web-agent-bridge 1.1.0 → 1.1.2

package/server/services/stripe.js

@@ -1,192 +1,192 @@
-/**
- * Stripe Payment Integration Service
- */
-
-const {
-  getPlatformSetting,
-  saveStripeCustomer,
-  getStripeCustomer,
-  saveStripeSubscription,
-  updateStripeSubscription,
-  getStripeSubscriptionBySubId,
-  savePayment,
-  updateSiteTier,
-  findSiteById
-} = require('../models/db');
-
-let stripe = null;
-
-function getStripe() {
-  if (stripe) return stripe;
-  const key = process.env.STRIPE_SECRET_KEY || getPlatformSetting('stripe_secret_key');
-  if (!key) return null;
-  stripe = require('stripe')(key);
-  return stripe;
-}
-
-function getStripePrices() {
-  return {
-    starter: process.env.STRIPE_PRICE_STARTER || getPlatformSetting('stripe_price_starter'),
-    pro: process.env.STRIPE_PRICE_PRO || getPlatformSetting('stripe_price_pro'),
-    enterprise: process.env.STRIPE_PRICE_ENTERPRISE || getPlatformSetting('stripe_price_enterprise')
-  };
-}
-
-async function createCheckoutSession({ userId, userEmail, siteId, tier }) {
-  const site = findSiteById.get(siteId);
-  if (!site || site.user_id !== userId) {
-    throw new Error('Site not found or access denied');
-  }
-
-  const s = getStripe();
-  if (!s) throw new Error('Stripe not configured');
-
-  const prices = getStripePrices();
-  const priceId = prices[tier];
-  if (!priceId) throw new Error(`No price configured for tier: ${tier}`);
-
-  // Get or create Stripe customer
-  let customer = getStripeCustomer(userId);
-  if (!customer) {
-    const stripeCustomer = await s.customers.create({ email: userEmail, metadata: { wab_user_id: userId } });
-    saveStripeCustomer(userId, stripeCustomer.id);
-    customer = { stripe_customer_id: stripeCustomer.id };
-  }
-
-  const baseUrl = process.env.BASE_URL || 'https://webagentbridge.com';
-
-  const session = await s.checkout.sessions.create({
-    customer: customer.stripe_customer_id,
-    mode: 'subscription',
-    payment_method_types: ['card'],
-    line_items: [{ price: priceId, quantity: 1 }],
-    metadata: { wab_user_id: userId, wab_site_id: siteId, tier },
-    success_url: `${baseUrl}/dashboard?payment=success&session_id={CHECKOUT_SESSION_ID}`,
-    cancel_url: `${baseUrl}/dashboard?payment=cancelled`
-  });
-
-  return { sessionId: session.id, url: session.url };
-}
-
-async function createPortalSession(userId) {
-  const s = getStripe();
-  if (!s) throw new Error('Stripe not configured');
-
-  const customer = getStripeCustomer(userId);
-  if (!customer) throw new Error('No Stripe customer found');
-
-  const baseUrl = process.env.BASE_URL || 'https://webagentbridge.com';
-
-  const session = await s.billingPortal.sessions.create({
-    customer: customer.stripe_customer_id,
-    return_url: `${baseUrl}/dashboard`
-  });
-
-  return { url: session.url };
-}
-
-function handleWebhookEvent(event) {
-  switch (event.type) {
-    case 'checkout.session.completed': {
-      const session = event.data.object;
-      const { wab_user_id, wab_site_id, tier } = session.metadata || {};
-      if (wab_user_id && wab_site_id && session.subscription) {
-        saveStripeSubscription({
-          userId: wab_user_id,
-          siteId: wab_site_id,
-          stripeSubId: session.subscription,
-          stripePriceId: null,
-          tier: tier || 'starter',
-          status: 'active',
-          periodStart: new Date().toISOString(),
-          periodEnd: null
-        });
-        updateSiteTier.run(tier || 'starter', wab_site_id, wab_user_id);
-      }
-      break;
-    }
-
-    case 'invoice.payment_succeeded': {
-      const invoice = event.data.object;
-      if (invoice.subscription) {
-        const sub = getStripeSubscriptionBySubId(invoice.subscription);
-        if (sub) {
-          savePayment({
-            userId: sub.user_id,
-            stripePaymentId: invoice.payment_intent,
-            amount: invoice.amount_paid,
