payment-kit 1.29.0 → 1.29.2

package/api/src/routes/{exchange-rate-providers.ts → hono/exchange-rate-providers.ts}

@@ -1,18 +1,22 @@
-import { Router } from 'express';
+// Phase 3 (express→hono) — hono fork of routes/exchange-rate-providers.ts. Sub-app with
+// routes relative to /api/exchange-rate-providers (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody'); res.status(n).json(x) → c.json(x, n).
+import { Hono } from 'hono';
 import pick from 'lodash/pick';
 import { Op } from 'sequelize';
 
-import { authenticate } from '../libs/security';
-import { ExchangeRateProvider } from '../store/models/exchange-rate-provider';
-import { TokenDataProvider } from '../libs/exchange-rate/token-data-provider';
-import { CoinGeckoProvider } from '../libs/exchange-rate/coingecko-provider';
-import { CoinMarketCapProvider } from '../libs/exchange-rate/coinmarketcap-provider';
+import { authenticate } from '../../middlewares/hono/security';
+import { ExchangeRateProvider } from '../../store/models/exchange-rate-provider';
+import { TokenDataProvider } from '../../libs/exchange-rate/token-data-provider';
+import { CoinGeckoProvider } from '../../libs/exchange-rate/coingecko-provider';
+import { CoinMarketCapProvider } from '../../libs/exchange-rate/coinmarketcap-provider';
 
-const router = Router();
+const app = new Hono();
 const auth = authenticate({ component: true, roles: ['owner', 'admin'], ensureLogin: true });
 const allowedStatuses = ['active', 'degraded', 'paused', 'inactive'];
 
-router.get('/', auth, async (_req, res) => {
+app.get('/', auth, async (c) => {
   const providers = await ExchangeRateProvider.findAll({
     order: [
       ['priority', 'ASC'],
@@ -26,10 +30,10 @@ router.get('/', auth, async (_req, res) => {
     config: ExchangeRateProvider.maskConfig(p.config),
   }));
 
-  res.json({ data: maskedProviders });
+  return c.json({ data: maskedProviders });
 });
 
-router.post('/', auth, async (req, res) => {
+app.post('/', auth, async (c) => {
   const {
     name,
     type = 'token-data',
@@ -39,18 +43,15 @@ router.post('/', auth, async (req, res) => {
     config = {},
     // eslint-disable-next-line @typescript-eslint/naming-convention
     paused_reason = null,
-  } = req.body;
+  } = c.get('sanitizedBody') ?? {};
   if (!name) {
-    res.status(400).json({ error: 'name is required' });
-    return;
+    return c.json({ error: 'name is required' }, 400);
   }
   if (Number.isNaN(Number(priority))) {
-    res.status(400).json({ error: 'priority must be a number' });
-    return;
+    return c.json({ error: 'priority must be a number' }, 400);
   }
   if (!allowedStatuses.includes(status)) {
-    res.status(400).json({ error: 'invalid status' });
-    return;
+    return c.json({ error: 'invalid status' }, 400);
   }
 
   const provider = await ExchangeRateProvider.create({
@@ -63,39 +64,7 @@ router.post('/', auth, async (req, res) => {
     config: ExchangeRateProvider.encryptConfig(config),
   });
 
-  res.json({ data: provider });
-});
-
-router.put('/:id', auth, async (req, res) => {
-  const provider = await ExchangeRateProvider.findByPk(req.params.id);
-  if (!provider) {
-    res.status(404).json({ error: 'Provider not found' });
-    return;
-  }
-
-  // Note: 'type' is intentionally excluded - cannot be changed after creation
-  const updates = pick(req.body, ['name', 'enabled', 'priority', 'status', 'paused_reason', 'config']);
-  if (updates.priority !== undefined && Number.isNaN(Number(updates.priority))) {
-    res.status(400).json({ error: 'priority must be a number' });
-    return;
-  }
-  if (updates.status && !allowedStatuses.includes(updates.status)) {
-    res.status(400).json({ error: 'invalid status' });
-    return;
-  }
-
-  // Encrypt config if it's being updated
-  if (updates.config) {
-    const existingConfig = ExchangeRateProvider.decryptConfig(provider.config) || {};
-    const mergedConfig = { ...existingConfig, ...updates.config };
-    if (updates.config.api_key === '') {
-      delete mergedConfig.api_key;
-    }
-    updates.config = ExchangeRateProvider.encryptConfig(mergedConfig);
-  }
-
-  await provider.update(updates);
-  res.json({ data: provider });
+  return c.json({ data: provider });
 });
 
