forked from coracle/caravel
Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 userAdityaa
|
164fff8be2 | ||
|
userAdityaa
|
0151762362 | ||
|
userAdityaa
|
a79c43e17e | ||
 Jon Staab
|
dbe25c372f | ||
|
userAdityaa
|
80a86452d0 | ||
|
userAdityaa
|
b1e3747ddb | ||
|
userAdityaa
|
29f657635c | ||
|
userAdityaa
|
9556a34b19 | ||
|
userAdityaa
|
3ecd285290 | ||
|
userAdityaa
|
9f8fe7261f | ||
|
userAdityaa
|
1aeb15971d |
@@ -28,5 +28,6 @@ LIVEKIT_API_SECRET=
|
||||
|
||||
# Billing
|
||||
NWC_URL= # Nostr Wallet Connect URL for generating Lightning invoices
|
||||
ENCRYPTION_SECRET= # Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest
|
||||
STRIPE_SECRET_KEY= # Required Stripe API secret key (sk_...)
|
||||
STRIPE_WEBHOOK_SECRET=whsec_test_00000000000000000000000000 # Webhook signing secret (use real value in production)
|
||||
|
||||
@@ -44,6 +44,7 @@ Environment variables:
|
||||
| `LIVEKIT_API_KEY` | LiveKit API key sent to zooid | _optional_ |
|
||||
| `LIVEKIT_API_SECRET` | LiveKit API secret sent to zooid | _optional_ |
|
||||
| `NWC_URL` | Platform NWC URL used to generate BOLT11 invoices | _required for invoice generation_ |
|
||||
| `ENCRYPTION_SECRET` | Nostr secret key (hex or nsec) used to encrypt tenant NWC URLs at rest | _required_ |
|
||||
| `STRIPE_SECRET_KEY` | Stripe API secret key used for billing API operations | _required_ |
|
||||
| `STRIPE_WEBHOOK_SECRET` | Stripe webhook signing secret used to verify `Stripe-Signature` headers | _required_ |
|
||||
| `ROBOT_SECRET` | Robot Nostr secret key | _required_ |
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
CREATE TABLE IF NOT EXISTS invoice_nwc_payment (
|
||||
invoice_id TEXT PRIMARY KEY,
|
||||
tenant_pubkey TEXT NOT NULL,
|
||||
state TEXT NOT NULL CHECK (state IN ('pending', 'paid')),
|
||||
created_at INTEGER NOT NULL,
|
||||
updated_at INTEGER NOT NULL,
|
||||
FOREIGN KEY (tenant_pubkey) REFERENCES tenant(pubkey)
|
||||
);
|
||||
|
||||
CREATE INDEX IF NOT EXISTS idx_invoice_nwc_payment_tenant_pubkey
|
||||
ON invoice_nwc_payment (tenant_pubkey);
|
||||
@@ -0,0 +1,11 @@
|
||||
CREATE TABLE IF NOT EXISTS invoice_manual_lightning_payment (
|
||||
invoice_id TEXT PRIMARY KEY,
|
||||
tenant_pubkey TEXT NOT NULL,
|
||||
bolt11 TEXT NOT NULL,
|
||||
created_at INTEGER NOT NULL,
|
||||
updated_at INTEGER NOT NULL,
|
||||
FOREIGN KEY (tenant_pubkey) REFERENCES tenant(pubkey)
|
||||
);
|
||||
|
||||
CREATE INDEX IF NOT EXISTS idx_invoice_manual_lightning_payment_tenant_pubkey
|
||||
ON invoice_manual_lightning_payment (tenant_pubkey);
|
||||
+5
-4
@@ -57,7 +57,7 @@ Notes:
|
||||
|
||||
- Serves `GET /tenants`
|
||||
- Authorizes admin only
|
||||
- Return `data` is a list of tenant structs from `query.list_tenants`
|
||||
- Return `data` is a list of `TenantResponse` structs (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
|
||||
## `async fn create_tenant(...) -> Response`
|
||||
|
||||
@@ -69,20 +69,21 @@ Notes:
|
||||
- On unique-constraint race (`pubkey-exists`), re-fetch and return the existing tenant
|
||||
- If Stripe customer creation fails, return `code=stripe-customer-create-failed`
|
||||
- Always returns `200` (create-or-get is uniform)
|
||||
- Return `data` is a single `Tenant` struct
|
||||
- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
|
||||
## `async fn get_tenant(...) -> Response`
|
||||
|
||||
- Serves `GET /tenants/:pubkey`
|
||||
- Authorizes admin or matching tenant
|
||||
- Return `data` is a single tenant struct from `query.get_tenant`
|
||||
- Return `data` is a single `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
|
||||
## `async fn update_tenant(...) -> Response`
|
||||
|
||||
- Serves `PUT /tenants/:pubkey`
|
||||
- Authorizes admin or matching tenant
|
||||
- Accepts `nwc_url` in the request body; encrypts it before storage using `cipher::encrypt`
|
||||
- Updates tenant using `command.update_tenant`
|
||||
- Return `data` is the updated tenant struct
|
||||
- Return `data` is the updated `TenantResponse` struct (contains `nwc_is_set: bool` instead of `nwc_url`)
|
||||
|
||||
## `async fn list_tenant_relays(...) -> Response`
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ There are three plans available:
|
||||
Tenants are customers of the service, identified by a nostr `pubkey`. Public metadata like name etc are pulled from the nostr network. They also have associated billing information.
|
||||
|
||||
- `pubkey` is the nostr public key identifying the tenant
|
||||
- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf
|
||||
- `nwc_url` (private) a nostr wallet connect URL used for **paying** invoices generated by the system on the tenant's behalf; stored encrypted at rest using NIP-44 via `ENCRYPTION_SECRET`; never serialized to API responses — tenant API endpoints expose `nwc_is_set: bool` instead
|
||||
- `nwc_error` (private) a string indicating the most recent NWC payment error, if any. Cleared on successful NWC payment.
|
||||
- `created_at` unix timestamp identifying tenant creation time
|
||||
- `stripe_customer_id` a string identifying the associated stripe customer
|
||||
@@ -63,9 +63,9 @@ Tenants are customers of the service, identified by a nostr `pubkey`. Public met
|
||||
|
||||
A relay is a nostr relay owned by a `tenant` and hosted by the attached zooid instance. Relay subdomains MUST be unique.
|
||||
|
||||
- `id` - a random ID identifying the relay
|
||||
- `id` - calculated based on `subdomain` + 8 random hex chars
|
||||
- `tenant` - the tenant's pubkey
|
||||
- `schema` - the relay's db schema (read_only, calculated based on `subdomain` + `id`)
|
||||
- `schema` - the relay's db schema (read only, same as `id`)
|
||||
- `subdomain` - the relay's subdomain
|
||||
- `plan` - the relay's plan
|
||||
- `stripe_subscription_item_id` (nullable) - the Stripe subscription item id. Only set for relays on paid plans.