-            currency: invoice.currency,
-            status: 'succeeded',
-            description: `Subscription payment - ${sub.tier}`
-          });
-          updateStripeSubscription(invoice.subscription, {
-            status: 'active',
-            periodStart: new Date(invoice.period_start * 1000).toISOString(),
-            periodEnd: new Date(invoice.period_end * 1000).toISOString()
-          });
-        }
-      }
-      break;
-    }
-
-    case 'customer.subscription.updated': {
-      const subscription = event.data.object;
-      updateStripeSubscription(subscription.id, {
-        status: subscription.status === 'active' ? 'active' : subscription.status === 'past_due' ? 'past_due' : subscription.status === 'trialing' ? 'trialing' : 'cancelled'
-      });
-      break;
-    }
-
-    case 'customer.subscription.deleted': {
-      const subscription = event.data.object;
-      const sub = getStripeSubscriptionBySubId(subscription.id);
-      if (sub) {
-        updateStripeSubscription(subscription.id, { status: 'cancelled' });
-        updateSiteTier.run('free', sub.site_id, sub.user_id);
-      }
-      break;
-    }
-
-    case 'invoice.payment_failed': {
-      const invoice = event.data.object;
-      if (invoice.subscription) {
-        updateStripeSubscription(invoice.subscription, { status: 'past_due' });
-      }
-      break;
-    }
-  }
-}
-
-function isStripeConfigured() {
-  const key = process.env.STRIPE_SECRET_KEY || getPlatformSetting('stripe_secret_key');
-  return !!key;
-}
-
-/**
- * Express webhook handler: verifies Stripe signature, then dispatches business logic.
- */
-function handleWebhookRequest(req) {
-  const sig = req.headers['stripe-signature'];
-  const raw = req.body;
-  const whSecret = process.env.STRIPE_WEBHOOK_SECRET || getPlatformSetting('stripe_webhook_secret');
-  if (!whSecret) {
-    throw new Error('Stripe webhook secret not configured (STRIPE_WEBHOOK_SECRET or platform stripe_webhook_secret)');
-  }
-  if (!sig) {
-    throw new Error('Missing Stripe-Signature header');
-  }
-  const s = getStripe();
-  if (!s) throw new Error('Stripe not configured');
-  const event = s.webhooks.constructEvent(raw, sig, whSecret);
-  handleWebhookEvent(event);
-}
-
-module.exports = {
-  getStripe,
-  createCheckoutSession,
-  createPortalSession,
-  handleWebhookEvent,
-  handleWebhookRequest,
-  isStripeConfigured,
-  getStripePrices
-};
+/**
+ * Stripe Payment Integration Service
+ */
+
+const {
+  getPlatformSetting,
+  saveStripeCustomer,
+  getStripeCustomer,
+  saveStripeSubscription,
+  updateStripeSubscription,
+  getStripeSubscriptionBySubId,
+  savePayment,
+  updateSiteTier,
+  findSiteById
+} = require('../models/db');
+
+let stripe = null;
+
+function getStripe() {
+  if (stripe) return stripe;
+  const key = process.env.STRIPE_SECRET_KEY || getPlatformSetting('stripe_secret_key');
+  if (!key) return null;
+  stripe = require('stripe')(key);
+  return stripe;
+}
+
+function getStripePrices() {
+  return {
+    starter: process.env.STRIPE_PRICE_STARTER || getPlatformSetting('stripe_price_starter'),
+    pro: process.env.STRIPE_PRICE_PRO || getPlatformSetting('stripe_price_pro'),
+    enterprise: process.env.STRIPE_PRICE_ENTERPRISE || getPlatformSetting('stripe_price_enterprise')
+  };
+}
+
+async function createCheckoutSession({ userId, userEmail, siteId, tier }) {
+  const site = findSiteById.get(siteId);
+  if (!site || site.user_id !== userId) {
+    throw new Error('Site not found or access denied');
+  }
+
+  const s = getStripe();
+  if (!s) throw new Error('Stripe not configured');
+
+  const prices = getStripePrices();
+  const priceId = prices[tier];
+  if (!priceId) throw new Error(`No price configured for tier: ${tier}`);
+
+  // Get or create Stripe customer
+  let customer = getStripeCustomer(userId);
+  if (!customer) {
+    const stripeCustomer = await s.customers.create({ email: userEmail, metadata: { wab_user_id: userId } });