 // TECHNICAL DEBT: Exchange rate provider management bypasses AFS layer
@@ -106,75 +75,18 @@ router.put('/:id', auth, async (req, res) => {
 // Decision: Accepted as pragmatic completion of existing system (2026-01-12)
 // Reference: ai/intent/20260112-token-data-provider-management-alignment.md
 
-/**
- * DELETE endpoint - Remove an exchange rate provider
- * Safety constraints:
- * 1. Cannot delete provider that is currently in use
- * 2. Cannot delete the last enabled provider
- */
-router.delete('/:id', auth, async (req, res) => {
-  const provider = await ExchangeRateProvider.findByPk(req.params.id);
-  if (!provider) {
-    res.status(404).json({ error: 'Provider not found' });
-    return;
-  }
-
-  // Safety Check 1: Get active provider (same logic as frontend)
-  const allProviders = await ExchangeRateProvider.findAll({
-    order: [
-      ['priority', 'ASC'],
-      ['created_at', 'ASC'],
-    ],
-  });
-
-  const activeProviders = allProviders
-    .filter((p) => p.enabled && p.status !== 'paused')
-    .sort((a, b) => a.priority - b.priority);
-
-  const activeProviderId = activeProviders[0]?.id || null;
-
-  if (provider.id === activeProviderId) {
-    res.status(400).json({
-      error: 'Cannot delete provider that is currently in use',
-    });
-    return;
-  }
-
-  // Safety Check 2: Ensure we're not deleting the last enabled provider
-  const otherEnabledCount = await ExchangeRateProvider.count({
-    where: {
-      id: { [Op.ne]: req.params.id },
-      enabled: true,
-      status: { [Op.ne]: 'paused' },
-    },
-  });
-
-  if (otherEnabledCount === 0 && provider.enabled && provider.status !== 'paused') {
-    res.status(400).json({
-      error:
-        'Cannot delete the last enabled provider. Please ensure at least one other provider is enabled before deleting this one.',
-    });
-    return;
-  }
-
-  // All checks passed, safe to delete
-  await provider.destroy();
-
-  res.json({ success: true });
-});
-
 /**
  * POST /test-connection - Test provider connection without saving
  * Validates provider configuration by attempting to fetch a test rate
+ * Registered before /:id routes so the static segment wins
  */
-router.post('/test-connection', auth, async (req, res) => {
-  const { type, config = {}, provider_id: providerId } = req.body;
+app.post('/test-connection', auth, async (c) => {
+  const { type, config = {}, provider_id: providerId } = c.get('sanitizedBody') ?? {};
 
   // Validate provider type
   const allowedTypes = ['token-data', 'coingecko', 'coinmarketcap'];
   if (!type || !allowedTypes.includes(type)) {
-    res.status(400).json({ error: 'Invalid provider type' });
-    return;
+    return c.json({ error: 'Invalid provider type' }, 400);
   }
 
   // Decrypt config if it contains encrypted api_key
@@ -209,15 +121,16 @@ router.post('/test-connection', auth, async (req, res) => {
         provider = new CoinMarketCapProvider(effectiveConfig || undefined);
         break;
       default:
-        res.status(400).json({ error: 'Invalid provider type' });
-        return;
+        return c.json({ error: 'Invalid provider type' }, 400);
     }
   } catch (error: any) {
-    res.status(200).json({
-      success: false,
-      error: error.message || 'Failed to initialize provider',
-    });
-    return;
+    return c.json(
+      {
+        success: false,
+        error: error.message || 'Failed to initialize provider',
+      },
+      200
+    );
   }
 
   const testSymbol = type === 'token-data' ? 'ABT' : 'ETH';
@@ -227,7 +140,7 @@ router.post('/test-connection', auth, async (req, res) => {
     const result = await provider.fetch(testSymbol);
     const responseTime = Date.now() - startTime;
 
