strapi5-plugin-for-stripe 1.0.0 → 1.0.1

package/dist/server/index.js

@@ -0,0 +1,306 @@
+"use strict";
+const axios = require("axios");
+const Stripe = require("stripe");
+const _interopDefault = (e) => e && e.__esModule ? e : { default: e };
+const axios__default = /* @__PURE__ */ _interopDefault(axios);
+const Stripe__default = /* @__PURE__ */ _interopDefault(Stripe);
+const bootstrap = ({ strapi }) => {
+};
+const destroy = ({ strapi }) => {
+};
+const register = ({ strapi }) => {
+};
+const config = {
+  default: {},
+  validator() {
+  }
+};
+const contentTypes = {};
+const stripeController = ({ strapi }) => ({
+  async stripeService() {
+    return strapi.plugin("strapi5-plugin-stripe").service("stripeService");
+  },
+  /* ============================
+   * SETTINGS
+   * ============================ */
+  async getSettingsInternal() {
+    return await strapi.store({ type: "plugin", name: "strapi5-plugin-stripe" }).get({ key: "settings" });
+  },
+  async getSettings(ctx) {
+    const settings = await this.getSettingsInternal();
+    ctx.body = settings || {};
+  },
+  async updateSettings(ctx) {
+    const data = ctx.request.body;
+    if (data.checkout?.successUrl) {
+      const u = new URL(data.checkout.successUrl);
+      if (data.environment === "live" && u.protocol !== "https:") {
+        throw new Error("successUrl must be HTTPS in live mode");
+      }
+    }
+    if (data.checkout?.cancelUrl) {
+      const u = new URL(data.checkout.cancelUrl);
+      if (data.environment === "live" && u.protocol !== "https:") {
+        throw new Error("cancelUrl must be HTTPS in live mode");
+      }
+    }
+    await strapi.store({ type: "plugin", name: "strapi5-plugin-stripe" }).set({ key: "settings", value: data });
+    ctx.body = { ok: true };
+  },
+  /* ============================
+   * PRODUCTS
+   * ============================ */
+  async createProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = await stripe.prices.create(ctx.request.body);
+  },
+  async listProducts(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      prices: (await stripe.prices.list({
+        limit: ctx.query.limit || 20,
+        active: ctx.query.active || true
+      })).data,
+      products: (await stripe.products.list({
+        limit: ctx.query.limit || 20,
+        active: ctx.query.active || true
+      })).data
+    };
+  },
+  async updateProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = await stripe.products.update(ctx.params.id, ctx.request.body);
+  },
+  async deleteProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      productRes: await stripe.products.update(ctx.params.productId, {
+        active: false
+      }),
+      priceRes: await stripe.prices.update(ctx.params.priceId, {
+        active: false
+      })
+    };
+  },
+  async deletePrice(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      productRes: await stripe.products.update(ctx.params.productId, {
+        default_price: ctx.params.newPriceId
+      }),
+      priceRes: await stripe.prices.update(ctx.params.priceId, {
+        active: false
+      })
+    };
+  },
+  /* ============================
+   * CHECKOUT
+   * ============================ */
+  async checkout(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    const {
+      priceId,
+      customer_email,
+      productId,
+      productName,
+      metadata = {}
+    } = ctx.request.body;
+    if (!priceId || !customer_email) {
+      ctx.throw(400, "Missing priceId or customer_email");
+    }
+    const session = await stripe.checkout.sessions.create({
+      mode: "payment",
+      line_items: [
+        {
+          price: priceId,
+          quantity: 1
+        }
+      ],
+      customer_email,
+      success_url: settings.checkout.successUrl + "?sessionId={CHECKOUT_SESSION_ID}",
+      cancel_url: settings.checkout.cancelUrl,
+      metadata: {
+        productId,
+        productName,
+        ...metadata
+      }
+    });
+    ctx.body = {
+      url: session.url
+    };
+  },
+  /* ============================
+   * WEBHOOK
+   * ============================ */
+  async webhook(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    const signature = ctx.request.headers["stripe-signature"];
+    const webhookSecret = process.env.STRAPI_ADMIN_STRIPE_WEBHOOK_SECRET_KEY;
+    const forwardUrl = settings.webhook?.forwardUrl;
+    if (!signature || !webhookSecret) {
+      ctx.throw(400, "Webhook configuration missing");
+    }
+    const rawBody = ctx.request.body?.[Symbol.for("unparsedBody")] ?? ctx.request.body;
+    let event;
+    try {
+      event = stripe.webhooks.constructEvent(rawBody, signature, webhookSecret);
+    } catch (err) {
+      ctx.throw(400, "Invalid Stripe webhook signature");
+    }
+    if (forwardUrl) {
+      await axios__default.default.post(forwardUrl, event, {
+        headers: {
+          "Content-Type": "application/json",
+          "Stripe-Event-Id": event.id,
+          "Stripe-Event-Type": event.type
+        },
+        timeout: 1e4
+      });
+    }
+    ctx.body = { received: true };
+  }
+});
+const controllers = {
+  stripeController
+};
+const middlewares = {};
+const policies = {};
+const contentAPIRoutes = () => ({
+  type: "content-api",
+  routes: [
+    {
+      method: "POST",
+      path: "/checkout",
+      handler: "stripeController.checkout"
+    },
+    {
+      method: "POST",
+      path: "/webhook",
+      handler: "stripeController.webhook",
+      config: {
+        auth: false
+      }
+    }
+  ]
+});
+const adminAPIRoutes = () => ({
+  type: "admin",
+  routes: [
+    {
+      method: "GET",
+      path: "/settings",
+      handler: "stripeController.getSettings",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "PUT",
+      path: "/settings",
+      handler: "stripeController.updateSettings",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "POST",
+      path: "/products",
+      handler: "stripeController.createProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "GET",
+      path: "/products",
+      handler: "stripeController.listProducts",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "PUT",
+      path: "/products/:id",
+      handler: "stripeController.updateProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "DELETE",
+      path: "/products/:productId&:priceId",
+      handler: "stripeController.deleteProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "DELETE",
+      path: "/prices/:productId&:priceId&:newPriceId",
+      handler: "stripeController.deletePrice",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    }
+  ]
+});
+const routes = {
+  "content-api": contentAPIRoutes,
+  admin: adminAPIRoutes
+};
+const stripeService = ({ strapi }) => ({
+  /* ============================
+   * STRIPE CLIENT
+   * ============================ */
+  stripeClient(env) {
+    const key = env === "live" ? process.env.STRAPI_ADMIN_LIVE_STRIPE_SECRET_KEY : process.env.STRAPI_ADMIN_TEST_STRIPE_SECRET_KEY;
+    if (!key) {
+      throw new Error(`Missing Stripe secret key (${env})`);
+    }
+    return new Stripe__default.default(key);
+  }
+});
+const services = {
+  stripeService
+};
+const index = {
+  bootstrap,
+  destroy,
+  register,
+  config,
+  controllers,
+  contentTypes,
+  middlewares,
+  policies,
+  routes,
+  services
+};
+module.exports = index;