+    saveStripeCustomer(userId, stripeCustomer.id);
+    customer = { stripe_customer_id: stripeCustomer.id };
+  }
+
+  const baseUrl = process.env.BASE_URL || 'https://webagentbridge.com';
+
+  const session = await s.checkout.sessions.create({
+    customer: customer.stripe_customer_id,
+    mode: 'subscription',
+    payment_method_types: ['card'],
+    line_items: [{ price: priceId, quantity: 1 }],
+    metadata: { wab_user_id: userId, wab_site_id: siteId, tier },
+    success_url: `${baseUrl}/dashboard?payment=success&session_id={CHECKOUT_SESSION_ID}`,
+    cancel_url: `${baseUrl}/dashboard?payment=cancelled`
+  });
+
+  return { sessionId: session.id, url: session.url };
+}
+
+async function createPortalSession(userId) {
+  const s = getStripe();
+  if (!s) throw new Error('Stripe not configured');
+
+  const customer = getStripeCustomer(userId);
+  if (!customer) throw new Error('No Stripe customer found');
+
+  const baseUrl = process.env.BASE_URL || 'https://webagentbridge.com';
+
+  const session = await s.billingPortal.sessions.create({
+    customer: customer.stripe_customer_id,
+    return_url: `${baseUrl}/dashboard`
+  });
+
+  return { url: session.url };
+}
+
+function handleWebhookEvent(event) {
+  switch (event.type) {
+    case 'checkout.session.completed': {
+      const session = event.data.object;
+      const { wab_user_id, wab_site_id, tier } = session.metadata || {};
+      if (wab_user_id && wab_site_id && session.subscription) {
+        saveStripeSubscription({
+          userId: wab_user_id,
+          siteId: wab_site_id,
+          stripeSubId: session.subscription,
+          stripePriceId: null,
+          tier: tier || 'starter',
+          status: 'active',
+          periodStart: new Date().toISOString(),
+          periodEnd: null
+        });
+        updateSiteTier.run(tier || 'starter', wab_site_id, wab_user_id);
+      }
+      break;
+    }
+
+    case 'invoice.payment_succeeded': {
+      const invoice = event.data.object;
+      if (invoice.subscription) {
+        const sub = getStripeSubscriptionBySubId(invoice.subscription);
+        if (sub) {
+          savePayment({
+            userId: sub.user_id,
+            stripePaymentId: invoice.payment_intent,
+            amount: invoice.amount_paid,
+            currency: invoice.currency,
+            status: 'succeeded',
+            description: `Subscription payment - ${sub.tier}`
+          });
+          updateStripeSubscription(invoice.subscription, {
+            status: 'active',
+            periodStart: new Date(invoice.period_start * 1000).toISOString(),
+            periodEnd: new Date(invoice.period_end * 1000).toISOString()
+          });
+        }
+      }
+      break;
+    }
+
+    case 'customer.subscription.updated': {
+      const subscription = event.data.object;
+      updateStripeSubscription(subscription.id, {
+        status: subscription.status === 'active' ? 'active' : subscription.status === 'past_due' ? 'past_due' : subscription.status === 'trialing' ? 'trialing' : 'cancelled'
+      });
+      break;
+    }
+
+    case 'customer.subscription.deleted': {
+      const subscription = event.data.object;
+      const sub = getStripeSubscriptionBySubId(subscription.id);
+      if (sub) {
+        updateStripeSubscription(subscription.id, { status: 'cancelled' });
+        updateSiteTier.run('free', sub.site_id, sub.user_id);
+      }
+      break;
+    }
+
+    case 'invoice.payment_failed': {
+      const invoice = event.data.object;
+      if (invoice.subscription) {
+        updateStripeSubscription(invoice.subscription, { status: 'past_due' });
+      }
+      break;
+    }
+  }
+}
+
+function isStripeConfigured() {
+  const key = process.env.STRIPE_SECRET_KEY || getPlatformSetting('stripe_secret_key');
+  return !!key;
+}
+
+/**
+ * Express webhook handler: verifies Stripe signature, then dispatches business logic.