-    res.json({
+    return c.json({
       success: true,
       responseTime,
       rate: result.rate,
@@ -236,13 +149,112 @@ router.post('/test-connection', auth, async (req, res) => {
     });
   } catch (error: any) {
     const responseTime = Date.now() - startTime;
-    res.status(200).json({
-      success: false,
-      responseTime,
-      error: error.message || 'Connection test failed',
-      symbol: testSymbol,
-    });
+    return c.json(
+      {
+        success: false,
+        responseTime,
+        error: error.message || 'Connection test failed',
+        symbol: testSymbol,
+      },
+      200
+    );
+  }
+});
+
+/**
+ * DELETE endpoint - Remove an exchange rate provider
+ * Safety constraints:
+ * 1. Cannot delete provider that is currently in use
+ * 2. Cannot delete the last enabled provider
+ */
+app.put('/:id', auth, async (c) => {
+  const provider = await ExchangeRateProvider.findByPk(c.req.param('id'));
+  if (!provider) {
+    return c.json({ error: 'Provider not found' }, 404);
+  }
+
+  // Note: 'type' is intentionally excluded - cannot be changed after creation
+  const updates = pick(c.get('sanitizedBody') ?? {}, [
+    'name',
+    'enabled',
+    'priority',
+    'status',
+    'paused_reason',
+    'config',
+  ]);
+  if (updates.priority !== undefined && Number.isNaN(Number(updates.priority))) {
+    return c.json({ error: 'priority must be a number' }, 400);
   }
+  if (updates.status && !allowedStatuses.includes(updates.status)) {
+    return c.json({ error: 'invalid status' }, 400);
+  }
+
+  // Encrypt config if it's being updated
+  if (updates.config) {
+    const existingConfig = ExchangeRateProvider.decryptConfig(provider.config) || {};
+    const mergedConfig = { ...existingConfig, ...updates.config };
+    if (updates.config.api_key === '') {
+      delete mergedConfig.api_key;
+    }
+    updates.config = ExchangeRateProvider.encryptConfig(mergedConfig);
+  }
+
+  await provider.update(updates);
+  return c.json({ data: provider });
+});
+
+app.delete('/:id', auth, async (c) => {
+  const provider = await ExchangeRateProvider.findByPk(c.req.param('id'));
+  if (!provider) {
+    return c.json({ error: 'Provider not found' }, 404);
+  }
+
+  // Safety Check 1: Get active provider (same logic as frontend)
+  const allProviders = await ExchangeRateProvider.findAll({
+    order: [
+      ['priority', 'ASC'],
+      ['created_at', 'ASC'],
+    ],
+  });
+
+  const activeProviders = allProviders
+    .filter((p) => p.enabled && p.status !== 'paused')
+    .sort((a, b) => a.priority - b.priority);
+
+  const activeProviderId = activeProviders[0]?.id || null;
+
+  if (provider.id === activeProviderId) {
+    return c.json(
+      {
+        error: 'Cannot delete provider that is currently in use',
+      },
+      400
+    );
+  }
+
+  // Safety Check 2: Ensure we're not deleting the last enabled provider
+  const otherEnabledCount = await ExchangeRateProvider.count({
+    where: {
+      id: { [Op.ne]: c.req.param('id') },
+      enabled: true,
+      status: { [Op.ne]: 'paused' },
+    },
+  });
+
+  if (otherEnabledCount === 0 && provider.enabled && provider.status !== 'paused') {
+    return c.json(
+      {
+        error:
+          'Cannot delete the last enabled provider. Please ensure at least one other provider is enabled before deleting this one.',
+      },
+      400
+    );
+  }
+
+  // All checks passed, safe to delete
+  await provider.destroy();
+
+  return c.json({ success: true });
 });
 