package/dist/server/index.mjs

@@ -0,0 +1,304 @@
+import axios from "axios";
+import Stripe from "stripe";
+const bootstrap = ({ strapi }) => {
+};
+const destroy = ({ strapi }) => {
+};
+const register = ({ strapi }) => {
+};
+const config = {
+  default: {},
+  validator() {
+  }
+};
+const contentTypes = {};
+const stripeController = ({ strapi }) => ({
+  async stripeService() {
+    return strapi.plugin("strapi5-plugin-stripe").service("stripeService");
+  },
+  /* ============================
+   * SETTINGS
+   * ============================ */
+  async getSettingsInternal() {
+    return await strapi.store({ type: "plugin", name: "strapi5-plugin-stripe" }).get({ key: "settings" });
+  },
+  async getSettings(ctx) {
+    const settings = await this.getSettingsInternal();
+    ctx.body = settings || {};
+  },
+  async updateSettings(ctx) {
+    const data = ctx.request.body;
+    if (data.checkout?.successUrl) {
+      const u = new URL(data.checkout.successUrl);
+      if (data.environment === "live" && u.protocol !== "https:") {
+        throw new Error("successUrl must be HTTPS in live mode");
+      }
+    }
+    if (data.checkout?.cancelUrl) {
+      const u = new URL(data.checkout.cancelUrl);
+      if (data.environment === "live" && u.protocol !== "https:") {
+        throw new Error("cancelUrl must be HTTPS in live mode");
+      }
+    }
+    await strapi.store({ type: "plugin", name: "strapi5-plugin-stripe" }).set({ key: "settings", value: data });
+    ctx.body = { ok: true };
+  },
+  /* ============================
+   * PRODUCTS
+   * ============================ */
+  async createProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = await stripe.prices.create(ctx.request.body);
+  },
+  async listProducts(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      prices: (await stripe.prices.list({
+        limit: ctx.query.limit || 20,
+        active: ctx.query.active || true
+      })).data,
+      products: (await stripe.products.list({
+        limit: ctx.query.limit || 20,
+        active: ctx.query.active || true
+      })).data
+    };
+  },
+  async updateProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = await stripe.products.update(ctx.params.id, ctx.request.body);
+  },
+  async deleteProduct(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      productRes: await stripe.products.update(ctx.params.productId, {
+        active: false
+      }),
+      priceRes: await stripe.prices.update(ctx.params.priceId, {
+        active: false
+      })
+    };
+  },
+  async deletePrice(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    ctx.body = {
+      productRes: await stripe.products.update(ctx.params.productId, {
+        default_price: ctx.params.newPriceId
+      }),
+      priceRes: await stripe.prices.update(ctx.params.priceId, {
+        active: false
+      })
+    };
+  },
+  /* ============================
+   * CHECKOUT
+   * ============================ */
+  async checkout(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    const {
+      priceId,
+      customer_email,
+      productId,
+      productName,
+      metadata = {}
+    } = ctx.request.body;
+    if (!priceId || !customer_email) {
+      ctx.throw(400, "Missing priceId or customer_email");
+    }
+    const session = await stripe.checkout.sessions.create({
+      mode: "payment",
+      line_items: [
+        {
+          price: priceId,
+          quantity: 1
+        }
+      ],
+      customer_email,
+      success_url: settings.checkout.successUrl + "?sessionId={CHECKOUT_SESSION_ID}",
+      cancel_url: settings.checkout.cancelUrl,
+      metadata: {
+        productId,
+        productName,
+        ...metadata
+      }
+    });
+    ctx.body = {
+      url: session.url
+    };
+  },
+  /* ============================
+   * WEBHOOK
+   * ============================ */
