payment-kit 1.29.1 → 1.29.2

package/api/src/routes/{coupons.ts → hono/coupons.ts}

@@ -1,19 +1,23 @@
 /* eslint-disable @typescript-eslint/require-await */
-import { Router } from 'express';
+// Phase 3 (express→hono) — hono fork of routes/coupons.ts. Sub-app with
+// routes relative to /api/coupons (mounted via mountResourceGroup). The
+// business logic is unchanged; only the express plumbing becomes hono:
+//   req.body → c.get('sanitizedBody') ?? {}; res.status(n).json(x) → c.json(x, n).
+import { Hono } from 'hono';
 import Joi from 'joi';
 import pick from 'lodash/pick';
 
 import { CustomError, formatError } from '@blocklet/error';
 import { fromTokenToUnit } from '@ocap/util';
-import { authenticate } from '../libs/security';
-import { createListParamSchema, getOrder, getWhereFromKvQuery, MetadataSchema } from '../libs/api';
-import { createIdGenerator, formatMetadata } from '../libs/util';
-import { trimDecimals } from '../libs/math-utils';
-import { Coupon, PaymentCurrency, PromotionCode } from '../store/models';
-import { getRedemptionData } from '../libs/discount/redemption';
-import logger from '../libs/logger';
-
-const router = Router();
+import { authenticate } from '../../middlewares/hono/security';
+import { createListParamSchema, getOrder, getWhereFromKvQuery, MetadataSchema } from '../../libs/api';
+import { createIdGenerator, formatMetadata } from '../../libs/util';
+import { trimDecimals } from '../../libs/math-utils';
+import { Coupon, PaymentCurrency, PromotionCode } from '../../store/models';
+import { getRedemptionData } from '../../libs/discount/redemption';
+import logger from '../../libs/logger';
+
+const app = new Hono();
 const auth = authenticate({ component: true, roles: ['owner', 'admin'] });
 
 const PromotionCodeSchema = Joi.object({
@@ -253,35 +257,39 @@ export async function createCouponAndPromotionCodes(payload: any) {
  * POST /api/coupons
  * Create a new coupon with optional promotion codes
  */
-router.post('/', auth, async (req, res) => {
+app.post('/', auth, async (c) => {
   try {
-    logger.info('Creating coupon with body:', req.body);
-    const { error, value } = createCouponSchema.validate(req.body);
+    const body = c.get('sanitizedBody') ?? {};
+    logger.info('Creating coupon with body:', body);
+    const { error, value } = createCouponSchema.validate(body);
     if (error) {
-      return res.status(400).json({
-        error: error.details?.[0]?.message || 'Validation error',
-      });
+      return c.json(
+        {
+          error: error.details?.[0]?.message || 'Validation error',
+        },
+        400
+      );
     }
 
     const result = await createCouponAndPromotionCodes({
       ...value,
-      livemode: req.livemode,
-      created_via: req.user?.via || 'api',
+      livemode: c.get('livemode'),
+      created_via: c.get('user')?.via || 'api',
     });
 
     logger.info('Coupon and promotion codes created', {
       couponId: result.coupon.id,
       promotionCodesCount: result.promotion_codes.length,
-      requestedBy: req.user?.did,
+      requestedBy: c.get('user')?.did,
     });
 
-    return res.json(result);
+    return c.json(result);
   } catch (error) {
     logger.error('Error creating coupon', {
       error,
-      body: req.body,
+      body: c.get('sanitizedBody') ?? {},
     });
-    return res.status(500).json(formatError(error));
+    return c.json(formatError(error), 500);
   }
 });
 
@@ -298,20 +306,21 @@ const paginationSchema = createListParamSchema<{
  * GET /api/coupons
  * List all coupons with pagination and filtering
  */
-router.get('/', auth, async (req, res) => {
-  const { page, pageSize, valid, name, ...query } = await paginationSchema.validateAsync(req.query, {
+app.get('/', auth, async (c) => {
+  const query = c.req.query();
+  const { page, pageSize, valid, name, ...rest } = await paginationSchema.validateAsync(query, {
     stripUnknown: false,
     allowUnknown: true,
   });
 
