payment-kit 1.29.0 → 1.29.2

package/api/src/routes/hono/meters.ts

@@ -0,0 +1,288 @@
+// Phase 3 (express→hono) — hono fork of routes/meters.ts. Sub-app with
+// routes relative to /api/meters (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody') ?? {}; res.status(n).json(x) → c.json(x, n).
+import { Hono } from 'hono';
+import Joi from 'joi';
+import pick from 'lodash/pick';
+
+import { Op } from 'sequelize';
+import { createListParamSchema, getOrder, getWhereFromKvQuery, MetadataSchema } from '../../libs/api';
+import logger from '../../libs/logger';
+import { authenticate } from '../../middlewares/hono/security';
+import { formatMetadata } from '../../libs/util';
+import { Meter, PaymentCurrency, PaymentMethod } from '../../store/models';
+
+const app = new Hono();
+const auth = authenticate<Meter>({ component: true, roles: ['owner', 'admin'] });
+
+const meterSchema = Joi.object({
+  name: Joi.string().max(64).required(),
+  event_name: Joi.string().max(64).required(),
+  aggregation_method: Joi.string().valid('sum', 'count', 'last').default('sum'),
+  unit: Joi.string().max(32).required(),
+  currency_id: Joi.string().max(40).optional(),
+  decimal: Joi.number().integer().min(2).max(18).default(10),
+  description: Joi.string().max(255).allow('').optional(),
+  metadata: MetadataSchema,
+  component_did: Joi.string().max(40).optional(),
+  token: Joi.object({
+    tokenFactoryAddress: Joi.string().required(),
+  }).optional(),
+}).unknown(true);
+
+const updateMeterSchema = Joi.object({
+  name: Joi.string().max(64).optional(),
+  description: Joi.string().max(255).allow('').optional(),
+  status: Joi.string().valid('active', 'inactive').optional(),
+});
+
+const listSchema = createListParamSchema<{ event_name?: string }>({
+  event_name: Joi.string().empty(''),
+});
+
+app.get('/', auth, async (c) => {
+  try {
+    const { page, pageSize, ...query } = await listSchema.validateAsync(c.req.query(), { stripUnknown: true });
+    const where = getWhereFromKvQuery(query.q);
+
+    if (typeof query.livemode === 'boolean') {
+      where.livemode = query.livemode;
+    }
+    if (query.event_name) {
+      where.event_name = query.event_name;
+    }
+
+    const { rows: list, count } = await Meter.findAndCountAll({
+      where,
+      order: getOrder(query, [['created_at', query.o === 'asc' ? 'ASC' : 'DESC']]),
+      offset: (page - 1) * pageSize,
+      limit: pageSize,
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+
+    return c.json({ count, list, paging: { page, pageSize } });
+  } catch (err) {
+    logger.error('Error listing meters', err);
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+app.post('/', auth, async (c) => {
+  try {
+    const body = c.get('sanitizedBody') ?? {};
+    const { error } = meterSchema.validate(body);
+    if (error) {
+      return c.json({ error: `Meter create request invalid: ${error.message}` }, 400);
+    }
+
+    const existing = await Meter.findOne({
+      where: { event_name: (body as any).event_name },
+    });
+    if (existing) {
+      return c.json({ error: `Meter with event_name "${(body as any).event_name}" already exists` }, 409);
+    }
+
+    if (['count', 'last'].includes((body as any).aggregation_method)) {
+      return c.json({ error: 'Aggregation method is not supported' }, 400);
+    }
+
+    const needArcblockMethod = (body as any).token?.tokenFactoryAddress || !(body as any).currency_id;
+    const arcblockMethod = needArcblockMethod
+      ? await PaymentMethod.findOne({ where: { livemode: !!c.get('livemode'), type: 'arcblock' } })
+      : null;
+    if (needArcblockMethod && !arcblockMethod) {
+      throw new Error('ArcBlock payment method not found');
+    }
+
+    let tokenConfig: Record<string, any> | undefined;
+    if ((body as any).token?.tokenFactoryAddress) {
+      const client = arcblockMethod!.getOcapClient();
+      const { state: tokenFactoryState } = await client.getTokenFactoryState({
+        address: (body as any).token.tokenFactoryAddress,
+      });
+      if (!tokenFactoryState) {