|
||||
|
||||
+79
-15
@@ -3,7 +3,7 @@ use std::sync::Arc;
|
||||
use anyhow::{Result, anyhow};
|
||||
use axum::{
|
||||
Json, Router,
|
||||
extract::{Path, State},
|
||||
extract::{Path, Query as QueryParams, State},
|
||||
http::{HeaderMap, StatusCode},
|
||||
response::{IntoResponse, Response},
|
||||
routing::{get, post},
|
||||
@@ -275,9 +275,6 @@ impl Api {
|
||||
return Err(RelayValidationError::PremiumFeature);
|
||||
}
|
||||
|
||||
if relay.schema.is_empty() {
|
||||
relay.schema = format!("{}_{}", relay.subdomain.replace('-', "_"), relay.id);
|
||||
}
|
||||
if relay.status.is_empty() {
|
||||
relay.status = RELAY_STATUS_ACTIVE.to_string();
|
||||
}
|
||||
@@ -445,6 +442,31 @@ struct IdentityResponse {
|
||||
is_admin: bool,
|
||||
}
|
||||
|
||||
#[derive(Serialize)]
|
||||
struct TenantResponse {
|
||||
pubkey: String,
|
||||
nwc_is_set: bool,
|
||||
nwc_error: Option<String>,
|
||||
created_at: i64,
|
||||
stripe_customer_id: String,
|
||||
stripe_subscription_id: Option<String>,
|
||||
past_due_at: Option<i64>,
|
||||
}
|
||||
|
||||
impl From<Tenant> for TenantResponse {
|
||||
fn from(t: Tenant) -> Self {
|
||||
TenantResponse {
|
||||
nwc_is_set: !t.nwc_url.is_empty(),
|
||||
pubkey: t.pubkey,
|
||||
nwc_error: t.nwc_error,
|
||||
created_at: t.created_at,
|
||||
stripe_customer_id: t.stripe_customer_id,
|
||||
stripe_subscription_id: t.stripe_subscription_id,
|
||||
past_due_at: t.past_due_at,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Deserialize)]
|
||||
struct CreateRelayRequest {
|
||||
tenant: String,
|
||||
@@ -486,7 +508,13 @@ async fn list_tenants(
|
||||
state.api.require_admin(&pubkey)?;
|
||||
|
||||
match state.api.query.list_tenants().await {
|
||||
Ok(tenants) => Ok(ok(StatusCode::OK, tenants)),
|
||||
Ok(tenants) => Ok(ok(
|
||||
StatusCode::OK,
|
||||
tenants
|
||||
.into_iter()
|
||||
.map(TenantResponse::from)
|
||||
.collect::<Vec<_>>(),
|
||||
)),
|
||||
Err(e) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
"internal",
|
||||
@@ -515,7 +543,7 @@ async fn create_tenant(
|
||||
let pubkey = state.api.extract_auth_pubkey(&headers)?;
|
||||
|
||||
match state.api.query.get_tenant(&pubkey).await {
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, t)),
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
|
||||
Ok(None) => {
|
||||
let stripe_customer_id = match state.api.billing.stripe_create_customer(&pubkey).await {
|
||||
Ok(id) => id,
|
||||
@@ -539,10 +567,10 @@ async fn create_tenant(
|
||||
};
|
||||
|
||||
match state.api.command.create_tenant(&tenant).await {
|
||||
Ok(()) => Ok(ok(StatusCode::OK, tenant)),
|
||||
Ok(()) => Ok(ok(StatusCode::OK, TenantResponse::from(tenant))),
|
||||
Err(e) if matches!(map_unique_error(&e), Some("pubkey-exists")) => {
|
||||
match state.api.query.get_tenant(&pubkey).await {
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, t)),
|
||||
Ok(Some(t)) => Ok(ok(StatusCode::OK, TenantResponse::from(t))),
|
||||
Ok(None) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
"internal",
|
||||
@@ -585,7 +613,7 @@ async fn get_tenant(
|
||||
let auth = state.api.extract_auth_pubkey(&headers)?;
|
||||
state.api.require_admin_or_tenant(&auth, &pubkey)?;
|
||||
let tenant = state.api.get_tenant_or_404(&pubkey).await?;
|
||||
Ok(ok(StatusCode::OK, tenant))
|
||||
Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
|
||||
}
|
||||
|
||||
async fn list_relays(
|
||||
@@ -723,10 +751,16 @@ async fn create_relay(
|
||||
let auth = state.api.extract_auth_pubkey(&headers)?;
|
||||
state.api.require_admin_or_tenant(&auth, &payload.tenant)?;
|
||||
|
||||
let relay_id = format!(
|
||||
"{}_{}",
|
||||
payload.subdomain.replace('-', "_"),
|
||||
&uuid::Uuid::new_v4().simple().to_string()[..8]
|
||||
);
|
||||
|
||||
let mut relay = Relay {
|
||||
id: uuid::Uuid::new_v4().to_string(),
|
||||
id: relay_id.clone(),
|
||||
tenant: payload.tenant,
|
||||
schema: String::new(),
|
||||
schema: relay_id.clone(),
|
||||
subdomain: payload.subdomain,
|
||||
plan: payload.plan,
|
||||
stripe_subscription_item_id: None,
|
||||
@@ -1009,6 +1043,13 @@ async fn get_invoice(
|
||||
.map_err(map_invoice_lookup_error)?;
|
||||
state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?;
|
||||
|
||||
let invoice = state
|
||||
.api
|
||||
.billing
|
||||
.reconcile_manual_lightning_invoice(&id, &invoice)
|
||||
.await
|
||||
.map_err(map_invoice_lookup_error)?;
|
||||
|
||||
Ok(ok(StatusCode::OK, invoice))
|
||||
}
|
||||
|
||||
@@ -1026,6 +1067,13 @@ async fn get_invoice_bolt11(
|
||||
.map_err(map_invoice_lookup_error)?;
|
||||
state.api.require_admin_or_tenant(&auth, &tenant.pubkey)?;
|
||||
|
||||
let invoice = state
|
||||
.api
|
||||
.billing
|
||||
.reconcile_manual_lightning_invoice(&id, &invoice)
|
||||
.await
|
||||
.map_err(map_invoice_lookup_error)?;
|
||||
|
||||
let status = invoice["status"].as_str().unwrap_or_default();
|
||||
if status != "open" {
|
||||
return Ok(err(
|
||||
@@ -1038,7 +1086,12 @@ async fn get_invoice_bolt11(
|
||||
let amount_due = invoice["amount_due"].as_i64().unwrap_or(0);
|
||||
let currency = invoice["currency"].as_str().unwrap_or("usd");
|
||||
|
||||
match state.api.billing.create_bolt11(amount_due, currency).await {
|
||||
match state
