev --open",
     "lint": "tsc --noEmit && eslint src api/src --ext .mjs,.js,.jsx,.ts,.tsx",
@@ -44,18 +44,18 @@
   },
   "dependencies": {
     "@abtnode/cron": "^1.16.48",
-    "@arcblock/did": "^1.23.1",
+    "@arcblock/did": "^1.24.3",
     "@arcblock/did-connect-react": "^3.1.32",
     "@arcblock/did-connect-storage-nedb": "^1.8.0",
-    "@arcblock/did-util": "^1.23.1",
-    "@arcblock/jwt": "^1.23.1",
+    "@arcblock/did-util": "^1.24.3",
+    "@arcblock/jwt": "^1.24.3",
     "@arcblock/ux": "^3.1.32",
-    "@arcblock/validator": "^1.23.1",
+    "@arcblock/validator": "^1.24.3",
     "@blocklet/did-space-js": "^1.1.19",
     "@blocklet/error": "^0.2.5",
     "@blocklet/js-sdk": "^1.16.48",
     "@blocklet/logger": "^1.16.48",
-    "@blocklet/payment-react": "1.19.23",
+    "@blocklet/payment-react": "1.20.0",
     "@blocklet/sdk": "^1.16.48",
     "@blocklet/ui-react": "^3.1.32",
     "@blocklet/uploader": "^0.2.7",
@@ -64,11 +64,11 @@
     "@mui/lab": "7.0.0-beta.14",
     "@mui/material": "^7.1.2",
     "@mui/system": "^7.1.1",
-    "@ocap/asset": "^1.23.1",
-    "@ocap/client": "^1.23.1",
-    "@ocap/mcrypto": "^1.23.1",
-    "@ocap/util": "^1.23.1",
-    "@ocap/wallet": "^1.23.1",
+    "@ocap/asset": "^1.24.3",
+    "@ocap/client": "^1.24.3",
+    "@ocap/mcrypto": "^1.24.3",
+    "@ocap/util": "^1.24.3",
+    "@ocap/wallet": "^1.24.3",
     "@stripe/react-stripe-js": "^2.9.0",
     "@stripe/stripe-js": "^2.4.0",
     "ahooks": "^3.8.5",
@@ -124,7 +124,7 @@
   "devDependencies": {
     "@abtnode/types": "^1.16.48",
     "@arcblock/eslint-config-ts": "^0.3.3",
-    "@blocklet/payment-types": "1.19.23",
+    "@blocklet/payment-types": "1.20.0",
     "@types/cookie-parser": "^1.4.9",
     "@types/cors": "^2.8.19",
     "@types/debug": "^4.1.12",
@@ -171,5 +171,5 @@
       "parser": "typescript"
     }
   },
-  "gitHead": "1bb6bff218ad207b078af97a1700bfe1dc85817a"
+  "gitHead": "ca71d3996c6c5be18827a9f3d516bab117b327dd"
 }

package/src/components/customer/credit-overview.tsx

@@ -98,7 +98,9 @@ export default function CreditOverview({ customerId, settings, mode = 'portal' }
     try {
       const response = await api.get(`/api/payment-currencies/${currency.id}/recharge-config`).then((res) => res.data);
       if (response.recharge_config && response.recharge_config.payment_url) {
-        window.open(response.recharge_config.payment_url, '_blank');
+        const url = new URL(response.recharge_config.payment_url);
+        url.searchParams.set('redirect', window.location.href);
+        window.open(url.toString(), '_self');
       } else {
         Toast.error(t('customer.recharge.unsupported'));
       }
@@ -138,7 +140,7 @@ export default function CreditOverview({ customerId, settings, mode = 'portal' }
       return null;
     }
 
-    const showRecharge = grantData.paymentCurrency.recharge_config?.base_price_id;
+    const showRecharge = grantData.paymentCurrency.recharge_config?.base_price_id && mode === 'portal';
 
     const totalAmount = grantData.totalAmount || '0';
     const remainingAmount = grantData.remainingAmount || '0';

package/src/components/customer/link.tsx

@@ -39,6 +39,7 @@ export default function CustomerLink({
       }}
       popupInfoType={InfoType.Minimal}
       showDid={size !== 'small'}
+      popupShowDid
       {...(customer.metadata.anonymous === true
         ? {
             user: {

package/src/components/invoice/table.tsx

@@ -1,6 +1,6 @@
 /* eslint-disable react/no-unstable-nested-components */
 import { useLocaleContext } from '@arcblock/ux/lib/Locale/context';
-import { formatAmount, Table, getPriceUintAmountByCurrency } from '@blocklet/payment-react';
+import { formatAmount, Table, getPriceUintAmountByCurrency, formatNumber } from '@blocklet/payment-react';
 import type { TInvoiceExpanded, TInvoiceItem } from '@blocklet/payment-types';
 import { InfoOutlined } from '@mui/icons-material';
 import { Box, Stack, Tooltip, Typography } from '@mui/material';
@@ -22,6 +22,10 @@ type Props = {
 type InvoiceDetailItem = {
   id: string;
   product: string;
+  credits?: {
+    total: number;
+    currency: string;
+  };
   quantity: number;
   rawQuantity: number;
   price: string;
@@ -64,11 +68,22 @@ export function getInvoiceRows(invoice: TInvoiceExpanded) {
       ? toBN(line.amount).div(toBN(line.quantity)).toString()
       : getPriceUintAmountByCurrency(line.price, invoice.paymentCurrency) || line.amount;
 