+        return c.json({ error: 'Token factory not found on chain' }, 400);
+      }
+      tokenConfig = {
+        address: tokenFactoryState.token.address,
+        symbol: tokenFactoryState.token.symbol,
+        name: tokenFactoryState.token.name,
+        decimal: tokenFactoryState.token.decimal,
+        token_factory_address: tokenFactoryState.address,
+      };
+    }
+
+    const meterData = {
+      ...pick(body as any, [
+        'name',
+        'event_name',
+        'aggregation_method',
+        'unit',
+        'currency_id',
+        'description',
+        'metadata',
+      ]),
+      livemode: !!c.get('livemode'),
+      created_via: c.get('user')?.via || 'api',
+      status: (body as any).status || 'active',
+      metadata: formatMetadata((body as any).metadata),
+    };
+
+    if (!meterData.currency_id) {
+      const paymentCurrency = await PaymentCurrency.createForMeter(meterData, arcblockMethod!.id, tokenConfig, {
+        decimal: (body as any).decimal,
+      });
+      meterData.currency_id = paymentCurrency.id;
+    }
+
+    const meter = await Meter.create(meterData);
+
+    const result = await Meter.findByPk(meter.id, {
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+
+    logger.info('Meter created', { meterId: meter.id, eventName: meter.event_name });
+    return c.json(result);
+  } catch (err) {
+    logger.error('create meter failed', { error: (err as any)?.message, request: c.get('sanitizedBody') ?? {} });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+// Public endpoint: only returns safe fields, no auth required
+const PUBLIC_METER_FIELDS = ['id', 'name', 'event_name', 'status', 'unit', 'description', 'currency_id'] as const;
+
+app.get('/public/:id', async (c) => {
+  try {
+    const meter = await Meter.findOne({
+      where: {
+        [Op.or]: [{ id: c.req.param('id') }, { event_name: c.req.param('id') }],
+      },
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+
+    if (!meter) {
+      return c.json({ error: 'Meter not found' }, 404);
+    }
+
+    return c.json({
+      ...pick(meter.toJSON(), PUBLIC_METER_FIELDS),
+      paymentCurrency: (meter as any).paymentCurrency
+        ? pick((meter as any).paymentCurrency.toJSON(), ['id', 'name', 'symbol', 'decimal', 'logo', 'type'])
+        : null,
+    });
+  } catch (err) {
+    logger.error('get public meter failed', { error: (err as any)?.message, meterId: c.req.param('id') });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+app.get('/:id', auth, async (c) => {
+  try {
+    const meter = await Meter.findOne({
+      where: {
+        [Op.or]: [{ id: c.req.param('id') }, { event_name: c.req.param('id') }],
+      },
+      include: [{ model: PaymentCurrency.scope('withRechargeConfig'), as: 'paymentCurrency' }],
+    });
+
+    if (!meter) {
+      return c.json({ error: 'Meter not found' }, 404);
+    }
+
+    return c.json(meter);
+  } catch (err) {
+    logger.error('get meter failed', { error: (err as any)?.message, meterId: c.req.param('id') });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+app.put('/:id', auth, async (c) => {
+  try {
+    const body = c.get('sanitizedBody') ?? {};
+    const { error } = updateMeterSchema.validate(pick(body as any, ['name', 'description', 'status']));
+    if (error) {
+      return c.json({ error: `Meter update request invalid: ${error.message}` }, 400);
+    }
+
+    const meter = await Meter.findByPk(c.req.param('id'), {
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+    if (!meter) {
+      return c.json({ error: 'Meter not found' }, 404);
+    }
+
+    const updateData: any = {
+      ...pick(body as any, ['name', 'description', 'status']),
+      unit: (body as any).unit || meter.unit,
+      updated_by: c.get('user')?.did,
+    };
+
+    if ((body as any).metadata) {
+      const { error: metadataError } = MetadataSchema.validate((body as any).metadata);
+      if (metadataError) {
+        return c.json({ error: `metadata invalid: ${metadataError.message}` }, 400);
+      }
+      updateData.metadata = formatMetadata((body as any).metadata);