|
||||
.api
|
||||
.billing
|
||||
.get_or_create_manual_lightning_bolt11(&id, &tenant.pubkey, amount_due, currency)
|
||||
.await
|
||||
{
|
||||
Ok(bolt11) => Ok(ok(StatusCode::OK, serde_json::json!({ "bolt11": bolt11 }))),
|
||||
Err(e) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
@@ -1048,10 +1101,16 @@ async fn get_invoice_bolt11(
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(serde::Deserialize)]
|
||||
struct StripeSessionParams {
|
||||
return_url: Option<String>,
|
||||
}
|
||||
|
||||
async fn create_stripe_session(
|
||||
State(state): State<AppState>,
|
||||
headers: HeaderMap,
|
||||
Path(pubkey): Path<String>,
|
||||
QueryParams(params): QueryParams<StripeSessionParams>,
|
||||
) -> std::result::Result<Response, ApiError> {
|
||||
let auth = state.api.extract_auth_pubkey(&headers)?;
|
||||
state.api.require_admin_or_tenant(&auth, &pubkey)?;
|
||||
@@ -1060,7 +1119,7 @@ async fn create_stripe_session(
|
||||
match state
|
||||
.api
|
||||
.billing
|
||||
.stripe_create_portal_session(&tenant.stripe_customer_id)
|
||||
.stripe_create_portal_session(&tenant.stripe_customer_id, params.return_url.as_deref())
|
||||
.await
|
||||
{
|
||||
Ok(url) => Ok(ok(StatusCode::OK, serde_json::json!({ "url": url }))),
|
||||
@@ -1084,7 +1143,12 @@ async fn update_tenant(
|
||||
|
||||
let nwc_previously_empty = tenant.nwc_url.is_empty();
|
||||
if let Some(nwc_url) = payload.nwc_url {
|
||||
tenant.nwc_url = nwc_url;
|
||||
if nwc_url.is_empty() {
|
||||
tenant.nwc_url = String::new();
|
||||
} else {
|
||||
tenant.nwc_url =
|
||||
crate::cipher::encrypt(&nwc_url).map_err(|e| ApiError::Internal(e.to_string()))?;
|
||||
}
|
||||
}
|
||||
|
||||
match state.api.command.update_tenant(&tenant).await {
|
||||
@@ -1103,7 +1167,7 @@ async fn update_tenant(
|
||||
}
|
||||
});
|
||||
}
|
||||
Ok(ok(StatusCode::OK, tenant))
|
||||
Ok(ok(StatusCode::OK, TenantResponse::from(tenant)))
|
||||
}
|
||||
Err(e) => Ok(err(
|
||||
StatusCode::INTERNAL_SERVER_ERROR,
|
||||
|
||||
+387
-47
@@ -1,7 +1,8 @@
|
||||
use anyhow::{Result, anyhow};
|
||||
use hmac::{Hmac, Mac};
|
||||
use nwc::prelude::{
|
||||
MakeInvoiceRequest, NWC, NostrWalletConnectURI, PayInvoiceRequest as NwcPayInvoiceRequest,
|
||||
LookupInvoiceRequest, LookupInvoiceResponse, MakeInvoiceRequest, NWC, NostrWalletConnectURI,
|
||||
PayInvoiceRequest as NwcPayInvoiceRequest, TransactionState,
|
||||
};
|
||||
use sha2::Sha256;
|
||||
|
||||
@@ -17,6 +18,9 @@ type HmacSha256 = Hmac<Sha256>;
|
||||
const STRIPE_API: &str = "https://api.stripe.com/v1";
|
||||
const COINBASE_SPOT_API: &str = "https://api.coinbase.com/v2/prices";
|
||||
const WEBHOOK_TOLERANCE_SECS: i64 = 300;
|
||||
const MANUAL_LIGHTNING_PAYMENT_DM: &str = "Payment is due for your relay subscription. Please visit the application to complete a manual Lightning payment.";
|
||||
const NWC_ERROR_DM_PREFIX: &str = "NWC auto-payment failed:";
|
||||
const NWC_ERROR_DM_MAX_CHARS: usize = 240;
|
||||
|
||||
#[derive(Debug)]
|
||||
pub enum InvoiceLookupError {
|
||||
@@ -75,12 +79,17 @@ struct CoinbaseSpotPriceData {
|
||||
amount: String,
|
||||
}
|
||||
|
||||
enum NwcInvoicePaymentOutcome {
|
||||
Paid,
|
||||
Fallback(anyhow::Error),
|
||||
Pending(anyhow::Error),
|
||||
}
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct Billing {
|
||||
nwc_url: String,
|
||||
stripe_secret_key: String,
|
||||
stripe_webhook_secret: String,
|
||||
btc_quote_api_base: String,
|
||||
http: reqwest::Client,
|
||||
query: Query,
|
||||
command: Command,
|
||||
@@ -98,13 +107,10 @@ impl Billing {
|
||||
if stripe_webhook_secret.trim().is_empty() {
|
||||
panic!("missing STRIPE_WEBHOOK_SECRET environment variable");
|
||||
}
|
||||
let btc_quote_api_base =
|
||||
std::env::var("BTC_PRICE_API_BASE").unwrap_or_else(|_| COINBASE_SPOT_API.to_string());
|
||||
Self {
|
||||
nwc_url,
|
||||
stripe_secret_key,
|
||||
stripe_webhook_secret,
|
||||
btc_quote_api_base,
|
||||
http: reqwest::Client::new(),
|
||||
query,
|
||||
command,
|
||||
@@ -115,6 +121,10 @@ impl Billing {
|
||||
pub async fn start(self) {
|
||||
let mut rx = self.command.notify.subscribe();
|
||||
|
||||
if let Err(error) = self.reconcile_relay_subscriptions("startup").await {
|
||||
tracing::error!(error = %error, "failed to reconcile relay billing state on startup");
|
||||
}
|
||||
|
||||
loop {
|
||||
match rx.recv().await {
|
||||
Ok(activity) => {
|
||||
@@ -124,12 +134,43 @@ impl Billing {
|
||||
}
|
||||
Err(tokio::sync::broadcast::error::RecvError::Lagged(n)) => {
|
||||
tracing::warn!(missed = n, "billing lagged");
|
||||
|
||||
if let Err(error) = self.reconcile_relay_subscriptions("lagged").await {
|
||||
tracing::error!(error = %error, "failed to reconcile relay billing state after lag");
|
||||
}
|
||||
}
|
||||
Err(tokio::sync::broadcast::error::RecvError::Closed) => break,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
async fn reconcile_relay_subscriptions(&self, source: &str) -> Result<()> {
|
||||
let relays = self.query.list_relays().await?;
|
||||
|
||||
if relays.is_empty() {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
tracing::info!(
|
||||
source,
|
||||
relay_count = relays.len(),
|
||||
"reconciling relay billing state"
|
||||
);