+    const creditInfo = (line.price as any).credit;
+    let credits: { total: number; currency: string } | undefined;
+
+    if (creditInfo?.amount) {
+      credits = {
+        total: creditInfo.amount,
+        currency: creditInfo.currency?.name || 'Credits',
+      };
+    }
+
     return {
       id: line.id,
       product: `${line.description} ${
         line.price.product.unit_label ? ` (per ${line.price.product.unit_label})` : ''
       }`.trim(),
+      credits,
       quantity: line.quantity,
       rawQuantity: line.metadata?.quantity || 0,
       price: !line.proration ? formatAmount(price, invoice.paymentCurrency.decimal) : '',
@@ -149,6 +164,44 @@ export default function InvoiceTable({ invoice, simple = false, emptyNodeText =
     {
       label: t('common.description'),
       name: 'product',
+      options: {
+        customBodyRenderLite: (_: string, index: number) => {
+          const item = detail[index] as InvoiceDetailItem;
+          return (
+            <Box>
+              <Typography
+                component="div"
+                sx={{
+                  textAlign: {
+                    xs: 'right',
+                    md: 'left',
+                  },
+                }}>
+                {item.product}
+              </Typography>
+              {item.credits && (
+                <Typography
+                  component="div"
+                  variant="caption"
+                  sx={{
+                    color: 'text.secondary',
+                    mt: 0.5,
+                    wordBreak: 'break-word',
+                    textAlign: {
+                      xs: 'right',
+                      md: 'left',
+                    },
+                  }}>
+                  {t('customer.invoice.creditsInfo', {
+                    amount: formatNumber(item.credits.total),
+                    currency: item.credits.currency,
+                  })}
+                </Typography>
+              )}
+            </Box>
+          );
+        },
+      },
     },
     {
       label: t('common.quantity'),

package/src/components/invoice-pdf/template.tsx

@@ -1,4 +1,4 @@
-import { formatTime } from '@blocklet/payment-react';
+import { formatNumber, formatTime } from '@blocklet/payment-react';
 import { useEffect } from 'react';
 import type { InvoicePDFProps } from './types';
 import { composeStyles } from './utils';
@@ -88,7 +88,14 @@ export function InvoiceTemplate({ data, t }: InvoicePDFProps) {
       {detail.map((line) => (
         <div key={line.id} style={composeStyles('row flex')}>
           <div style={composeStyles('w-48 p-4-8 pb-15')}>
-            <span style={composeStyles('dark')}>{line.product}</span>
+            <span style={composeStyles('dark')}>
+              {line.product}
+              {line.credits && (
+                <span style={composeStyles('block gray fs-10 mt-5')}>
+                  {formatNumber(line.credits.total)} {line.credits.currency}
+                </span>
+              )}
+            </span>
           </div>
           <div style={composeStyles('w-17 p-4-8 pb-15')}>
             <span style={composeStyles('dark right')}>{line.quantity}</span>

package/src/locales/en.tsx

@@ -1305,6 +1305,7 @@ export default flat({
     invoice: {
       relatedInvoice: 'Related Invoice',
       donation: 'Donation',
+      creditsInfo: 'Total {amount} {currency} included',
     },
     payout: {
       empty: 'No Revenues',

package/src/locales/zh.tsx

@@ -1258,6 +1258,7 @@ export default flat({
     invoice: {
       relatedInvoice: '关联账单',
       donation: '打赏记录',
+      creditsInfo: '总共包含 {amount} {currency}',
     },
     payout: {
       empty: '没有收款记录',

package/src/pages/checkout/pay.tsx

@@ -1,10 +1,13 @@
 import { CheckoutForm } from '@blocklet/payment-react';
+import { useSearchParams } from 'react-router-dom';
 
 type Props = {
   id: string;
 };
 
 export default function Payment({ id }: Props) {
+  const [searchParams] = useSearchParams();
+  const redirect = searchParams.get('redirect');
   const onPaid = (data: any) => {
     if (data?.checkoutSession?.success_url) {
       setTimeout(() => {
@@ -12,15 +15,23 @@ export default function Payment({ id }: Props) {
         tmp.searchParams.set('checkout_session_id', data.checkoutSession.id);
         window.location.replace(tmp.href);
       }, 1000);
-    } else if (data?.paymentLink) {
+      return;
+    }
+    if (data?.paymentLink) {
       if (data.paymentLink.after_completion?.type === 'redirect' && data.paymentLink.after_completion?.redirect?.url) {
         setTimeout(() => {
           const tmp = new URL(data.paymentLink?.after_completion?.redirect?.url as string, window.location.origin);
           tmp.searchParams.set('checkout_session_id', data.checkoutSession.id);
           window.location.replace(tmp.href);
         }, 1000);
+        return;
       }
     }
+    if (redirect) {
+      setTimeout(() => {
+        window.location.replace(redirect);
+      }, 1000);
+    }
   };
 
   return <CheckoutForm mode="standalone" id={id} onPaid={onPaid} />;