feat(editor): ✨ Team workspaces

2022-05-13 15:22:44 -07:00
parent 6c2986590b
commit f0fdf08b00
132 changed files with 3354 additions and 1228 deletions
--- a/apps/builder/pages/api/stripe/customer-portal.ts
+++ b/apps/builder/pages/api/stripe/customer-portal.ts
@ -1,25 +1,36 @@
-import { User } from 'db'
 import { NextApiRequest, NextApiResponse } from 'next'
-import { getSession } from 'next-auth/react'
-import { methodNotAllowed } from 'utils'
+import {
+  badRequest,
+  forbidden,
+  methodNotAllowed,
+  notAuthenticated,
+} from 'utils'
 import Stripe from 'stripe'
 import { withSentry } from '@sentry/nextjs'
+import { getAuthenticatedUser } from 'services/api/utils'
+import prisma from 'libs/prisma'
+import { WorkspaceRole } from 'db'

 const handler = async (req: NextApiRequest, res: NextApiResponse) => {
-  const session = await getSession({ req })
-  if (!session?.user)
-    return res.status(401).json({ message: 'Not authenticated' })
-  const user = session.user as User
-  if (!user.stripeId)
-    return res.status(401).json({ message: 'Not authenticated' })
+  const user = await getAuthenticatedUser(req)
+  if (!user) return notAuthenticated(res)
  if (req.method === 'GET') {
+    const workspaceId = req.query.workspaceId as string | undefined
+    if (!workspaceId) return badRequest(res)
    if (!process.env.STRIPE_SECRET_KEY)
      throw Error('STRIPE_SECRET_KEY var is missing')
+    const workspace = await prisma.workspace.findFirst({
+      where: {
+        id: workspaceId,
+        members: { some: { userId: user.id, role: WorkspaceRole.ADMIN } },
+      },
+    })
+    if (!workspace?.stripeId) return forbidden(res)
    const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
      apiVersion: '2020-08-27',
    })
    const session = await stripe.billingPortal.sessions.create({
-      customer: user.stripeId,
+      customer: workspace.stripeId,
      return_url: req.headers.referer,
    })
    res.redirect(session.url)