Merge pull request #1188 from jboolean/subs

Sustaining support (subs) and thank-you gifts

Author: jboolean

backend/src/api/AuthenticationController.ts

@@ -13,7 +13,7 @@ import {
 import * as UserService from '../business/users/UserService';
 import required from '../business/utils/required';
 import LoginOutcome from '../enum/LoginOutcome';
-import { setAuthCookie } from './auth/authCookieUtils';
+import { clearAuthCookie, setAuthCookie } from './auth/authCookieUtils';
 import { getUserFromRequestOrCreateAndSetCookie } from './auth/userAuthUtils';
 import { Email } from './CommonApiTypes';
 
@@ -28,6 +28,9 @@ type LoginRequest = {
   // Use before sensitive actions
   // Remember to check isEmailVerified before performing sensitive actions
   requireVerifiedEmail?: boolean;
+
+  // If the user is already logged in, and the email is different, should we update the email on a named account?
+  newEmailBehavior?: 'update' | 'reject';
 };
 
 type LoginResponse = {
@@ -58,14 +61,20 @@ export class AuthenticationController extends Controller {
     @Request() req: express.Request
   ): Promise<LoginResponse> {
     const userId = await getUserFromRequestOrCreateAndSetCookie(req);
-    const { requestedEmail, returnToPath, requireVerifiedEmail } = loginRequest;
+    const {
+      requestedEmail,
+      returnToPath,
+      requireVerifiedEmail,
+      newEmailBehavior,
+    } = loginRequest;
     const apiBase = getApiBase(req);
     const result = await UserService.processLoginRequest(
       requestedEmail,
       userId,
       apiBase,
       returnToPath,
-      requireVerifiedEmail
+      requireVerifiedEmail,
+      newEmailBehavior
     );
 
     console.log('Login requested', {
@@ -136,4 +145,9 @@ export class AuthenticationController extends Controller {
 
     res.redirect(redirectUrl.toString());
   }
+
+  @Post('/logout')
+  public logout(@Request() req: express.Request): void {
+    clearAuthCookie(required(req.res, 'res'));
+  }
 }

backend/src/api/ColorizationController.ts

@@ -1,4 +1,6 @@
 import * as express from 'express';
+import { BadRequest } from 'http-errors';
+import Stripe from 'stripe';
 import {
   Body,
   Controller,
@@ -12,11 +14,9 @@ import {
 import * as ColorService from '../business/color/ColorService';
 import * as UserService from '../business/users/UserService';
 import isProduction from '../business/utils/isProduction';
-import { getUserFromRequestOrCreateAndSetCookie } from './auth/userAuthUtils';
-import stripe from './stripe';
-import Stripe from 'stripe';
-import { BadRequest } from 'http-errors';
 import required from '../business/utils/required';
+import stripe from '../third-party/stripe';
+import { getUserFromRequestOrCreateAndSetCookie } from './auth/userAuthUtils';
 
 type BuyCreditsSessionRequest = {
   quantity: number;

backend/src/api/StripeWebhooksResource.ts

@@ -1,6 +1,6 @@
 import express from 'express';
 import ipfilter from 'express-ipfilter';
-import stripe from './stripe';
+import stripe from '../third-party/stripe';
 
 import compact from 'lodash/compact';
 import groupBy from 'lodash/groupBy';
@@ -14,7 +14,7 @@ import MerchInternalVariant from '../enum/MerchInternalVariant';
 const router = express.Router();
 
 type ProductMetadata = {
-  'product-type'?: 'color-credit' | 'merch';
+  'product-type'?: 'color-credit' | 'merch' | 'tip';
   'merch-internal-variant'?: MerchInternalVariant;
 };
 
