shipd 0.1.3 → 0.2.0

package/features/auth/lib/auth.ts

@@ -0,0 +1,295 @@
+import { db } from "@/db/drizzle";
+import { account, session, user, verification } from "@/db/schema";
+import { eq } from "drizzle-orm";
+// Subscription is optional (only if payments module is installed)
+// We'll check for it at runtime in the webhook handler
+import {
+  checkout,
+  polar,
+  portal,
+  usage,
+  webhooks,
+} from "@polar-sh/better-auth";
+import { Polar } from "@polar-sh/sdk";
+import { betterAuth } from "better-auth";
+import { drizzleAdapter } from "better-auth/adapters/drizzle";
+import { nextCookies } from "better-auth/next-js";
+import {
+  sendPasswordResetEmail,
+  sendSubscriptionConfirmationEmail,
+  sendPaymentFailedEmail,
+} from "@/lib/email";
+
+// Utility function to safely parse dates
+function safeParseDate(value: string | Date | null | undefined): Date | null {
+  if (!value) return null;
+  if (value instanceof Date) return value;
+  return new Date(value);
+}
+
+// Check if Polar is configured
+const isPolarConfigured = !!(
+  process.env.POLAR_ACCESS_TOKEN &&
+  process.env.POLAR_WEBHOOK_SECRET &&
+  process.env.NEXT_PUBLIC_STARTER_TIER &&
+  process.env.NEXT_PUBLIC_STARTER_SLUG
+);
+
+if (!isPolarConfigured && process.env.NODE_ENV === "development") {
+  console.warn(
+    "⚠️  Polar.sh not configured - subscription features disabled. Configure POLAR_* env vars to enable payments.",
+  );
+}
+
+const polarClient = isPolarConfigured
+  ? new Polar({
+      accessToken: process.env.POLAR_ACCESS_TOKEN,
+    })
+  : null;
+
+export const auth = betterAuth({
+  trustedOrigins: [`${process.env.NEXT_PUBLIC_APP_URL}`],
+  allowedDevOrigins: [`${process.env.NEXT_PUBLIC_APP_URL}`],
+  cookieCache: {
+    enabled: true,
+    maxAge: 5 * 60, // Cache duration in seconds
+  },
+  database: drizzleAdapter(db, {
+    provider: "pg",
+    schema: {
+      user,
+      session,
+      account,
+      verification,
+    },
+  }),
+  emailAndPassword: {
+    enabled: true,
+    sendResetPassword: async ({ user, url }) => {
+      // Send password reset email
+      await sendPasswordResetEmail(user.email, url);
+    },
+  },
+  user: {
+    additionalFields: {
+      name: {
+        type: "string",
+        required: false,
+      },
+    },
+  },
+  socialProviders: {
+    google: {
+      clientId: process.env.GOOGLE_CLIENT_ID!,
+      clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+    },
+  },
+  // TODO: Implement welcome emails via a custom sign-up API route
+  // Better Auth hooks API may have changed - using webhook approach instead
+  plugins: [
+    ...(isPolarConfigured && polarClient
+      ? [
+          polar({
+            client: polarClient,
+            createCustomerOnSignUp: true,
+            use: [
+              checkout({
+                products: [
+                  {
+                    productId: process.env.NEXT_PUBLIC_STARTER_TIER!,
+                    slug: process.env.NEXT_PUBLIC_STARTER_SLUG!,
+                  },
+                ],
+                successUrl: `${process.env.NEXT_PUBLIC_APP_URL}/${process.env.POLAR_SUCCESS_URL}`,
+                authenticatedUsersOnly: true,
+              }),
+              portal(),
+              usage(),
+              webhooks({
+                secret: process.env.POLAR_WEBHOOK_SECRET!,
+                onPayload: async ({ data, type }) => {
+            if (
+              type === "subscription.created" ||
+              type === "subscription.active" ||
+              type === "subscription.canceled" ||
+              type === "subscription.revoked" ||
+              type === "subscription.uncanceled" ||
+              type === "subscription.updated"
+            ) {
+              console.log("🎯 Processing subscription webhook:", type);
+              console.log("📦 Payload data:", JSON.stringify(data, null, 2));
+
+              try {
+                // STEP 1: Extract user ID from customer data
+                const userId = data.customer?.externalId;
+                // STEP 2: Build subscription data
+                const subscriptionData = {
+                  id: data.id,
+                  createdAt: new Date(data.createdAt),
+                  modifiedAt: safeParseDate(data.modifiedAt),
+                  amount: data.amount,
+                  currency: data.currency,
+                  recurringInterval: data.recurringInterval,
+                  status: data.status,
+                  currentPeriodStart:
+                    safeParseDate(data.currentPeriodStart) || new Date(),
+                  currentPeriodEnd:
+                    safeParseDate(data.currentPeriodEnd) || new Date(),
+                  cancelAtPeriodEnd: data.cancelAtPeriodEnd || false,
+                  canceledAt: safeParseDate(data.canceledAt),
+                  startedAt: safeParseDate(data.startedAt) || new Date(),
+                  endsAt: safeParseDate(data.endsAt),
+                  endedAt: safeParseDate(data.endedAt),
+                  customerId: data.customerId,
+                  productId: data.productId,
+                  discountId: data.discountId || null,
+                  checkoutId: data.checkoutId || "",
+                  customerCancellationReason:
+                    data.customerCancellationReason || null,
+                  customerCancellationComment:
+                    data.customerCancellationComment || null,
+                  metadata: data.metadata
+                    ? JSON.stringify(data.metadata)
+                    : null,
+                  customFieldData: data.customFieldData
+                    ? JSON.stringify(data.customFieldData)
+                    : null,
+                  userId: userId as string | null,
+                };
+
+                console.log("💾 Final subscription data:", {
+                  id: subscriptionData.id,
+                  status: subscriptionData.status,
