Initial commit

app/api/stripe/checkout/route.ts

@@ -0,0 +1,64 @@
+import { NextResponse } from 'next/server';
+import Stripe from 'stripe';
+
+const stripeSecretKey = process.env.STRIPE_SECRET_KEY;
+
+const stripe = stripeSecretKey
+  ? new Stripe(stripeSecretKey, { apiVersion: '2024-06-20' })
+  : null;
+
+export async function POST(request: Request) {
+  try {
+    if (!stripe) {
+      return NextResponse.json({ error: 'Stripe is not configured.' }, { status: 500 });
+    }
+
+    const body = await request.json();
+    const credits = Number(body?.credits);
+    const amount = Number(body?.amount);
+    const userId = body?.userId as string | undefined;
+
+    // TODO: Get userId from auth token
+    const resolvedUserId = userId ?? 'test-user-id';
+
+    if (!resolvedUserId || !Number.isFinite(credits) || credits <= 0) {
+      return NextResponse.json({ error: 'Invalid checkout payload.' }, { status: 400 });
+    }
+
+    if (!Number.isFinite(amount) || amount <= 0) {
+      return NextResponse.json({ error: 'Invalid amount.' }, { status: 400 });
+    }
+
+    const origin = request.headers.get('origin') ?? 'http://localhost:3000';
+
+    const session = await stripe.checkout.sessions.create({
+      mode: 'payment',
+      payment_method_types: ['card'],
+      line_items: [
+        {
+          quantity: 1,
+          price_data: {
+            currency: 'eur',
+            unit_amount: amount * 100,
+            product_data: {
+              name: `${credits} HolaCompi Credits`,
+              description: 'Pay-as-you-go voice call credits',
+            },
+          },
+        },
+      ],
+      success_url: `${origin}/dashboard/credits?success=true`,
+      cancel_url: `${origin}/dashboard/credits?canceled=true`,
+      metadata: {
+        userId: resolvedUserId,
+        credits: credits.toString(),
+        amount: amount.toString(),
+      },
+    });
+
+    return NextResponse.json({ sessionId: session.id, url: session.url });
+  } catch (error) {
+    console.error('Stripe checkout error:', error);
+    return NextResponse.json({ error: 'Failed to create checkout session.' }, { status: 500 });
+  }
+}

app/api/stripe/webhook/route.ts

@@ -0,0 +1,76 @@
+import Stripe from 'stripe';
+import { NextResponse } from 'next/server';
+import { Timestamp } from 'firebase/firestore';
+import {
+  createCreditTransaction,
+  createPurchase,
+  getUser,
+  updateUserCredits,
+} from '@/lib/firestore';
+
+const stripeSecretKey = process.env.STRIPE_SECRET_KEY;
+const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;
+
+const stripe = stripeSecretKey
+  ? new Stripe(stripeSecretKey, { apiVersion: '2024-06-20' })
+  : null;
+
+export async function POST(request: Request) {
+  if (!stripe || !webhookSecret) {
+    return NextResponse.json({ error: 'Stripe webhook not configured.' }, { status: 500 });
+  }
+
+  const signature = request.headers.get('stripe-signature');
+  if (!signature) {
+    return NextResponse.json({ error: 'Missing Stripe signature.' }, { status: 400 });
+  }
+
+  const payload = await request.text();
+
+  let event: Stripe.Event;
+  try {
+    event = stripe.webhooks.constructEvent(payload, signature, webhookSecret);
+  } catch (error) {
+    console.error('Stripe webhook signature error:', error);
+    return NextResponse.json({ error: 'Invalid signature.' }, { status: 400 });
+  }
+
+  if (event.type === 'checkout.session.completed') {
+    const session = event.data.object as Stripe.Checkout.Session;
+    const metadata = session.metadata ?? {};
+    const userId = metadata.userId;
+    const credits = Number(metadata.credits);
+    const amount = Number(metadata.amount);
+
+    if (!userId || !Number.isFinite(credits) || credits <= 0) {
+      return NextResponse.json({ error: 'Invalid checkout metadata.' }, { status: 400 });
+    }
+
+    const user = await getUser(userId);
+    if (!user) {
+      return NextResponse.json({ error: 'User not found.' }, { status: 404 });
+    }
+
+    const newBalance = user.creditBalance + credits;
+    await updateUserCredits(userId, newBalance);
+
+    await createCreditTransaction({
+      userId,
+      amount: credits,
+      type: 'purchase',
+      balanceAfter: newBalance,
+      createdAt: Timestamp.now(),
+    });
+
+    await createPurchase({
+      userId,
+      credits,
+      amount: Number.isFinite(amount) ? amount : credits,
+      currency: session.currency ?? 'eur',
+      stripeSessionId: session.id,
+      createdAt: Timestamp.now(),
+    });
+  }
+
+  return NextResponse.json({ received: true });
+}