+ */
+function handleWebhookRequest(req) {
+  const sig = req.headers['stripe-signature'];
+  const raw = req.body;
+  const whSecret = process.env.STRIPE_WEBHOOK_SECRET || getPlatformSetting('stripe_webhook_secret');
+  if (!whSecret) {
+    throw new Error('Stripe webhook secret not configured (STRIPE_WEBHOOK_SECRET or platform stripe_webhook_secret)');
+  }
+  if (!sig) {
+    throw new Error('Missing Stripe-Signature header');
+  }
+  const s = getStripe();
+  if (!s) throw new Error('Stripe not configured');
+  const event = s.webhooks.constructEvent(raw, sig, whSecret);
+  handleWebhookEvent(event);
+}
+
+module.exports = {
+  getStripe,
+  createCheckoutSession,
+  createPortalSession,
+  handleWebhookEvent,
+  handleWebhookRequest,
+  isStripeConfigured,
+  getStripePrices
+};

package/server/utils/cache.js

@@ -1,125 +1,125 @@
-/**
- * WAB Caching Layer — In-memory cache with TTL for hot data
- * Reduces DB reads for license verification, config, and stats
- */
-class Cache {
-  constructor(defaultTTL = 60000) {
-    this.store = new Map();
-    this.defaultTTL = defaultTTL;
-    this._interval = setInterval(() => this._cleanup(), 120000);
-  }
-
-  get(key) {
-    const entry = this.store.get(key);
-    if (!entry) return undefined;
-    if (Date.now() > entry.expiresAt) {
-      this.store.delete(key);
-      return undefined;
-    }
-    entry.hits++;
-    return entry.value;
-  }
-
-  set(key, value, ttl) {
-    this.store.set(key, {
-      value,
-      expiresAt: Date.now() + (ttl || this.defaultTTL),
-      hits: 0
-    });
-  }
-
-  del(key) {
-    this.store.delete(key);
-  }
-
-  invalidatePattern(pattern) {
-    for (const key of this.store.keys()) {
-      if (key.includes(pattern)) this.store.delete(key);
-    }
-  }
-
-  stats() {
-    return {
-      size: this.store.size,
-      keys: Array.from(this.store.keys())
-    };
-  }
-
-  _cleanup() {
-    const now = Date.now();
-    for (const [key, entry] of this.store) {
-      if (now > entry.expiresAt) this.store.delete(key);
-    }
-  }
-
-  destroy() {
-    clearInterval(this._interval);
-    this.store.clear();
-  }
-}
-
-/**
- * Analytics Queue — Batches analytics inserts for better write performance
- * Flushes every N seconds or when buffer reaches max size.
- * maxBufferTotal caps memory if DB writes fail repeatedly (DoS mitigation).
- */
-class AnalyticsQueue {
-  constructor(db, options = {}) {
-    this.db = db;
-    this.buffer = [];
-    this.maxSize = options.maxSize || 50;
-    this.maxBufferTotal = options.maxBufferTotal || 5000;
-    this.flushInterval = options.flushInterval || 5000;
-    this._timer = setInterval(() => this.flush(), this.flushInterval);
-  }
-
-  push(analytic) {
-    while (this.buffer.length >= this.maxBufferTotal) {
-      this.buffer.shift();
-      console.warn('[WAB] Analytics buffer at cap; dropped oldest event');
-    }
-    this.buffer.push(analytic);
-    if (this.buffer.length >= this.maxSize) {
-      this.flush();
-    }
-  }
-
-  flush() {
-    if (this.buffer.length === 0) return;
-    const batch = this.buffer.splice(0);
-
-    try {
-      const insert = this.db.prepare(
-        `INSERT INTO analytics (site_id, action_name, agent_id, trigger_type, success, metadata) VALUES (?, ?, ?, ?, ?, ?)`
-      );
-      const insertMany = this.db.transaction((items) => {
-        for (const item of items) {
-          insert.run(
-            item.siteId,
-            item.actionName,
-            item.agentId || null,
-            item.triggerType || null,
-            item.success ? 1 : 0,
-            JSON.stringify(item.metadata || {})
-          );
-        }
-      });
-      insertMany(batch);