+                  userId: subscriptionData.userId,
+                  amount: subscriptionData.amount,
+                });
+
+                // STEP 3: Use Drizzle's onConflictDoUpdate for proper upsert
+                // Only if subscription table exists (payments module installed)
+                // Dynamically import subscription table
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                let subscriptionTable: any;
+                try {
+                  const schemaModule = await import("@/db/schema");
+                  if ('subscription' in schemaModule && schemaModule.subscription) {
+                    subscriptionTable = schemaModule.subscription;
+                  } else {
+                    console.warn("⚠️  Subscription table not found. Install payments module to enable subscription webhooks.");
+                    return;
+                  }
+                } catch {
+                  console.warn("⚠️  Subscription table not found. Install payments module to enable subscription webhooks.");
+                  return;
+                }
+                
+                await db
+                  .insert(subscriptionTable)
+                  .values(subscriptionData)
+                  .onConflictDoUpdate({
+                    target: subscriptionTable.id,
+                    set: {
+                      modifiedAt: subscriptionData.modifiedAt || new Date(),
+                      amount: subscriptionData.amount,
+                      currency: subscriptionData.currency,
+                      recurringInterval: subscriptionData.recurringInterval,
+                      status: subscriptionData.status,
+                      currentPeriodStart: subscriptionData.currentPeriodStart,
+                      currentPeriodEnd: subscriptionData.currentPeriodEnd,
+                      cancelAtPeriodEnd: subscriptionData.cancelAtPeriodEnd,
+                      canceledAt: subscriptionData.canceledAt,
+                      startedAt: subscriptionData.startedAt,
+                      endsAt: subscriptionData.endsAt,
+                      endedAt: subscriptionData.endedAt,
+                      customerId: subscriptionData.customerId,
+                      productId: subscriptionData.productId,
+                      discountId: subscriptionData.discountId,
+                      checkoutId: subscriptionData.checkoutId,
+                      customerCancellationReason:
+                        subscriptionData.customerCancellationReason,
+                      customerCancellationComment:
+                        subscriptionData.customerCancellationComment,
+                      metadata: subscriptionData.metadata,
+                      customFieldData: subscriptionData.customFieldData,
+                      userId: subscriptionData.userId,
+                    },
+                  });
+
+                console.log("✅ Upserted subscription:", data.id);
+
+                // Send subscription emails based on event type
+                try {
+                  // Get user email from database
+                  if (userId) {
+                    const userRecord = await db
+                      .select()
+                      .from(user)
+                      .where(eq(user.id, userId))
+                      .limit(1);
+
+                    if (userRecord[0]?.email) {
+                      const userEmail = userRecord[0].email;
+
+                      // Send confirmation email for new or reactivated subscriptions
+                      if (
+                        type === "subscription.created" ||
+                        type === "subscription.active"
+                      ) {
+                        const amount = `$${(data.amount / 100).toFixed(2)}/${data.recurringInterval}`;
+                        await sendSubscriptionConfirmationEmail(
+                          userEmail,
+                          "Premium", // TODO: Get actual plan name from product
+                          amount
+                        );
+                        console.log("📧 Sent subscription confirmation email to:", userEmail);
+                      }
+                    }
+                  }
+                } catch (emailError) {
+                  console.error("📧 Failed to send subscription email:", emailError);
+                  // Don't throw - email failures shouldn't block webhook processing
+                }
+              } catch (error) {
+                console.error(
+                  "💥 Error processing subscription webhook:",
+                  error,
+                );
+                // Don't throw - let webhook succeed to avoid retries
+              }
+            }
+
+            // Handle payment failed events
+            if (type === "subscription.payment_failed") {
+              try {
+                const userId = data.customer?.externalId;
+                if (userId) {
+                  const userRecord = await db
+                    .select()
+                    .from(user)
+                    .where(eq(user.id, userId))
+                    .limit(1);
+
+                  if (userRecord[0]?.email) {
+                    const retryDate = new Date();
+                    retryDate.setDate(retryDate.getDate() + 3); // 3 days from now
+
+                    await sendPaymentFailedEmail(
+                      userRecord[0].email,
+                      "Premium", // TODO: Get actual plan name
+                      retryDate.toLocaleDateString()
+                    );
+                    console.log("📧 Sent payment failed email to:", userRecord[0].email);
+                  }
+                }
+              } catch (error) {
+                console.error("📧 Failed to send payment failed email:", error);
+              }
+            }
+          },
+        }),
+      ],
+    }),
+        ]
+      : []),
+    nextCookies(),
+  ],
+});

