♻️ (builder) Change to features-centric folder structure

apps/builder/src/pages/api/stripe/billing-portal.ts

@@ -0,0 +1,42 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import {
+  badRequest,
+  forbidden,
+  methodNotAllowed,
+  notAuthenticated,
+} from 'utils/api'
+import Stripe from 'stripe'
+import { withSentry } from '@sentry/nextjs'
+import { getAuthenticatedUser } from '@/features/auth'
+import prisma from '@/lib/prisma'
+import { WorkspaceRole } from 'db'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  if (req.method === 'GET') {
+    const stripeId = req.query.stripeId as string | undefined
+    if (!stripeId) return badRequest(res)
+    if (!process.env.STRIPE_SECRET_KEY)
+      throw Error('STRIPE_SECRET_KEY var is missing')
+    const workspace = await prisma.workspace.findFirst({
+      where: {
+        stripeId,
+        members: { some: { userId: user.id, role: WorkspaceRole.ADMIN } },
+      },
+    })
+    if (!workspace?.stripeId) return forbidden(res)
+    const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+      apiVersion: '2022-08-01',
+    })
+    const session = await stripe.billingPortal.sessions.create({
+      customer: workspace.stripeId,
+      return_url: req.headers.referer,
+    })
+    res.redirect(session.url)
+    return
+  }
+  return methodNotAllowed(res)
+}
+
+export default withSentry(handler)

apps/builder/src/pages/api/stripe/custom-plan-checkout.ts

@@ -0,0 +1,61 @@
+import { withSentry } from '@sentry/nextjs'
+import { Plan } from 'db'
+import prisma from '@/lib/prisma'
+import { NextApiRequest, NextApiResponse } from 'next'
+import { getAuthenticatedUser } from '@/features/auth'
+import Stripe from 'stripe'
+import { methodNotAllowed, notAuthenticated } from 'utils/api'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  if (req.method === 'GET') {
+    const session = await createCheckoutSession(user.id)
+    if (!session?.url) return res.redirect('/typebots')
+    return res.redirect(session.url)
+  }
+
+  return methodNotAllowed(res)
+}
+
+const createCheckoutSession = async (userId: string) => {
+  if (!process.env.STRIPE_SECRET_KEY)
+    throw Error('STRIPE_SECRET_KEY var is missing')
+  const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+    apiVersion: '2022-08-01',
+  })
+
+  const claimableCustomPlan = await prisma.claimableCustomPlan.findFirst({
+    where: { workspace: { members: { some: { userId } } } },
+  })
+
+  if (!claimableCustomPlan) return null
+
+  return stripe.checkout.sessions.create({
+    success_url: `${process.env.NEXTAUTH_URL}/typebots?stripe=${Plan.CUSTOM}&success=true`,
+    cancel_url: `${process.env.NEXTAUTH_URL}/typebots?stripe=cancel`,
+    mode: 'subscription',
+    metadata: {
+      claimableCustomPlanId: claimableCustomPlan.id,
+    },
+    currency: claimableCustomPlan.currency,
+    automatic_tax: { enabled: true },
+    line_items: [
+      {
+        price_data: {
+          currency: claimableCustomPlan.currency,
+          tax_behavior: 'exclusive',
+          recurring: { interval: 'month' },
+          product_data: {
+            name: claimableCustomPlan.name,
+            description: claimableCustomPlan.description ?? undefined,
+          },
+          unit_amount: claimableCustomPlan.price * 100,
+        },
+        quantity: 1,
+      },
+    ],
+  })
+}
+
+export default withSentry(handler)

apps/builder/src/pages/api/stripe/invoices.ts

@@ -0,0 +1,49 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import {
+  badRequest,
+  forbidden,
+  methodNotAllowed,
+  notAuthenticated,
+} from 'utils/api'
+import Stripe from 'stripe'
+import { withSentry } from '@sentry/nextjs'
+import { getAuthenticatedUser } from '@/features/auth'
+import prisma from '@/lib/prisma'
+import { WorkspaceRole } from 'db'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  if (req.method === 'GET') {
+    const stripeId = req.query.stripeId as string | undefined
+    if (!stripeId) return badRequest(res)
+    if (!process.env.STRIPE_SECRET_KEY)
+      throw Error('STRIPE_SECRET_KEY var is missing')
+    const workspace = await prisma.workspace.findFirst({
+      where: {
+        stripeId,
+        members: { some: { userId: user.id, role: WorkspaceRole.ADMIN } },
+      },
+    })
+    if (!workspace?.stripeId) return forbidden(res)
+    const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+      apiVersion: '2022-08-01',
+    })
+    const invoices = await stripe.invoices.list({
+      customer: workspace.stripeId,
+    })
+    res.send({
+      invoices: invoices.data.map((i) => ({
+        id: i.number,
+        url: i.invoice_pdf,
+        amount: i.subtotal,
+        currency: i.currency,
+        date: i.status_transitions.paid_at,
+      })),
+    })
+    return
+  }
+  return methodNotAllowed(res)
+}
+
+export default withSentry(handler)