@@ -175,6 +175,29 @@ router.post<'/', unknown, unknown, Stripe.Event, unknown>(
         }
         break;
       }
+      // Used to track active subscriptions
+      case 'customer.subscription.deleted':
+      case 'customer.subscription.updated': {
+        const subscription = event.data.object;
+        const user = await UserService.getUserByStripeCustomerId(
+          subscription.customer as string
+        );
+        if (!user) {
+          console.warn('No user found for stripe customer id', subscription);
+          return;
+        }
+        if (event.type === 'customer.subscription.deleted') {
+          console.log('Subscription deleted', subscription);
+          await UserService.updateSupportSubscription(user.id, null);
+        } else if (
+          subscription.status === 'active' &&
+          user.stripeSupportSubscriptionId !== subscription.id
+        ) {
+          console.log('New subscription is active', subscription);
+          await UserService.updateSupportSubscription(user.id, subscription.id);
+        }
+        break;
+      }
     }
     res.status(200).send();
   }

backend/src/api/TipsController.ts

@@ -1,18 +1,32 @@
 /* eslint-disable camelcase */
 import * as express from 'express';
-import { InternalServerError } from 'http-errors';
-import { Body, Post, Request, Route, Security } from 'tsoa';
+import { HttpError, InternalServerError } from 'http-errors';
+import { Body, Get, Post, Request, Route, Security } from 'tsoa';
+import * as TipsService from '../business/tips/TipsService';
 import { getUserFromRequestOrCreateAndSetCookie } from './auth/userAuthUtils';
-import stripe from './stripe';
 
+import * as GiftRegistry from '../business/tips/GiftRegistry';
+import { Gift } from '../business/tips/GiftRegistry';
 import * as UserService from '../business/users/UserService';
+import TipFrequency from '../enum/TipFrequency';
 
 type TipSessionRequest = {
   amount: number;
   successUrl: string;
   cancelUrl: string;
+  frequency?: TipFrequency;
+  gift?: Gift;
 };
 
+type CustomerPortalRequest = {
+  returnUrl: string;
+};
+
+interface GiftApiResponse {
+  gift: GiftRegistry.Gift;
+  minimumAmount: number;
+  frequency: TipFrequency;
+}
 @Route('tips')
 export class TipsController {
   @Security('user-token')
@@ -21,48 +35,59 @@ export class TipsController {
     @Body() body: TipSessionRequest,
     @Request() req: express.Request
   ): Promise<{ sessionId: string }> {
-    const { amount, successUrl, cancelUrl } = body;
+    const {
+      amount,
+      successUrl,
+      cancelUrl,
+      gift,
+      frequency = TipFrequency.ONCE,
+    } = body;
     const userId = await getUserFromRequestOrCreateAndSetCookie(req);
 
     const user = await UserService.getUser(userId);
 
-    const stripeCustomerId: string | undefined =
-      user?.stripeCustomerId ?? undefined;
-    const hasExistingCustomer = !!stripeCustomerId;
-
     try {
-      const session = await stripe.checkout.sessions.create({
-        cancel_url: cancelUrl,
-        mode: 'payment',
-        success_url: successUrl,
-        line_items: [
-          {
-            price_data: {
-              currency: 'USD',
-              product_data: {
-                name: 'Tip for 1940s.nyc',
-              },
-              unit_amount: amount,
-            },
-            quantity: 1,
-          },
-        ],
-        metadata: {
-          userId,
-        },
-        customer: stripeCustomerId,
-        // History: Stripe used to always create a customer, then it started creating "guest customers" instead (annoying!). This is to force it to always create a customer which we can attach to the user in the webhook.
-        customer_creation: hasExistingCustomer ? undefined : 'always',
-        customer_email: hasExistingCustomer
-          ? undefined
-          : user?.email ?? undefined,
-        payment_intent_data: {},
+      const sessionId = await TipsService.createTipCheckoutSession({
+        amountMinorUnits: amount,
+        successUrl,
+        cancelUrl,
+        user,
+        frequency,
+        gift,
       });
 