|
||||
|
||||
for relay in relays {
|
||||
if let Err(error) = self.sync_relay_subscription_for_relay(&relay).await {
|
||||
tracing::error!(
|
||||
source,
|
||||
relay = %relay.id,
|
||||
error = %error,
|
||||
"failed to reconcile relay billing state"
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn handle_activity(&self, activity: &Activity) -> Result<()> {
|
||||
let needs_billing_sync = matches!(
|
||||
activity.activity_type.as_str(),
|
||||
@@ -153,6 +194,10 @@ impl Billing {
|
||||
return Ok(());
|
||||
};
|
||||
|
||||
self.sync_relay_subscription_for_relay(&relay).await
|
||||
}
|
||||
|
||||
async fn sync_relay_subscription_for_relay(&self, relay: &Relay) -> Result<()> {
|
||||
let Some(tenant) = self.query.get_tenant(&relay.tenant).await? else {
|
||||
return Ok(());
|
||||
};
|
||||
@@ -261,6 +306,23 @@ impl Billing {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn existing_invoice_nwc_payment_outcome(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
) -> Result<Option<NwcInvoicePaymentOutcome>> {
|
||||
let state = self.query.get_invoice_nwc_payment_state(invoice_id).await?;
|
||||
match state.as_deref() {
|
||||
Some("paid") => Ok(Some(NwcInvoicePaymentOutcome::Paid)),
|
||||
Some("pending") => Ok(Some(NwcInvoicePaymentOutcome::Pending(anyhow!(
|
||||
"invoice {invoice_id} has a pending NWC reconciliation; refusing to create a new Lightning charge"
|
||||
)))),
|
||||
Some(other) => Err(anyhow!(
|
||||
"unknown invoice_nwc_payment state '{other}' for invoice {invoice_id}"
|
||||
)),
|
||||
None => Ok(None),
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn handle_webhook(&self, payload: &str, signature: &str) -> Result<()> {
|
||||
self.verify_webhook_signature(payload, signature)?;
|
||||
|
||||
@@ -360,24 +422,55 @@ impl Billing {
|
||||
return Ok(());
|
||||
};
|
||||
|
||||
let mut nwc_error_for_dm: Option<String> = None;
|
||||
|
||||
// 1. NWC auto-pay: if the tenant has a nwc_url
|
||||
if !tenant.nwc_url.is_empty() {
|
||||
let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
|
||||
match self
|
||||
.nwc_pay_invoice(amount_due, currency, &tenant.nwc_url)
|
||||
.await
|
||||
.nwc_pay_invoice(
|
||||
invoice_id,
|
||||
&tenant.pubkey,
|
||||
amount_due,
|
||||
currency,
|
||||
&plain_nwc_url,
|
||||
)
|
||||
.await?
|
||||
{
|
||||
Ok(()) => {
|
||||
self.stripe_pay_invoice_out_of_band(invoice_id).await?;
|
||||
self.command.clear_tenant_nwc_error(&tenant.pubkey).await?;
|
||||
NwcInvoicePaymentOutcome::Paid => {
|
||||
self.mark_invoice_paid_out_of_band_after_nwc(invoice_id, &tenant.pubkey)
|
||||
.await?;
|
||||
return Ok(());
|
||||
}
|
||||
Err(e) => {
|
||||
NwcInvoicePaymentOutcome::Fallback(e) => {
|
||||
let error_msg = format!("{e}");
|
||||
self.command
|
||||
.set_tenant_nwc_error(&tenant.pubkey, &error_msg)
|
||||
.await?;
|
||||
tracing::warn!(
|
||||
error = %e,
|
||||
tenant_pubkey = %tenant.pubkey,
|
||||
stripe_customer_id,
|
||||
invoice_id,
|
||||
"nwc auto-payment failed for invoice.created"
|
||||
);
|
||||
nwc_error_for_dm = summarize_nwc_error_for_dm(&error_msg);
|
||||
// Fall through to next option
|
||||
}
|
||||
NwcInvoicePaymentOutcome::Pending(e) => {
|
||||
let error_msg = format!("{e}");
|
||||
self.command
|
||||
.set_tenant_nwc_error(&tenant.pubkey, &error_msg)
|
||||
.await?;
|
||||
tracing::error!(
|
||||
error = %e,
|
||||
tenant_pubkey = %tenant.pubkey,
|
||||
stripe_customer_id,
|
||||
invoice_id,
|
||||
"nwc auto-payment requires reconciliation before retry"
|
||||
);
|
||||
return Err(e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -390,12 +483,8 @@ impl Billing {
|
||||
}
|
||||
|
||||
// 3. Manual payment: send a DM
|
||||
self.robot
|
||||
.send_dm(
|
||||
&tenant.pubkey,
|
||||
"Payment is due for your relay subscription. Please visit the application to complete a manual Lightning payment.",
|
||||
)
|
||||
.await?;
|
||||
let dm_message = manual_lightning_payment_dm(nwc_error_for_dm.as_deref());
|
||||
self.robot.send_dm(&tenant.pubkey, &dm_message).await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
@@ -635,14 +724,61 @@ impl Billing {
|
||||
Ok((invoice, tenant))
|
||||
}
|
||||
|
||||
pub async fn reconcile_manual_lightning_invoice(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
invoice: &serde_json::Value,
|
||||
) -> std::result::Result<serde_json::Value, InvoiceLookupError> {
|
||||
self.reconcile_manual_lightning_invoice_if_settled(invoice_id, invoice)
|
||||
.await
|
||||
}
|
||||
|
||||
pub async fn get_or_create_manual_lightning_bolt11(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
tenant_pubkey: &str,
|
||||
amount_due_minor: i64,
|
||||
currency: &str,
|
||||
) -> Result<String> {
|
||||
if let Some(existing_bolt11) = self
|
||||
.query
|
||||
.get_invoice_manual_lightning_bolt11(invoice_id)
|
||||
.await?
|
||||
{
|
||||
return Ok(existing_bolt11);
|
||||
}
|
||||
|
||||
let bolt11 = self.create_bolt11(amount_due_minor, currency).await?;
|
||||
|
||||
if self
|
||||
.command
|
||||
.insert_manual_lightning_invoice_payment(invoice_id, tenant_pubkey, &bolt11)
|
||||
.await?
|
||||
{
|
||||
return Ok(bolt11);
|
||||
}
|
||||
|
||||
self.query
|
||||
.get_invoice_manual_lightning_bolt11(invoice_id)
|
||||
.await?