apps/builder/src/pages/api/stripe/subscription.ts

@@ -0,0 +1,260 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import { isDefined } from 'utils'
+import {
+  badRequest,
+  forbidden,
+  methodNotAllowed,
+  notAuthenticated,
+} from 'utils/api'
+import Stripe from 'stripe'
+import { withSentry } from '@sentry/nextjs'
+import { getAuthenticatedUser } from '@/features/auth'
+import prisma from '@/lib/prisma'
+import { Plan, WorkspaceRole } from 'db'
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
+  if (req.method === 'GET')
+    return res.send(await getSubscriptionDetails(req, res)(user.id))
+  if (req.method === 'POST') {
+    const session = await createCheckoutSession(req)
+    return res.send({ sessionId: session.id })
+  }
+  if (req.method === 'PUT') {
+    await updateSubscription(req)
+    return res.send({ message: 'success' })
+  }
+  if (req.method === 'DELETE') {
+    await cancelSubscription(req, res)(user.id)
+    return res.send({ message: 'success' })
+  }
+  return methodNotAllowed(res)
+}
+
+const getSubscriptionDetails =
+  (req: NextApiRequest, res: NextApiResponse) => async (userId: string) => {
+    const stripeId = req.query.stripeId as string | undefined
+    if (!stripeId) return badRequest(res)
+    if (!process.env.STRIPE_SECRET_KEY)
+      throw Error('STRIPE_SECRET_KEY var is missing')
+    const workspace = await prisma.workspace.findFirst({
+      where: {
+        stripeId,
+        members: { some: { userId, role: WorkspaceRole.ADMIN } },
+      },
+    })
+    if (!workspace?.stripeId) return forbidden(res)
+    const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+      apiVersion: '2022-08-01',
+    })
+    const subscriptions = await stripe.subscriptions.list({
+      customer: workspace.stripeId,
+      limit: 1,
+    })
+    return {
+      additionalChatsIndex:
+        subscriptions.data[0]?.items.data.find(
+          (item) =>
+            item.price.id === process.env.STRIPE_ADDITIONAL_CHATS_PRICE_ID
+        )?.quantity ?? 0,
+      additionalStorageIndex:
+        subscriptions.data[0]?.items.data.find(
+          (item) =>
+            item.price.id === process.env.STRIPE_ADDITIONAL_STORAGE_PRICE_ID
+        )?.quantity ?? 0,
+    }
+  }
+
+const createCheckoutSession = (req: NextApiRequest) => {
+  if (!process.env.STRIPE_SECRET_KEY)
+    throw Error('STRIPE_SECRET_KEY var is missing')
+  const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+    apiVersion: '2022-08-01',
+  })
+  const {
+    email,
+    currency,
+    plan,
+    workspaceId,
+    href,
+    additionalChats,
+    additionalStorage,
+  } = typeof req.body === 'string' ? JSON.parse(req.body) : req.body
+
+  return stripe.checkout.sessions.create({
+    success_url: `${href}?stripe=${plan}&success=true`,
+    cancel_url: `${href}?stripe=cancel`,
+    allow_promotion_codes: true,
+    customer_email: email,
+    mode: 'subscription',
+    metadata: { workspaceId, plan, additionalChats, additionalStorage },
+    currency,
+    automatic_tax: { enabled: true },
+    line_items: parseSubscriptionItems(
+      plan,
+      additionalChats,
+      additionalStorage
+    ),
+  })
+}
+
+const updateSubscription = async (req: NextApiRequest) => {
+  const {
+    stripeId,
+    plan,
+    workspaceId,
+    additionalChats,
+    additionalStorage,
+    currency,
+  } = (typeof req.body === 'string' ? JSON.parse(req.body) : req.body) as {
+    stripeId: string
+    workspaceId: string
+    additionalChats: number
+    additionalStorage: number
+    plan: 'STARTER' | 'PRO'
+    currency: 'eur' | 'usd'
+  }
+  if (!process.env.STRIPE_SECRET_KEY)
+    throw Error('STRIPE_SECRET_KEY var is missing')
+  const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+    apiVersion: '2022-08-01',
+  })
+  const { data } = await stripe.subscriptions.list({
+    customer: stripeId,
+  })
+  const subscription = data[0] as Stripe.Subscription | undefined
+  const currentStarterPlanItemId = subscription?.items.data.find(