+    }
+
+    await meter.update(updateData);
+
+    return c.json(meter);
+  } catch (err) {
+    logger.error('update meter failed', { error: (err as any)?.message, meterId: c.req.param('id') });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+app.put('/:id/activate', auth, async (c) => {
+  try {
+    const meter = await Meter.findByPk(c.req.param('id'), {
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+    if (!meter) {
+      return c.json({ error: 'Meter not found' }, 404);
+    }
+
+    if (meter.status === 'active') {
+      return c.json({ error: 'Meter is already active' }, 400);
+    }
+
+    await meter.update({
+      status: 'active',
+      updated_by: c.get('user')?.did,
+    });
+    return c.json(meter);
+  } catch (err) {
+    logger.error('activate meter failed', { error: (err as any)?.message, meterId: c.req.param('id') });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+app.put('/:id/deactivate', auth, async (c) => {
+  try {
+    const meter = await Meter.findByPk(c.req.param('id'), {
+      include: [{ model: PaymentCurrency, as: 'paymentCurrency' }],
+    });
+    if (!meter) {
+      return c.json({ error: 'Meter not found' }, 404);
+    }
+
+    if (meter.status === 'inactive') {
+      return c.json({ error: 'Meter is already inactive' }, 400);
+    }
+
+    await meter.update({
+      status: 'inactive',
+      updated_by: c.get('user')?.did,
+    });
+
+    return c.json(meter);
+  } catch (err) {
+    logger.error('deactivate meter failed', { error: (err as any)?.message, meterId: c.req.param('id') });
+    return c.json({ error: (err as any)?.message }, 400);
+  }
+});
+
+export default app;

package/api/src/routes/hono/passports.ts

@@ -0,0 +1,73 @@
+// Phase 3 (express→hono) — hono fork of routes/passports.ts. Sub-app with
+// routes relative to /api/passports (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody'); res.status(n).json(x) → c.json(x, n).
+import { Hono } from 'hono';
+
+import { updatePassportExtra } from '../../integrations/blocklet/passport';
+import { blocklet } from '../../libs/auth';
+import { authenticate } from '../../middlewares/hono/security';
+import { PaymentLink, PricingTable, Product } from '../../store/models';
+
+const app = new Hono();
+const auth = authenticate<any>({ component: false, roles: ['owner', 'admin'] });
+
+app.get('/', auth, async (c) => {
+  const result = await blocklet.getRoles();
+  return c.json(result.roles);
+});
+
+app.put('/assign', auth, async (c) => {
+  const body = c.get('sanitizedBody') ?? {};
+  const { name, id } = body as any;
+
+  if (!id) {
+    return c.json({ message: 'payment entry or product id is required' }, 400);
+  }
+  if (!name) {
+    return c.json({ message: 'passport name is required' }, 400);
+  }
+
+  if (id.startsWith('plink_')) {
+    const doc = await PaymentLink.findByPk(id);
+    if (!doc?.active) {
+      return c.json({ message: 'payment link is not active' }, 400);
+    }
+
+    const result = await updatePassportExtra(name, { acquire: { pay: id } });
+    return c.json(result);
+  }
+
+  if (id.startsWith('prctbl_')) {
+    const doc = await PricingTable.findByPk(id);
+    if (!doc?.active) {
+      return c.json({ message: 'pricing table is not active' }, 400);
+    }
+
+    const result = await updatePassportExtra(name, { acquire: { pay: id } });
+    return c.json(result);
+  }
+
+  if (id.startsWith('prod_')) {
+    const doc = await Product.findByPk(id);
+    if (!doc?.active) {
+      return c.json({ message: 'product is not active' }, 400);
+    }
+
+    await doc.update({ metadata: { ...doc.metadata, passport: name } });
+    const result = await updatePassportExtra(name, { payment: { product: id } });
+    return c.json(result);
+  }
+
+  return c.json({ message: 'pay link is not support' }, 400);
+});
+
+app.delete('/assign/:name', auth, async (c) => {
+  const result = await updatePassportExtra(c.req.param('name') as string, {
+    payment: { product: '' },
+    acquire: { pay: '' },
+  });
+  return c.json(result);
+});
+
+export default app;