-  const where = query.q ? getWhereFromKvQuery(query.q as any) : {};
+  const where = rest.q ? getWhereFromKvQuery(rest.q as any) : {};
 
   if (valid !== undefined) {
     where.valid = !!valid;
   }
 
-  if (typeof req.livemode === 'boolean') {
-    where.livemode = !!req.livemode;
+  if (typeof c.get('livemode') === 'boolean') {
+    where.livemode = !!c.get('livemode');
   }
 
   if (name) {
@@ -329,10 +338,10 @@ router.get('/', auth, async (req, res) => {
     ],
     limit: pageSize,
     offset: (page - 1) * pageSize,
-    order: getOrder(req.query, [['created_at', 'DESC']]),
+    order: getOrder(query, [['created_at', 'DESC']]),
   });
 
-  return res.json({
+  return c.json({
     count,
     list: rows,
     paging: { page, pageSize },
@@ -343,47 +352,51 @@ router.get('/', auth, async (req, res) => {
  * GET /api/coupons/:id
  * Retrieve a specific coupon
  */
-router.get('/:id', auth, async (req, res) => {
-  const coupon = await getExpandedCoupon(req.params.id as string);
+app.get('/:id', auth, async (c) => {
+  const coupon = await getExpandedCoupon(c.req.param('id') as string);
   if (!coupon) {
-    return res.status(404).json({ error: 'Coupon not found' });
+    return c.json({ error: 'Coupon not found' }, 404);
   }
-  return res.json(coupon);
+  return c.json(coupon);
 });
 
 /**
  * PUT /api/coupons/:id
  * Update a coupon (limited fields can be updated)
  */
-router.put('/:id', auth, async (req, res) => {
-  const { error, value } = updateCouponSchema.validate(req.body);
+app.put('/:id', auth, async (c) => {
+  const body = c.get('sanitizedBody') ?? {};
+  const { error, value } = updateCouponSchema.validate(body);
   if (error) {
-    return res.status(400).json({
-      error: error.details?.[0]?.message || 'Validation error',
-    });
+    return c.json(
+      {
+        error: error.details?.[0]?.message || 'Validation error',
+      },
+      400
+    );
   }
 
-  if (!req.params.id) {
-    return res.status(400).json({ error: 'Coupon ID is required' });
+  if (!c.req.param('id')) {
+    return c.json({ error: 'Coupon ID is required' }, 400);
   }
 
-  const coupon = await Coupon.findByPk(req.params.id);
+  const coupon = await Coupon.findByPk(c.req.param('id'));
 
   if (!coupon) {
-    return res.status(404).json({ error: 'Coupon not found' });
+    return c.json({ error: 'Coupon not found' }, 404);
   }
 
-  if (req.body.metadata) {
-    const { error: metadataError } = MetadataSchema.validate(req.body.metadata);
+  if ((body as any).metadata) {
+    const { error: metadataError } = MetadataSchema.validate((body as any).metadata);
     if (metadataError) {
-      return res.status(400).json({ error: `metadata invalid: ${metadataError.message}` });
+      return c.json({ error: `metadata invalid: ${metadataError.message}` }, 400);
     }
   }
 
   if (coupon.locked) {
     const allowedUpdates = pick(value, ['name', 'metadata', 'description']);
     if (Object.keys(allowedUpdates).length === 0) {
-      return res.status(403).json({ error: 'Coupon is locked and cannot be modified' });
+      return c.json({ error: 'Coupon is locked and cannot be modified' }, 403);
     }
     await coupon.update(Coupon.formatBeforeSave(allowedUpdates));
   }
@@ -402,9 +415,12 @@ router.put('/:id', auth, async (req, res) => {
     await coupon.update({ locked: true });
     const allowedUpdates = pick(value, ['name', 'metadata', 'description']);
     if (Object.keys(allowedUpdates).length === 0) {
-      return res.status(403).json({
-        error: 'Coupon is being used. Only name and metadata can be updated.',
-      });
+      return c.json(
+        {
+          error: 'Coupon is being used. Only name and metadata can be updated.',
+        },
+        403
+      );
     }
     await coupon.update(Coupon.formatBeforeSave(allowedUpdates));
   } else if (!coupon.locked && !isUsed) {
@@ -413,35 +429,35 @@ router.put('/:id', auth, async (req, res) => {
   }
 
   logger.info('Coupon updated', {
-    couponId: req.params.id,
+    couponId: c.req.param('id'),
     updatedFields: Object.keys(value),
-    requestedBy: req.user?.did,
+    requestedBy: c.get('user')?.did,
   });
 