+    (item) => item.price.id === process.env.STRIPE_STARTER_PRICE_ID
+  )?.id
+  const currentProPlanItemId = subscription?.items.data.find(
+    (item) => item.price.id === process.env.STRIPE_PRO_PRICE_ID
+  )?.id
+  const currentAdditionalChatsItemId = subscription?.items.data.find(
+    (item) => item.price.id === process.env.STRIPE_ADDITIONAL_CHATS_PRICE_ID
+  )?.id
+  const currentAdditionalStorageItemId = subscription?.items.data.find(
+    (item) => item.price.id === process.env.STRIPE_ADDITIONAL_STORAGE_PRICE_ID
+  )?.id
+  const items = [
+    {
+      id: currentStarterPlanItemId ?? currentProPlanItemId,
+      price:
+        plan === Plan.STARTER
+          ? process.env.STRIPE_STARTER_PRICE_ID
+          : process.env.STRIPE_PRO_PRICE_ID,
+      quantity: 1,
+    },
+    additionalChats === 0 && !currentAdditionalChatsItemId
+      ? undefined
+      : {
+          id: currentAdditionalChatsItemId,
+          price: process.env.STRIPE_ADDITIONAL_CHATS_PRICE_ID,
+          quantity: additionalChats,
+          deleted: subscription ? additionalChats === 0 : undefined,
+        },
+    additionalStorage === 0 && !currentAdditionalStorageItemId
+      ? undefined
+      : {
+          id: currentAdditionalStorageItemId,
+          price: process.env.STRIPE_ADDITIONAL_STORAGE_PRICE_ID,
+          quantity: additionalStorage,
+          deleted: subscription ? additionalStorage === 0 : undefined,
+        },
+  ].filter(isDefined)
+
+  if (subscription) {
+    await stripe.subscriptions.update(subscription.id, {
+      items,
+    })
+  } else {
+    await stripe.subscriptions.create({
+      customer: stripeId,
+      items,
+      currency,
+    })
+  }
+
+  await prisma.workspace.update({
+    where: { id: workspaceId },
+    data: {
+      plan,
+      additionalChatsIndex: additionalChats,
+      additionalStorageIndex: additionalStorage,
+      chatsLimitFirstEmailSentAt: null,
+      chatsLimitSecondEmailSentAt: null,
+      storageLimitFirstEmailSentAt: null,
+      storageLimitSecondEmailSentAt: null,
+    },
+  })
+}
+
+const cancelSubscription =
+  (req: NextApiRequest, res: NextApiResponse) => async (userId: string) => {
+    const stripeId = req.query.stripeId as string | undefined
+    if (!stripeId) return badRequest(res)
+    if (!process.env.STRIPE_SECRET_KEY)
+      throw Error('STRIPE_SECRET_KEY var is missing')
+    const workspace = await prisma.workspace.findFirst({
+      where: {
+        stripeId,
+        members: { some: { userId, role: WorkspaceRole.ADMIN } },
+      },
+    })
+    if (!workspace?.stripeId) return forbidden(res)
+    const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+      apiVersion: '2022-08-01',
+    })
+    const existingSubscription = await stripe.subscriptions.list({
+      customer: workspace.stripeId,
+    })
+    const currentSubscriptionId = existingSubscription.data[0]?.id
+    if (currentSubscriptionId)
+      await stripe.subscriptions.del(currentSubscriptionId)
+
+    await prisma.workspace.update({
+      where: { id: workspace.id },
+      data: {
+        plan: Plan.FREE,
+        additionalChatsIndex: 0,
+        additionalStorageIndex: 0,
+      },
+    })
+  }
+
+const parseSubscriptionItems = (
+  plan: Plan,
+  additionalChats: number,
+  additionalStorage: number
+) =>
+  [
+    {
+      price:
+        plan === Plan.STARTER
+          ? process.env.STRIPE_STARTER_PRICE_ID
+          : process.env.STRIPE_PRO_PRICE_ID,
+      quantity: 1,
+    },
+  ]
+    .concat(
+      additionalChats > 0
+        ? [
+            {
+              price: process.env.STRIPE_ADDITIONAL_CHATS_PRICE_ID,
+              quantity: additionalChats,
+            },
+          ]
+        : []
+    )
+    .concat(
+      additionalStorage > 0
+        ? [
+            {
+              price: process.env.STRIPE_ADDITIONAL_STORAGE_PRICE_ID,
+              quantity: additionalStorage,
+            },
+          ]
+        : []
+    )
+
+export default withSentry(handler)