package/features/auth/lib/email-stub.ts

@@ -0,0 +1,55 @@
+/**
+ * Email stub for auth module
+ * 
+ * This provides minimal email functionality when the full email module is not installed.
+ * Email sending will be logged to console in development.
+ */
+
+interface EmailOptions {
+  to: string;
+  subject: string;
+  url?: string;
+  user?: { email: string; name?: string };
+}
+
+/**
+ * Send password reset email (stub)
+ */
+export async function sendPasswordResetEmail(
+  email: string,
+  url: string
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email Stub] Password reset email would be sent to ${email}`);
+    console.log(`   Reset URL: ${url}`);
+    console.log(`   Install the email module for actual email sending.`);
+  }
+  // In production, this would fail silently or you should install the email module
+}
+
+/**
+ * Send subscription confirmation email (stub)
+ */
+export async function sendSubscriptionConfirmationEmail(
+  email: string,
+  subscriptionDetails: any
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email Stub] Subscription confirmation email would be sent to ${email}`);
+    console.log(`   Install the email module for actual email sending.`);
+  }
+}
+
+/**
+ * Send payment failed email (stub)
+ */
+export async function sendPaymentFailedEmail(
+  email: string,
+  errorDetails: any
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email Stub] Payment failed email would be sent to ${email}`);
+    console.log(`   Install the email module for actual email sending.`);
+  }
+}
+

package/features/auth/lib/email.ts

@@ -0,0 +1,47 @@
+/**
+ * Email functions for auth module
+ * 
+ * This is a minimal email implementation that logs to console.
+ * Install the full email module (Resend) for production email sending.
+ */
+
+/**
+ * Send password reset email
+ */
+export async function sendPasswordResetEmail(
+  email: string,
+  url: string
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email] Password reset email would be sent to ${email}`);
+    console.log(`   Reset URL: ${url}`);
+    console.log(`   Install the email module (Resend) for actual email sending.`);
+  }
+  // In production without email module, this fails silently
+  // Install the email module for production use
+}
+
+/**
+ * Send subscription confirmation email
+ */
+export async function sendSubscriptionConfirmationEmail(
+  email: string
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email] Subscription confirmation email would be sent to ${email}`);
+    console.log(`   Install the email module (Resend) for actual email sending.`);
+  }
+}
+
+/**
+ * Send payment failed email
+ */
+export async function sendPaymentFailedEmail(
+  email: string
+): Promise<void> {
+  if (process.env.NODE_ENV === 'development') {
+    console.log(`📧 [Email] Payment failed email would be sent to ${email}`);
+    console.log(`   Install the email module (Resend) for actual email sending.`);
+  }
+}
+

package/features/auth/middleware.patch.ts

@@ -0,0 +1,43 @@
+/**
+ * Auth Middleware Patch
+ * 
+ * This file contains the middleware logic for authentication.
+ * When the auth module is appended, this will be merged into the base middleware.ts
+ */
+
+import { NextRequest, NextResponse } from "next/server";
+import { getSessionCookie } from "better-auth/cookies";
+
+/**
+ * Apply auth middleware logic
+ * This function should be called from the base middleware
+ */
+export function applyAuthMiddleware(
+  request: NextRequest,
+  baseResponse: NextResponse
+): NextResponse | null {
+  const sessionCookie = getSessionCookie(request);
+  const { pathname } = request.nextUrl;
+
+  // Don't redirect from sign-in/sign-up pages to avoid redirect loops
+  if (["/sign-in", "/sign-up"].includes(pathname)) {
+    return null; // Let base middleware handle it
+  }
+
+  // Redirect unauthenticated users from protected routes
+  const protectedRoutes = ["/dashboard"]; // Can be customized
+  const isProtectedRoute = protectedRoutes.some(route => pathname.startsWith(route));
+
+  if (isProtectedRoute && !sessionCookie) {
+    const returnTo = encodeURIComponent(pathname);
+    return NextResponse.redirect(new URL(`/sign-in?returnTo=${returnTo}`, request.url));
+  }
+
+  return null; // Continue with base middleware
+}
+
+/**
+ * Middleware matcher configuration for auth
+ */
+export const matcher = ["/dashboard/:path*", "/sign-in", "/sign-up"];
+