|
||||
.ok_or_else(|| {
|
||||
anyhow!(
|
||||
"manual lightning payment row missing after insert race for invoice {invoice_id}"
|
||||
)
|
||||
})
|
||||
}
|
||||
|
||||
pub async fn stripe_create_customer(&self, tenant_pubkey: &str) -> Result<String> {
|
||||
let short_pubkey: String = tenant_pubkey.chars().take(12).collect();
|
||||
let display_name = format!("Caravel tenant {short_pubkey}");
|
||||
let short_pubkey: String = tenant_pubkey.chars().take(8).collect();
|
||||
let nostr_name = self.robot.fetch_nostr_name(tenant_pubkey).await;
|
||||
let display_name = nostr_name.unwrap_or_else(|| short_pubkey.clone());
|
||||
let idempotency_key = self.idempotency_key(&["create_customer", tenant_pubkey]);
|
||||
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/customers"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.form(&[
|
||||
("name", display_name.as_str()),
|
||||
("metadata[tenant_pubkey]", tenant_pubkey),
|
||||
@@ -727,6 +863,8 @@ impl Billing {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let plain_nwc_url = crate::cipher::decrypt(&tenant.nwc_url)?;
|
||||
|
||||
let invoices = self
|
||||
.stripe_list_invoices(&tenant.stripe_customer_id)
|
||||
.await?;
|
||||
@@ -743,21 +881,28 @@ impl Billing {
|
||||
}
|
||||
|
||||
match self
|
||||
.nwc_pay_invoice(amount_due, currency, &tenant.nwc_url)
|
||||
.await
|
||||
.nwc_pay_invoice(
|
||||
invoice_id,
|
||||
&tenant.pubkey,
|
||||
amount_due,
|
||||
currency,
|
||||
&plain_nwc_url,
|
||||
)
|
||||
.await?
|
||||
{
|
||||
Ok(()) => {
|
||||
if let Err(e) = self.stripe_pay_invoice_out_of_band(invoice_id).await {
|
||||
NwcInvoicePaymentOutcome::Paid => {
|
||||
if let Err(e) = self
|
||||
.mark_invoice_paid_out_of_band_after_nwc(invoice_id, &tenant.pubkey)
|
||||
.await
|
||||
{
|
||||
tracing::error!(
|
||||
error = %e,
|
||||
invoice_id,
|
||||
"failed to mark invoice paid out of band"
|
||||
);
|
||||
} else {
|
||||
let _ = self.command.clear_tenant_nwc_error(&tenant.pubkey).await;
|
||||
}
|
||||
}
|
||||
Err(e) => {
|
||||
NwcInvoicePaymentOutcome::Fallback(e) => {
|
||||
let error_msg = format!("{e}");
|
||||
tracing::error!(
|
||||
error = %e,
|
||||
@@ -769,6 +914,18 @@ impl Billing {
|
||||
.set_tenant_nwc_error(&tenant.pubkey, &error_msg)
|
||||
.await;
|
||||
}
|
||||
NwcInvoicePaymentOutcome::Pending(e) => {
|
||||
let error_msg = format!("{e}");
|
||||
tracing::error!(
|
||||
error = %e,
|
||||
invoice_id,
|
||||
"outstanding invoice requires NWC reconciliation before retry"
|
||||
);
|
||||
let _ = self
|
||||
.command
|
||||
.set_tenant_nwc_error(&tenant.pubkey, &error_msg)
|
||||
.await;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -809,12 +966,20 @@ impl Billing {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn stripe_create_portal_session(&self, customer_id: &str) -> Result<String> {
|
||||
pub async fn stripe_create_portal_session(
|
||||
&self,
|
||||
customer_id: &str,
|
||||
return_url: Option<&str>,
|
||||
) -> Result<String> {
|
||||
let mut params = vec![("customer", customer_id.to_string())];
|
||||
if let Some(url) = return_url {
|
||||
params.push(("return_url", url.to_string()));
|
||||
}
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/billing_portal/sessions"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.form(&[("customer", customer_id)])
|
||||
.form(¶ms)
|
||||
.send()
|
||||
.await?;
|
||||
|
||||
@@ -829,15 +994,29 @@ impl Billing {
|
||||
|
||||
// --- Stripe API helpers ---
|
||||
|
||||
fn idempotency_key(&self, parts: &[&str]) -> String {
|
||||
let mut mac = HmacSha256::new_from_slice(self.stripe_secret_key.as_bytes())
|
||||
.expect("HMAC accepts any key length");
|
||||
for (i, part) in parts.iter().enumerate() {
|
||||
if i > 0 {
|
||||
mac.update(b":");
|
||||
}
|
||||
mac.update(part.as_bytes());
|
||||
}
|
||||
hex::encode(mac.finalize().into_bytes())
|
||||
}
|
||||
|
||||
async fn stripe_create_subscription(
|
||||
&self,
|
||||
customer_id: &str,
|
||||
price_id: &str,
|
||||
) -> Result<(String, String)> {
|
||||
let idempotency_key = self.idempotency_key(&["create_subscription", customer_id, price_id]);
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/subscriptions"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.form(&[
|
||||
("customer", customer_id),
|
||||
("collection_method", "charge_automatically"),
|
||||
@@ -864,10 +1043,13 @@ impl Billing {
|
||||
subscription_id: &str,
|
||||
price_id: &str,
|
||||
) -> Result<String> {
|
||||
let idempotency_key =
|
||||
self.idempotency_key(&["create_subscription_item", subscription_id, price_id]);
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/subscription_items"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.form(&[("subscription", subscription_id), ("price", price_id)])
|
||||
.send()
|
||||
.await?;
|
||||
@@ -886,10 +1068,13 @@ impl Billing {
|
||||
item_id: &str,
|
||||
price_id: &str,
|
||||
) -> Result<String> {
|
||||
let idempotency_key =
|
||||
self.idempotency_key(&["update_subscription_item", item_id, price_id]);
|
||||
let resp = self
|
||||
.http
|
||||
.post(format!("{STRIPE_API}/subscription_items/{item_id}"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.form(&[("price", price_id)])
|
||||
.send()
|
||||
.await?;
|
||||
@@ -926,9 +1111,11 @@ impl Billing {
|
||||
}
|
||||
|
||||
async fn stripe_pay_invoice(&self, invoice_id: &str) -> Result<()> {
|
||||
let idempotency_key = self.idempotency_key(&["pay_invoice", invoice_id]);
|
||||
self.http
|
||||
.post(format!("{STRIPE_API}/invoices/{invoice_id}/pay"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.send()
|
||||
.await?
|
||||
.error_for_status()?;
|
||||
@@ -968,9 +1155,11 @@ impl Billing {
|
||||
}
|
||||
|
||||
async fn stripe_pay_invoice_out_of_band(&self, invoice_id: &str) -> Result<()> {
|
||||
let idempotency_key = self.idempotency_key(&["pay_invoice_oob", invoice_id]);
|
||||
self.http
|
||||
.post(format!("{STRIPE_API}/invoices/{invoice_id}/pay"))
|
||||
.bearer_auth(&self.stripe_secret_key)
|
||||
.header("Idempotency-Key", idempotency_key)
|
||||
.form(&[("paid_out_of_band", "true")])
|
||||
.send()
|
||||
.await?
