fix: make stripe webhooks explicitly toggleable with mandatory secret validation
This commit is contained in:
@@ -5,6 +5,7 @@ Billing encapsulates logic related to synchronizing state with Stripe, processin
|
||||
Members:
|
||||
|
||||
- `nwc_url: String` - a nostr wallet connect URL used to **create** bolt11 invoices (i.e. receive payments), from `NWC_URL`
|
||||
- `stripe_webhooks_enabled: bool` - enables/disables Stripe webhook handling, from `STRIPE_WEBHOOKS_ENABLED`
|
||||
- `stripe_webhook_secret: String` - secret for verifying Stripe webhook signatures, from `STRIPE_WEBHOOK_SECRET`
|
||||
- `query: Query`
|
||||
- `command: Command`
|
||||
@@ -13,6 +14,10 @@ Members:
|
||||
## `pub fn new(query: Query, command: Command, robot: Robot) -> Self`
|
||||
|
||||
- Reads environment and populates members
|
||||
- Panics if `STRIPE_SECRET_KEY` is missing/empty
|
||||
- Parses `STRIPE_WEBHOOKS_ENABLED` as a boolean (`true/false`, `1/0`, `yes/no`, `on/off`)
|
||||
- Defaults `STRIPE_WEBHOOKS_ENABLED` to `false` in debug builds and `true` in release builds
|
||||
- Panics if `STRIPE_WEBHOOK_SECRET` is missing/empty while `STRIPE_WEBHOOKS_ENABLED=true`
|
||||
|
||||
## `pub fn start(&self)`
|
||||
|
||||
@@ -33,6 +38,7 @@ Manages the Stripe subscription and subscription items for a relay's tenant. Onl
|
||||
|
||||
## `pub fn handle_webhook(&self, payload: &str, signature: &str) -> Result<()>`
|
||||
|
||||
- Returns an error when Stripe webhooks are disabled
|
||||
- Verify the webhook signature using `self.stripe_webhook_secret`
|
||||
- Parse the event and dispatch by type:
|
||||
- `invoice.created` -> `self.handle_invoice_created`
|
||||
@@ -109,4 +115,3 @@ Skip invoices with `amount_due` of 0.
|
||||
|
||||
- Look up tenant by `stripe_customer_id`
|
||||
- Clear `stripe_subscription_id` via `command.clear_tenant_subscription`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user