-    } catch (err) {
-      console.error('[WAB Cache] Analytics batch insert failed:', err.message);
-      while (this.buffer.length + batch.length > this.maxBufferTotal) {
-        batch.shift();
-      }
-      this.buffer.unshift(...batch);
-    }
-  }
-
-  destroy() {
-    clearInterval(this._timer);
-    this.flush();
-  }
-}
-
-const cache = new Cache(60000);
-
-module.exports = { Cache, AnalyticsQueue, cache };
+/**
+ * WAB Caching Layer — In-memory cache with TTL for hot data
+ * Reduces DB reads for license verification, config, and stats
+ */
+class Cache {
+  constructor(defaultTTL = 60000) {
+    this.store = new Map();
+    this.defaultTTL = defaultTTL;
+    this._interval = setInterval(() => this._cleanup(), 120000);
+  }
+
+  get(key) {
+    const entry = this.store.get(key);
+    if (!entry) return undefined;
+    if (Date.now() > entry.expiresAt) {
+      this.store.delete(key);
+      return undefined;
+    }
+    entry.hits++;
+    return entry.value;
+  }
+
+  set(key, value, ttl) {
+    this.store.set(key, {
+      value,
+      expiresAt: Date.now() + (ttl || this.defaultTTL),
+      hits: 0
+    });
+  }
+
+  del(key) {
+    this.store.delete(key);
+  }
+
+  invalidatePattern(pattern) {
+    for (const key of this.store.keys()) {
+      if (key.includes(pattern)) this.store.delete(key);
+    }
+  }
+
+  stats() {
+    return {
+      size: this.store.size,
+      keys: Array.from(this.store.keys())
+    };
+  }
+
+  _cleanup() {
+    const now = Date.now();
+    for (const [key, entry] of this.store) {
+      if (now > entry.expiresAt) this.store.delete(key);
+    }
+  }
+
+  destroy() {
+    clearInterval(this._interval);
+    this.store.clear();
+  }
+}
+
+/**
+ * Analytics Queue — Batches analytics inserts for better write performance
+ * Flushes every N seconds or when buffer reaches max size.
+ * maxBufferTotal caps memory if DB writes fail repeatedly (DoS mitigation).
+ */
+class AnalyticsQueue {
+  constructor(db, options = {}) {
+    this.db = db;
+    this.buffer = [];
+    this.maxSize = options.maxSize || 50;
+    this.maxBufferTotal = options.maxBufferTotal || 5000;
+    this.flushInterval = options.flushInterval || 5000;
+    this._timer = setInterval(() => this.flush(), this.flushInterval);
+  }
+
+  push(analytic) {
+    while (this.buffer.length >= this.maxBufferTotal) {
+      this.buffer.shift();
+      console.warn('[WAB] Analytics buffer at cap; dropped oldest event');
+    }
+    this.buffer.push(analytic);
+    if (this.buffer.length >= this.maxSize) {
+      this.flush();
+    }
+  }
+
+  flush() {
+    if (this.buffer.length === 0) return;
+    const batch = this.buffer.splice(0);
+
+    try {
+      const insert = this.db.prepare(
+        `INSERT INTO analytics (site_id, action_name, agent_id, trigger_type, success, metadata) VALUES (?, ?, ?, ?, ?, ?)`
+      );
+      const insertMany = this.db.transaction((items) => {
+        for (const item of items) {
+          insert.run(
+            item.siteId,
+            item.actionName,
+            item.agentId || null,
+            item.triggerType || null,
+            item.success ? 1 : 0,
+            JSON.stringify(item.metadata || {})
+          );
+        }
+      });
+      insertMany(batch);
+    } catch (err) {
+      console.error('[WAB Cache] Analytics batch insert failed:', err.message);
+      while (this.buffer.length + batch.length > this.maxBufferTotal) {
+        batch.shift();
+      }
+      this.buffer.unshift(...batch);
+    }
+  }
+
+  destroy() {
+    clearInterval(this._timer);
+    this.flush();
+  }
+}
+
+const cache = new Cache(60000);
+
+module.exports = { Cache, AnalyticsQueue, cache };