-export default router;
+export default app;

package/api/src/routes/hono/exchange-rates.ts

@@ -0,0 +1,77 @@
+// Phase 3a (express→hono) — hono fork of routes/exchange-rates.ts. Sub-app with
+// routes relative to /api/exchange-rates (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody'); res.status(n).json(x) → c.json(x, n).
+import { Hono } from 'hono';
+
+import { getExchangeRateService } from '../../libs/exchange-rate/service';
+import { getExchangeRateSymbol, hasTokenAddress } from '../../libs/exchange-rate/token-address-mapping';
+import { authenticate } from '../../middlewares/hono/security';
+import { ChainType, PaymentCurrency, PaymentMethod } from '../../store/models';
+
+const app = new Hono();
+const auth = authenticate({ component: true, roles: ['owner', 'admin'], ensureLogin: true });
+const exchangeRateService = getExchangeRateService();
+
+/**
+ * Validate if exchange rate can be fetched for a currency.
+ * Used during price creation/editing to validate the base currency.
+ */
+app.post('/validate', auth, async (c) => {
+  try {
+    const { currency: currencyId } = (c.get('sanitizedBody') ?? {}) as any;
+
+    if (!currencyId) {
+      return c.json({ error: 'currency is required' }, 400);
+    }
+
+    const paymentCurrency = (await PaymentCurrency.findByPk(currencyId, {
+      include: [{ model: PaymentMethod, as: 'payment_method' }],
+    })) as PaymentCurrency & { payment_method: PaymentMethod };
+
+    if (!paymentCurrency) {
+      return c.json({ error: 'Currency not found' }, 400);
+    }
+
+    if (paymentCurrency.payment_method?.type === 'stripe') {
+      return c.json({ error: `Currency ${paymentCurrency.symbol} is not supported.`, supported: false }, 400);
+    }
+
+    if (!hasTokenAddress(paymentCurrency.symbol, paymentCurrency.payment_method?.type as ChainType)) {
+      return c.json({ error: `Currency ${paymentCurrency.symbol} is not supported.`, supported: false }, 400);
+    }
+
+    try {
+      const rateSymbol = getExchangeRateSymbol(
+        paymentCurrency.symbol,
+        paymentCurrency.payment_method?.type as ChainType
+      );
+      const rateResult = await exchangeRateService.getRate(rateSymbol);
+
+      return c.json({
+        supported: true,
+        currency: paymentCurrency.symbol,
+        base_currency: 'USD',
+        rate: rateResult.rate,
+        timestamp_ms: rateResult.timestamp_ms,
+        fetched_at: rateResult.fetched_at,
+        provider_id: rateResult.provider_id,
+        provider_name: rateResult.provider_name,
+        provider_display: rateResult.provider_display,
+        providers: rateResult.providers,
+        consensus_method: rateResult.consensus_method,
+        degraded: rateResult.degraded,
+        degraded_reason: rateResult.degraded_reason,
+      });
+    } catch (error: any) {
+      return c.json(
+        { error: `Failed to fetch exchange rate for ${paymentCurrency.symbol}: ${error.message}`, supported: false },
+        400
+      );
+    }
+  } catch (error: any) {
+    return c.json({ error: error.message }, 400);
+  }
+});
+
+export default app;