|
||||
@@ -999,19 +1188,113 @@ impl Billing {
|
||||
|
||||
// --- NWC helpers ---
|
||||
|
||||
async fn mark_invoice_paid_out_of_band_after_nwc(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
tenant_pubkey: &str,
|
||||
) -> Result<()> {
|
||||
self.stripe_pay_invoice_out_of_band(invoice_id).await?;
|
||||
self.command.clear_tenant_nwc_error(tenant_pubkey).await?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn reconcile_manual_lightning_invoice_if_settled(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
invoice: &serde_json::Value,
|
||||
) -> std::result::Result<serde_json::Value, InvoiceLookupError> {
|
||||
if invoice["status"].as_str().unwrap_or_default() != "open" {
|
||||
return Ok(invoice.clone());
|
||||
}
|
||||
|
||||
let Some(bolt11) = self
|
||||
.query
|
||||
.get_invoice_manual_lightning_bolt11(invoice_id)
|
||||
.await?
|
||||
else {
|
||||
return Ok(invoice.clone());
|
||||
};
|
||||
|
||||
let settled = match self.is_manual_lightning_invoice_settled(&bolt11).await {
|
||||
Ok(settled) => settled,
|
||||
Err(error) => {
|
||||
tracing::warn!(
|
||||
error = %error,
|
||||
invoice_id,
|
||||
"failed to lookup manual lightning invoice settlement"
|
||||
);
|
||||
return Ok(invoice.clone());
|
||||
}
|
||||
};
|
||||
|
||||
if !settled {
|
||||
return Ok(invoice.clone());
|
||||
}
|
||||
|
||||
if let Err(error) = self.stripe_pay_invoice_out_of_band(invoice_id).await {
|
||||
tracing::warn!(
|
||||
error = %error,
|
||||
invoice_id,
|
||||
"failed to mark settled manual lightning invoice as paid_out_of_band"
|
||||
);
|
||||
}
|
||||
|
||||
self.stripe_get_invoice(invoice_id).await
|
||||
}
|
||||
|
||||
async fn is_manual_lightning_invoice_settled(&self, bolt11: &str) -> Result<bool> {
|
||||
let system_uri = Self::parse_nwc_uri(&self.nwc_url, "system")?;
|
||||
let system_nwc = NWC::new(system_uri);
|
||||
|
||||
let lookup_req = LookupInvoiceRequest {
|
||||
payment_hash: None,
|
||||
invoice: Some(bolt11.to_string()),
|
||||
};
|
||||
|
||||
let lookup_result = system_nwc.lookup_invoice(lookup_req).await;
|
||||
system_nwc.shutdown().await;
|
||||
|
||||
let lookup_response =
|
||||
lookup_result.map_err(|error| anyhow!("failed to lookup invoice: {error}"))?;
|
||||
|
||||
Ok(Self::lookup_invoice_response_is_settled(&lookup_response))
|
||||
}
|
||||
|
||||
fn lookup_invoice_response_is_settled(response: &LookupInvoiceResponse) -> bool {
|
||||
response.state == Some(TransactionState::Settled) || response.settled_at.is_some()
|
||||
}
|
||||
|
||||
fn parse_nwc_uri(nwc_url: &str, role: &str) -> Result<NostrWalletConnectURI> {
|
||||
nwc_url
|
||||
.parse::<NostrWalletConnectURI>()
|
||||
.map_err(|_| anyhow!("invalid {role} NWC URL"))
|
||||
}
|
||||
|
||||
async fn nwc_pay_invoice(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
tenant_pubkey: &str,
|
||||
amount_due_minor: i64,
|
||||
currency: &str,
|
||||
tenant_nwc_url: &str,
|
||||
) -> Result<()> {
|
||||
let amount_msats = self.fiat_minor_to_msats(amount_due_minor, currency).await?;
|
||||
) -> Result<NwcInvoicePaymentOutcome> {
|
||||
if let Some(existing_outcome) = self
|
||||
.existing_invoice_nwc_payment_outcome(invoice_id)
|
||||
.await?
|
||||
{
|
||||
return Ok(existing_outcome);
|
||||
}
|
||||
|
||||
let amount_msats = match self.fiat_minor_to_msats(amount_due_minor, currency).await {
|
||||
Ok(amount_msats) => amount_msats,
|
||||
Err(error) => return Ok(NwcInvoicePaymentOutcome::Fallback(error)),
|
||||
};
|
||||
|
||||
// Create a bolt11 invoice using the system wallet (self.nwc_url)
|
||||
let system_uri: NostrWalletConnectURI = self
|
||||
.nwc_url
|
||||
.parse()
|
||||
.map_err(|_| anyhow!("invalid system NWC URL"))?;
|
||||
let system_uri = match Self::parse_nwc_uri(&self.nwc_url, "system") {
|
||||
Ok(system_uri) => system_uri,
|
||||
Err(error) => return Ok(NwcInvoicePaymentOutcome::Fallback(error)),
|
||||
};
|
||||
let system_nwc = NWC::new(system_uri);
|
||||
|
||||
let make_req = MakeInvoiceRequest {
|
||||
@@ -1021,29 +1304,61 @@ impl Billing {
|
||||
expiry: None,
|
||||
};
|
||||
|
||||
let invoice_response = system_nwc
|
||||
.make_invoice(make_req)
|
||||
.await
|
||||
.map_err(|e| anyhow!("failed to create invoice: {e}"))?;
|
||||
let invoice_response = system_nwc.make_invoice(make_req).await;
|
||||
|
||||
let invoice_response = match invoice_response {
|
||||
Ok(invoice_response) => invoice_response,
|
||||
Err(error) => {
|
||||
system_nwc.shutdown().await;
|
||||
return Ok(NwcInvoicePaymentOutcome::Fallback(anyhow!(
|
||||
"failed to create invoice: {error}"
|
||||
)));
|
||||
}
|
||||
};
|
||||
|
||||
system_nwc.shutdown().await;
|
||||
|
||||
// Pay the bolt11 invoice using the tenant's wallet
|
||||
let tenant_uri: NostrWalletConnectURI = tenant_nwc_url
|
||||
.parse()
|
||||
.map_err(|_| anyhow!("invalid tenant NWC URL"))?;
|
||||
let tenant_uri = match Self::parse_nwc_uri(tenant_nwc_url, "tenant") {
|
||||
Ok(tenant_uri) => tenant_uri,
|
||||
Err(error) => return Ok(NwcInvoicePaymentOutcome::Fallback(error)),
|
||||
};
|
||||
|
||||
if !self
|
||||
.command
|
||||
.insert_pending_invoice_nwc_payment(invoice_id, tenant_pubkey)
|
||||
.await?
|
||||
{
|
||||
if let Some(existing_outcome) = self
|
||||
.existing_invoice_nwc_payment_outcome(invoice_id)
|
||||
.await?