+  async webhook(ctx) {
+    const settings = await this.getSettingsInternal();
+    const service = await this.stripeService();
+    const stripe = service.stripeClient(settings.environment || "test");
+    const signature = ctx.request.headers["stripe-signature"];
+    const webhookSecret = process.env.STRAPI_ADMIN_STRIPE_WEBHOOK_SECRET_KEY;
+    const forwardUrl = settings.webhook?.forwardUrl;
+    if (!signature || !webhookSecret) {
+      ctx.throw(400, "Webhook configuration missing");
+    }
+    const rawBody = ctx.request.body?.[Symbol.for("unparsedBody")] ?? ctx.request.body;
+    let event;
+    try {
+      event = stripe.webhooks.constructEvent(rawBody, signature, webhookSecret);
+    } catch (err) {
+      ctx.throw(400, "Invalid Stripe webhook signature");
+    }
+    if (forwardUrl) {
+      await axios.post(forwardUrl, event, {
+        headers: {
+          "Content-Type": "application/json",
+          "Stripe-Event-Id": event.id,
+          "Stripe-Event-Type": event.type
+        },
+        timeout: 1e4
+      });
+    }
+    ctx.body = { received: true };
+  }
+});
+const controllers = {
+  stripeController
+};
+const middlewares = {};
+const policies = {};
+const contentAPIRoutes = () => ({
+  type: "content-api",
+  routes: [
+    {
+      method: "POST",
+      path: "/checkout",
+      handler: "stripeController.checkout"
+    },
+    {
+      method: "POST",
+      path: "/webhook",
+      handler: "stripeController.webhook",
+      config: {
+        auth: false
+      }
+    }
+  ]
+});
+const adminAPIRoutes = () => ({
+  type: "admin",
+  routes: [
+    {
+      method: "GET",
+      path: "/settings",
+      handler: "stripeController.getSettings",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "PUT",
+      path: "/settings",
+      handler: "stripeController.updateSettings",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "POST",
+      path: "/products",
+      handler: "stripeController.createProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "GET",
+      path: "/products",
+      handler: "stripeController.listProducts",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "PUT",
+      path: "/products/:id",
+      handler: "stripeController.updateProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "DELETE",
+      path: "/products/:productId&:priceId",
+      handler: "stripeController.deleteProduct",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    },
+    {
+      method: "DELETE",
+      path: "/prices/:productId&:priceId&:newPriceId",
+      handler: "stripeController.deletePrice",
+      config: {
+        auth: {
+          admin: true
+        }
+      }
+    }
+  ]
+});
+const routes = {
+  "content-api": contentAPIRoutes,
+  admin: adminAPIRoutes
+};
+const stripeService = ({ strapi }) => ({
+  /* ============================
+   * STRIPE CLIENT
+   * ============================ */
+  stripeClient(env) {
+    const key = env === "live" ? process.env.STRAPI_ADMIN_LIVE_STRIPE_SECRET_KEY : process.env.STRAPI_ADMIN_TEST_STRIPE_SECRET_KEY;
+    if (!key) {
+      throw new Error(`Missing Stripe secret key (${env})`);
+    }
+    return new Stripe(key);
+  }
+});
+const services = {
+  stripeService
+};
+const index = {
+  bootstrap,
+  destroy,
+  register,
+  config,
+  controllers,
+  contentTypes,
+  middlewares,
+  policies,
+  routes,
+  services
+};
+export {
+  index as default
+};

package/package.json

@@ -1,7 +1,6 @@
 {
-  "version": "1.0.0",
+  "version": "1.0.1",
   "keywords": [],
-  "type": "commonjs",
   "exports": {
     "./package.json": "./package.json",
     "./strapi-admin": {
@@ -22,6 +21,7 @@
   ],
   "scripts": {
     "build": "strapi-plugin build",
+    "prepack": "yarn build",
     "watch": "strapi-plugin watch",
     "watch:link": "strapi-plugin watch:link",
     "verify": "strapi-plugin verify"