-  const doc = await getExpandedCoupon(req.params.id as string);
+  const doc = await getExpandedCoupon(c.req.param('id') as string);
 
-  return res.json(doc);
+  return c.json(doc);
 });
 
 /**
  * DELETE /api/coupons/:id
  * Delete a coupon (mark as invalid if used, otherwise hard delete)
  */
-router.delete('/:id', auth, async (req, res) => {
+app.delete('/:id', auth, async (c) => {
   try {
     const coupon = await Coupon.findOne({
       where: {
-        id: req.params.id,
-        livemode: req.livemode,
+        id: c.req.param('id'),
+        livemode: c.get('livemode'),
       },
     });
 
     if (!coupon) {
-      return res.status(404).json({ error: 'Coupon not found' });
+      return c.json({ error: 'Coupon not found' }, 404);
     }
 
     if (coupon.locked) {
-      return res.status(403).json({ error: 'Coupon is locked and cannot be deleted' });
+      return c.json({ error: 'Coupon is locked and cannot be deleted' }, 403);
     }
 
     const isUsed = await coupon.isUsed();
@@ -450,36 +466,36 @@ router.delete('/:id', auth, async (req, res) => {
     if (isUsed) {
       // Mark as invalid instead of deleting
       await coupon.update({ locked: true });
-      return res.status(403).json({ error: 'Coupon is being used and cannot be deleted' });
+      return c.json({ error: 'Coupon is being used and cannot be deleted' }, 403);
     }
 
     // Hard delete if not used
     await coupon.destroy();
 
     logger.info('Coupon deleted', {
-      couponId: req.params.id,
+      couponId: c.req.param('id'),
     });
 
-    return res.json(coupon);
+    return c.json(coupon);
   } catch (error) {
     logger.error('Error deleting coupon', {
-      error: error.message,
-      couponId: req.params.id,
+      error: (error as any).message,
+      couponId: c.req.param('id'),
     });
-    return res.status(400).json(formatError(error));
+    return c.json(formatError(error), 400);
   }
 });
 
-router.get('/:id/used', auth, async (req, res) => {
-  const coupon = await Coupon.findByPk(req.params.id);
+app.get('/:id/used', auth, async (c) => {
+  const coupon = await Coupon.findByPk(c.req.param('id'));
   if (!coupon) {
-    return res.status(404).json({ error: 'Coupon not found' });
+    return c.json({ error: 'Coupon not found' }, 404);
   }
   const used = await coupon.isUsed();
   if (used && !coupon.locked) {
     await coupon.update({ locked: true });
   }
-  return res.json({ used });
+  return c.json({ used });
 });
 
 // Create redemptions pagination schema
@@ -490,18 +506,19 @@ const redemptionsSchema = createListParamSchema<{
 });
 
 // Get active redemptions for a coupon with detailed admin analytics
-router.get('/:id/redemptions', auth, async (req, res) => {
+app.get('/:id/redemptions', auth, async (c) => {
   try {
-    const couponId = req.params.id as string;
+    const couponId = c.req.param('id') as string;
+    const query = c.req.query();
 
-    const { page, pageSize, type } = await redemptionsSchema.validateAsync(req.query, {
+    const { page, pageSize, type } = await redemptionsSchema.validateAsync(query, {
       stripUnknown: false,
       allowUnknown: true,
     });
 
     const coupon = await Coupon.findByPk(couponId);
     if (!coupon) {
-      return res.status(404).json({ error: 'Coupon not found' });
+      return c.json({ error: 'Coupon not found' }, 404);
     }
 
     const result = await getRedemptionData(
@@ -511,15 +528,15 @@ router.get('/:id/redemptions', auth, async (req, res) => {
       'coupon'
     );
 
-    return res.json(result);
+    return c.json(result);
   } catch (error: any) {
     logger.error('Error getting coupon redemptions', {
       error: error.message,
       stack: error.stack,
-      couponId: req.params.id,
+      couponId: c.req.param('id'),
     });
-    return res.status(500).json(formatError(error));
+    return c.json(formatError(error), 500);
   }
 });
 
-export default router;
+export default app;