|
||||
{
|
||||
return Ok(existing_outcome);
|
||||
}
|
||||
return Err(anyhow!(
|
||||
"invoice_nwc_payment row missing after insert race for invoice {invoice_id}"
|
||||
));
|
||||
}
|
||||
|
||||
let tenant_nwc = NWC::new(tenant_uri);
|
||||
|
||||
let pay_req = NwcPayInvoiceRequest::new(invoice_response.invoice);
|
||||
|
||||
tenant_nwc
|
||||
.pay_invoice(pay_req)
|
||||
.await
|
||||
.map_err(|e| anyhow!("failed to pay invoice: {e}"))?;
|
||||
let pay_result = tenant_nwc.pay_invoice(pay_req).await;
|
||||
|
||||
tenant_nwc.shutdown().await;
|
||||
|
||||
Ok(())
|
||||
match pay_result {
|
||||
Ok(_) => match self.command.mark_invoice_nwc_payment_paid(invoice_id).await {
|
||||
Ok(()) => Ok(NwcInvoicePaymentOutcome::Paid),
|
||||
Err(error) => Ok(NwcInvoicePaymentOutcome::Pending(anyhow!(
|
||||
"invoice {invoice_id} was charged over NWC but failed to persist paid state: {error}"
|
||||
))),
|
||||
},
|
||||
Err(error) => Ok(NwcInvoicePaymentOutcome::Pending(anyhow!(
|
||||
"invoice {invoice_id} NWC payment attempt requires reconciliation: {error}"
|
||||
))),
|
||||
}
|
||||
}
|
||||
|
||||
async fn fiat_minor_to_msats(&self, amount_due_minor: i64, currency: &str) -> Result<u64> {
|
||||
@@ -1057,7 +1372,7 @@ impl Billing {
|
||||
}
|
||||
|
||||
async fn fetch_btc_spot_price(&self, currency: &str) -> Result<f64> {
|
||||
fetch_btc_spot_price_from_base(&self.http, &self.btc_quote_api_base, currency).await
|
||||
fetch_btc_spot_price_from_base(&self.http, COINBASE_SPOT_API, currency).await
|
||||
}
|
||||
|
||||
fn currency_minor_exponent(currency: &str) -> Result<u8> {
|
||||
@@ -1101,6 +1416,31 @@ pub async fn fetch_btc_spot_price_from_base(
|
||||
Ok(amount)
|
||||
}
|
||||
|
||||
fn summarize_nwc_error_for_dm(error: &str) -> Option<String> {
|
||||
let normalized = error.split_whitespace().collect::<Vec<_>>().join(" ");
|
||||
if normalized.is_empty() {
|
||||
return None;
|
||||
}
|
||||
|
||||
if normalized.chars().count() <= NWC_ERROR_DM_MAX_CHARS {
|
||||
return Some(normalized);
|
||||
}
|
||||
|
||||
let prefix_len = NWC_ERROR_DM_MAX_CHARS.saturating_sub(3);
|
||||
let mut truncated = normalized.chars().take(prefix_len).collect::<String>();
|
||||
truncated.push_str("...");
|
||||
Some(truncated)
|
||||
}
|
||||
|
||||
fn manual_lightning_payment_dm(nwc_error: Option<&str>) -> String {
|
||||
match nwc_error {
|
||||
Some(error) if !error.is_empty() => {
|
||||
format!("{MANUAL_LIGHTNING_PAYMENT_DM}\n\n{NWC_ERROR_DM_PREFIX} {error}")
|
||||
}
|
||||
_ => MANUAL_LIGHTNING_PAYMENT_DM.to_string(),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn fiat_minor_to_msats_from_quote(
|
||||
amount_due_minor: i64,
|
||||
currency: &str,
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
use anyhow::{Result, anyhow};
|
||||
use nostr_sdk::prelude::*;
|
||||
|
||||
pub fn encrypt(plaintext: &str) -> Result<String> {
|
||||
let keys = load_key()?;
|
||||
nip44::encrypt(
|
||||
keys.secret_key(),
|
||||
&keys.public_key(),
|
||||
plaintext,
|
||||
nip44::Version::V2,
|
||||
)
|
||||
.map_err(|e| anyhow!("encryption failed: {e}"))
|
||||
}
|
||||
|
||||
pub fn decrypt(ciphertext: &str) -> Result<String> {
|
||||
let keys = load_key()?;
|
||||
nip44::decrypt(keys.secret_key(), &keys.public_key(), ciphertext)
|
||||
.map_err(|e| anyhow!("decryption failed: {e}"))
|
||||
}
|
||||
|
||||
fn load_key() -> Result<Keys> {
|
||||
let secret = std::env::var("ENCRYPTION_SECRET")
|
||||
.map_err(|_| anyhow!("missing ENCRYPTION_SECRET environment variable"))?;
|
||||
if secret.trim().is_empty() {
|
||||
return Err(anyhow!("ENCRYPTION_SECRET is empty"));
|
||||
}
|
||||
Keys::parse(&secret).map_err(|e| anyhow!("invalid ENCRYPTION_SECRET: {e}"))
|
||||
}
|
||||
+69
-5
@@ -113,12 +113,12 @@ impl Command {
|
||||
|
||||
sqlx::query(
|
||||
"INSERT INTO relay (
|
||||
id, tenant, schema, subdomain, plan, status, sync_error,
|
||||
id, tenant, schema, subdomain, plan, status, synced, sync_error,
|
||||
info_name, info_icon, info_description,
|
||||
policy_public_join, policy_strip_signatures,
|
||||
groups_enabled, management_enabled, blossom_enabled,
|
||||
livekit_enabled, push_enabled
|
||||
) VALUES (?, ?, ?, ?, ?, 'active', ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
|
||||
) VALUES (?, ?, ?, ?, ?, 'active', 0, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
|
||||
)
|
||||
.bind(&relay.id)
|
||||
.bind(&relay.tenant)
|
||||
@@ -151,7 +151,7 @@ impl Command {
|
||||
|
||||
sqlx::query(
|
||||
"UPDATE relay
|
||||
SET tenant = ?, schema = ?, subdomain = ?, plan = ?, status = ?, sync_error = ?,
|
||||
SET tenant = ?, schema = ?, subdomain = ?, plan = ?, status = ?, sync_error = ?, synced = 0,
|
||||
info_name = ?, info_icon = ?, info_description = ?,
|
||||
policy_public_join = ?, policy_strip_signatures = ?,
|
||||
groups_enabled = ?, management_enabled = ?, blossom_enabled = ?,
|
||||
@@ -203,7 +203,7 @@ impl Command {
|
||||
) -> Result<()> {
|
||||
let mut tx = self.pool.begin().await?;
|
||||
|
||||
sqlx::query("UPDATE relay SET status = ? WHERE id = ?")
|
||||
sqlx::query("UPDATE relay SET status = ?, synced = 0 WHERE id = ?")
|
||||
.bind(status)
|
||||
.bind(relay_id)
|
||||
.execute(&mut *tx)
|
||||
@@ -224,7 +224,7 @@ impl Command {
|
||||
pub async fn fail_relay_sync(&self, relay: &Relay, sync_error: String) -> Result<()> {
|
||||
let mut tx = self.pool.begin().await?;
|
||||
|
||||
sqlx::query("UPDATE relay SET sync_error = ? WHERE id = ?")