-      return { sessionId: session.id };
+      return { sessionId: sessionId };
     } catch (err) {
+      if (err instanceof HttpError) {
+        throw err;
+      }
       console.error('Failed to create session', err);
       throw new InternalServerError('Failed to create session');
     }
   }
+
+  @Get('/gifts')
+  public getGifts(): GiftApiResponse[] {
+    return GiftRegistry.getAllAvailableGifts().map((gift) => {
+      return {
+        gift: gift.gift,
+        minimumAmount: gift.minimumAmount,
+        frequency: gift.frequency,
+      };
+    });
+  }
+
+  @Security('user-token')
+  @Post('/customer-portal-session')
+  public async createCustomerPortalSession(
+    @Body() { returnUrl }: CustomerPortalRequest,
+    @Request() req: express.Request
+  ): Promise<{ url: string }> {
+    const userId = await getUserFromRequestOrCreateAndSetCookie(req);
+
+    const user = await UserService.getUser(userId);
+    const url = await TipsService.createCustomerPortalSession(user, returnUrl);
+
+    return { url: url };
+  }
 }

backend/src/api/auth/authCookieUtils.ts

@@ -17,3 +17,7 @@ export function setAuthCookie(token: string, res: Express.Response): void {
 export function getAuthCookie(req: Express.Request): string | undefined {
   return (req.cookies as Cookies)[USER_TOKEN_COOKIE];
 }
+
+export function clearAuthCookie(res: Express.Response): void {
+  res.clearCookie(USER_TOKEN_COOKIE);
+}

backend/src/business/tips/GiftRegistry.ts

@@ -0,0 +1,80 @@
+import TipFrequency from '../../enum/TipFrequency';
+import isProduction from '../utils/isProduction';
+
+interface GiftRegistryItem {
+  gift: Gift;
+  minimumAmount: number;
+  frequency: TipFrequency;
+  stripePrice: string;
+  stripeShippingRate: string;
+  stripeShippingPrice: string;
+  shippingCountries: string[];
+}
+
+// This id should be unique per frequency
+export enum Gift {
+  TOTE_BAG = 'tote-bag',
+}
+
+// This should be the $0 price for the product
+const TOTE_BAG_PRICE = isProduction()
+  ? 'price_1QtGCuFCLBtNZLVl8SfHC9c5'
+  : 'price_1QqH41FCLBtNZLVldOb9KMa3';
+
+const TOTE_BAG_SHIPPING_RATE = isProduction()
+  ? 'shr_1QtGHBFCLBtNZLVl84P2gynP'
+  : 'shr_1QssVnFCLBtNZLVlK1TZpXet';
+
+const TOTE_BAG_SHIPPING_PRICE = isProduction()
+  ? 'price_1R69yOFCLBtNZLVlD6wzaeug'
+  : 'price_1QwrXUFCLBtNZLVlsXEdxRYh';
+
+const TOTE_BAG_SHIPPING_COUNTRIES = ['US'];
+
+const TOTE_BAG_DEFAULTS = {
+  gift: Gift.TOTE_BAG,
+  stripePrice: TOTE_BAG_PRICE,
+  stripeShippingRate: TOTE_BAG_SHIPPING_RATE,
+  stripeShippingPrice: TOTE_BAG_SHIPPING_PRICE,
+  shippingCountries: TOTE_BAG_SHIPPING_COUNTRIES,
+} as const;
+
+const GIFT_REGISTRY: GiftRegistryItem[] = [
+  {
+    minimumAmount: 700,
+    frequency: TipFrequency.MONTHLY,
+    ...TOTE_BAG_DEFAULTS,
+  },
+  {
+    minimumAmount: 700 * 9,
+    frequency: TipFrequency.ONCE,
+    ...TOTE_BAG_DEFAULTS,
+  },
+];
+
+// Validate registry has has unique gift and frequency
+const giftFrequencySet = new Set();
+GIFT_REGISTRY.forEach((item) => {
+  const key = `${item.gift}-${item.frequency}`;
+  if (giftFrequencySet.has(key)) {
+    throw new Error(`Duplicate gift and frequency in registry: ${key}`);
+  }
+  giftFrequencySet.add(key);
+});
+
+export function getGift(
+  gift: Gift,
+  frequency: TipFrequency,
+  amount: number
+): GiftRegistryItem | undefined {
+  return GIFT_REGISTRY.find(
+    (item) =>
+      item.gift === gift &&
+      item.frequency === frequency &&
+      amount >= item.minimumAmount
+  );
+}
+
+export function getAllAvailableGifts(): GiftRegistryItem[] {
+  return GIFT_REGISTRY;
+}