package/api/src/routes/hono/index.ts

@@ -0,0 +1,115 @@
+// Phase 3 (express→hono) — registry of MIGRATED native resource domains. Each
+// domain is mounted via mountResourceGroup (app-shell pipeline + livemode +
+// optional baseCurrency, scoped to the prefix). Domains NOT listed here are still
+// served by the legacy express app through the catch-all bridge; both coexist
+// until Phase 4 deletes the express modules. Batches add domains here one PR at a
+// time (3a → 3f).
+import type { Hono, MiddlewareHandler } from 'hono';
+import { mountResourceGroup } from '../../middlewares/hono/resource-mount';
+
+import exchangeRates from './exchange-rates';
+import paymentCurrencies from './payment-currencies';
+import paymentStats from './payment-stats';
+import pricingTable from './pricing-table';
+import customers from './customers';
+import paymentMethods from './payment-methods';
+import products from './products';
+import prices from './prices';
+import checkoutSessions from './checkout-sessions';
+import subscriptions from './subscriptions';
+import invoices from './invoices';
+import paymentIntents from './payment-intents';
+import coupons from './coupons';
+import promotionCodes from './promotion-codes';
+import creditGrants from './credit-grants';
+import creditTokens from './credit-tokens';
+import creditTransactions from './credit-transactions';
+import meterEvents from './meter-events';
+import usageRecords from './usage-records';
+import stripeIntegration from './integrations/stripe';
+import appStoreIntegration from './integrations/app-store';
+import googlePlayIntegration from './integrations/google-play';
+import autoRechargeConfigs from './auto-recharge-configs';
+import donations from './donations';
+import entitlements from './entitlements';
+import events from './events';
+import exchangeRateProviders from './exchange-rate-providers';
+import meters from './meters';
+import passports from './passports';
+import paymentLinks from './payment-links';
+import payouts from './payouts';
+import redirect from './redirect';
+import refunds from './refunds';
+import settings from './settings';
+import subscriptionItems from './subscription-items';
+import taxRates from './tax-rates';
+import tool from './tool';
+import vendor from './vendor';
+import webhookAttempts from './webhook-attempts';
+import webhookEndpoints from './webhook-endpoints';
+import archive from './archive';
+
+export function mountMigratedResources(native: Hono, opts: { appShell?: MiddlewareHandler[] } = {}): void {
+  // The node host passes its full app-shell pipeline (cors/xss/csrf/cdn/i18n/
+  // context). The CF worker passes nothing → mountResourceGroup defaults to the
+  // LITE app-shell (xss only; the worker owns cors + tenant and never ran csrf/cdn).
+  const shell = opts.appShell;
+  const g = (prefix: string, subApp: Hono, o: { baseCurrency?: boolean } = {}) =>
+    mountResourceGroup(native, prefix, subApp, { ...o, appShell: shell });
+
+  // ── Batch 3a (low-risk read-only / validation) ─────────────────────────────
+  g('/api/exchange-rates', exchangeRates);
+  g('/api/payment-currencies', paymentCurrencies);
+  g('/api/payment-stats', paymentStats);
+  g('/api/pricing-tables', pricingTable);
+
+  // ── Batch 3b (customers / payment-methods / products / prices) ──────────────
+  g('/api/customers', customers);
+  g('/api/payment-methods', paymentMethods);
+  g('/api/products', products, { baseCurrency: true });
+  g('/api/prices', prices, { baseCurrency: true });
+
+  // ── Batch 3c (checkout-sessions / subscriptions / invoices / payment-intents) ─
+  g('/api/checkout-sessions', checkoutSessions, { baseCurrency: true });
+  g('/api/subscriptions', subscriptions);
+  g('/api/invoices', invoices);
+  g('/api/payment-intents', paymentIntents);
+
+  // ── Batch 3d (coupons / promotion-codes / credit-* / meter-events / usage-records)
+  g('/api/coupons', coupons);
+  g('/api/promotion-codes', promotionCodes);
+  g('/api/credit-grants', creditGrants);
+  g('/api/credit-tokens', creditTokens);
+  g('/api/credit-transactions', creditTransactions);
+  g('/api/meter-events', meterEvents);
+  g('/api/usage-records', usageRecords);
+
+  // ── Batch 3e (integrations) — Stripe webhook is RAW-BODY (xss skips that path,
+  // route reads c.req.arrayBuffer); app-store/google-play are normal JSON. ──────
+  g('/api/integrations/stripe', stripeIntegration);
+  g('/api/integrations/app-store', appStoreIntegration);
+  g('/api/integrations/google-play', googlePlayIntegration);
+
+  // ── Batch 3f (remaining domains) ────────────────────────────────────────────
+  g('/api/auto-recharge-configs', autoRechargeConfigs);
+  g('/api/donations', donations, { baseCurrency: true });
+  g('/api/entitlements', entitlements);
+  g('/api/events', events);
+  g('/api/exchange-rate-providers', exchangeRateProviders);
+  g('/api/meters', meters);
+  g('/api/passports', passports);
+  g('/api/payment-links', paymentLinks, { baseCurrency: true });
+  g('/api/payouts', payouts);
+  g('/api/redirect', redirect);
+  g('/api/refunds', refunds);
+  g('/api/settings', settings);
+  g('/api/subscription-items', subscriptionItems);
+  g('/api/tax-rates', taxRates);
+  g('/api/tool', tool);
+  g('/api/vendors', vendor);
+  g('/api/webhook-attempts', webhookAttempts);
+  g('/api/webhook-endpoints', webhookEndpoints);
+  g('/api/archive', archive);
+}
+
+export default mountMigratedResources;