apps/builder/src/pages/api/stripe/webhook.ts

@@ -0,0 +1,132 @@
+import { NextApiRequest, NextApiResponse } from 'next'
+import { methodNotAllowed } from 'utils/api'
+import Stripe from 'stripe'
+import Cors from 'micro-cors'
+import { buffer } from 'micro'
+import prisma from '@/lib/prisma'
+import { withSentry } from '@sentry/nextjs'
+import { Plan } from 'db'
+
+if (!process.env.STRIPE_SECRET_KEY || !process.env.STRIPE_WEBHOOK_SECRET)
+  throw new Error('STRIPE_SECRET_KEY or STRIPE_WEBHOOK_SECRET missing')
+const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
+  apiVersion: '2022-08-01',
+})
+
+const cors = Cors({
+  allowMethods: ['POST', 'HEAD'],
+})
+
+const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET as string
+
+export const config = {
+  api: {
+    bodyParser: false,
+  },
+}
+
+const webhookHandler = async (req: NextApiRequest, res: NextApiResponse) => {
+  if (req.method === 'POST') {
+    const buf = await buffer(req)
+    const sig = req.headers['stripe-signature']
+
+    if (!sig) return res.status(400).send(`stripe-signature is missing`)
+    try {
+      const event = stripe.webhooks.constructEvent(
+        buf.toString(),
+        sig.toString(),
+        webhookSecret
+      )
+      switch (event.type) {
+        case 'checkout.session.completed': {
+          const session = event.data.object as Stripe.Checkout.Session
+          const metadata = session.metadata as unknown as
+            | {
+                plan: 'STARTER' | 'PRO'
+                additionalChats: string
+                additionalStorage: string
+                workspaceId: string
+              }
+            | { claimableCustomPlanId: string }
+          if ('plan' in metadata) {
+            const { workspaceId, plan, additionalChats, additionalStorage } =
+              metadata
+            if (!workspaceId || !plan || !additionalChats || !additionalStorage)
+              return res
+                .status(500)
+                .send({ message: `Couldn't retrieve valid metadata` })
+            await prisma.workspace.update({
+              where: { id: workspaceId },
+              data: {
+                plan: plan,
+                stripeId: session.customer as string,
+                additionalChatsIndex: parseInt(additionalChats),
+                additionalStorageIndex: parseInt(additionalStorage),
+                chatsLimitFirstEmailSentAt: null,
+                chatsLimitSecondEmailSentAt: null,
+                storageLimitFirstEmailSentAt: null,
+                storageLimitSecondEmailSentAt: null,
+              },
+            })
+          } else {
+            const { claimableCustomPlanId } = metadata
+            if (!claimableCustomPlanId)
+              return res
+                .status(500)
+                .send({ message: `Couldn't retrieve valid metadata` })
+            const { workspaceId, chatsLimit, seatsLimit, storageLimit } =
+              await prisma.claimableCustomPlan.update({
+                where: { id: claimableCustomPlanId },
+                data: { claimedAt: new Date() },
+              })
+
+            await prisma.workspace.update({
+              where: { id: workspaceId },
+              data: {
+                plan: Plan.CUSTOM,
+                stripeId: session.customer as string,
+                customChatsLimit: chatsLimit,
+                customStorageLimit: storageLimit,
+                customSeatsLimit: seatsLimit,
+              },
+            })
+          }
+
+          return res.status(200).send({ message: 'workspace upgraded in DB' })
+        }
+        case 'customer.subscription.deleted': {
+          const subscription = event.data.object as Stripe.Subscription
+          await prisma.workspace.update({
+            where: {
+              stripeId: subscription.customer as string,
+            },
+            data: {
+              plan: Plan.FREE,
+              additionalChatsIndex: 0,
+              additionalStorageIndex: 0,
+              chatsLimitFirstEmailSentAt: null,
+              chatsLimitSecondEmailSentAt: null,
+              storageLimitFirstEmailSentAt: null,
+              storageLimitSecondEmailSentAt: null,
+            },
+          })
+          return res.send({ message: 'workspace downgraded in DB' })
+        }
+        default: {
+          return res.status(304).send({ message: 'event not handled' })
+        }
+      }
+    } catch (err) {
+      console.error(err)
+      if (err instanceof Error) {
+        console.error(err)
+        return res.status(400).send(`Webhook Error: ${err.message}`)
+      }
+      return res.status(500).send(`Error occured: ${err}`)
+    }
+  }
+  return methodNotAllowed(res)
+}
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export default withSentry(cors(webhookHandler as any))