|
||||
sqlx::query("UPDATE relay SET synced = 0, sync_error = ? WHERE id = ?")
|
||||
.bind(&sync_error)
|
||||
.bind(&relay.id)
|
||||
.execute(&mut *tx)
|
||||
@@ -313,6 +313,70 @@ impl Command {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn insert_pending_invoice_nwc_payment(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
tenant_pubkey: &str,
|
||||
) -> Result<bool> {
|
||||
let now = chrono::Utc::now().timestamp();
|
||||
let result = sqlx::query(
|
||||
"INSERT INTO invoice_nwc_payment (invoice_id, tenant_pubkey, state, created_at, updated_at)
|
||||
VALUES (?, ?, 'pending', ?, ?)
|
||||
ON CONFLICT(invoice_id) DO NOTHING",
|
||||
)
|
||||
.bind(invoice_id)
|
||||
.bind(tenant_pubkey)
|
||||
.bind(now)
|
||||
.bind(now)
|
||||
.execute(&self.pool)
|
||||
.await?;
|
||||
|
||||
Ok(result.rows_affected() > 0)
|
||||
}
|
||||
|
||||
pub async fn mark_invoice_nwc_payment_paid(&self, invoice_id: &str) -> Result<()> {
|
||||
let now = chrono::Utc::now().timestamp();
|
||||
let result = sqlx::query(
|
||||
"UPDATE invoice_nwc_payment
|
||||
SET state = 'paid', updated_at = ?
|
||||
WHERE invoice_id = ?",
|
||||
)
|
||||
.bind(now)
|
||||
.bind(invoice_id)
|
||||
.execute(&self.pool)
|
||||
.await?;
|
||||
|
||||
if result.rows_affected() == 0 {
|
||||
anyhow::bail!("invoice_nwc_payment row missing for invoice_id: {invoice_id}");
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn insert_manual_lightning_invoice_payment(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
tenant_pubkey: &str,
|
||||
bolt11: &str,
|
||||
) -> Result<bool> {
|
||||
let now = chrono::Utc::now().timestamp();
|
||||
let result = sqlx::query(
|
||||
"INSERT INTO invoice_manual_lightning_payment
|
||||
(invoice_id, tenant_pubkey, bolt11, created_at, updated_at)
|
||||
VALUES (?, ?, ?, ?, ?)
|
||||
ON CONFLICT(invoice_id) DO NOTHING",
|
||||
)
|
||||
.bind(invoice_id)
|
||||
.bind(tenant_pubkey)
|
||||
.bind(bolt11)
|
||||
.bind(now)
|
||||
.bind(now)
|
||||
.execute(&self.pool)
|
||||
.await?;
|
||||
|
||||
Ok(result.rows_affected() > 0)
|
||||
}
|
||||
|
||||
pub async fn set_tenant_past_due(&self, pubkey: &str) -> Result<()> {
|
||||
let now = chrono::Utc::now().timestamp();
|
||||
sqlx::query("UPDATE tenant SET past_due_at = ? WHERE pubkey = ?")
|
||||
|
||||
+31
-7
@@ -53,8 +53,8 @@ impl Infra {
|
||||
pub async fn start(self) {
|
||||
let mut rx = self.command.notify.subscribe();
|
||||
|
||||
if let Err(e) = self.schedule_startup_retries().await {
|
||||
tracing::error!(error = %e, "failed to schedule relay sync retries on startup");
|
||||
if let Err(error) = self.reconcile_relay_state("startup").await {
|
||||
tracing::error!(error = %error, "failed to reconcile relay state on startup");
|
||||
}
|
||||
|
||||
loop {
|
||||
@@ -66,6 +66,10 @@ impl Infra {
|
||||
}
|
||||
Err(tokio::sync::broadcast::error::RecvError::Lagged(n)) => {
|
||||
tracing::warn!(missed = n, "infra lagged");
|
||||
|
||||
if let Err(error) = self.reconcile_relay_state("lagged").await {
|
||||
tracing::error!(error = %error, "failed to reconcile relay state after lag");
|
||||
}
|
||||
}
|
||||
Err(tokio::sync::broadcast::error::RecvError::Closed) => break,
|
||||
}
|
||||
@@ -89,17 +93,28 @@ impl Infra {
|
||||
return Ok(());
|
||||
};
|
||||
|
||||
let is_new = relay.synced == 0;
|
||||
let is_new = self.relay_sync_is_new(&relay).await?;
|
||||
self.sync_and_report(&relay, is_new).await;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn schedule_startup_retries(&self) -> Result<()> {
|
||||
let relays = self.query.list_relays_with_sync_error().await?;
|
||||
async fn reconcile_relay_state(&self, source: &str) -> Result<()> {
|
||||
let relays = self.query.list_relays_pending_sync().await?;
|
||||
|
||||
if relays.is_empty() {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
tracing::info!(source, relay_count = relays.len(), "reconciling pending relay state");
|
||||
|
||||
for relay in relays {
|
||||
self.schedule_relay_sync_retry(&relay.id, "startup").await?;
|
||||
if relay.sync_error.trim().is_empty() {
|
||||
let is_new = self.relay_sync_is_new(&relay).await?;
|
||||
self.sync_and_report(&relay, is_new).await;
|
||||
} else {
|
||||
self.schedule_relay_sync_retry(&relay.id, source).await?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
@@ -151,11 +166,20 @@ impl Infra {
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
let is_new = relay.synced == 0;
|
||||
let is_new = self.relay_sync_is_new(&relay).await?;
|
||||
self.sync_and_report(&relay, is_new).await;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn relay_sync_is_new(&self, relay: &Relay) -> Result<bool> {
|
||||
if relay.synced == 1 {
|
||||
return Ok(false);
|
||||
}
|
||||
|
||||
let has_completed_sync = self.query.relay_has_completed_sync(&relay.id).await?;
|
||||
Ok(!has_completed_sync)
|
||||
}
|
||||
|
||||
async fn sync_and_report(&self, relay: &Relay, is_new: bool) {
|
||||
match self.sync_relay(relay, is_new).await {
|
||||
Ok(()) => {
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
pub mod api;
|
||||
pub mod billing;
|
||||
pub mod cipher;
|
||||
pub mod command;
|
||||
pub mod infra;
|
||||
pub mod models;
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
mod api;
|
||||
mod billing;
|
||||
mod cipher;
|
||||
mod command;
|
||||
mod infra;
|
||||
mod models;
|
||||
|
||||
+41
-2
@@ -94,7 +94,7 @@ impl Query {
|
||||
Ok(rows)
|
||||
}
|
||||
|
||||
pub async fn list_relays_with_sync_error(&self) -> Result<Vec<Relay>> {
|
||||
pub async fn list_relays_pending_sync(&self) -> Result<Vec<Relay>> {
|
||||
let rows = sqlx::query_as::<_, Relay>(
|
||||
"SELECT id, tenant, schema, subdomain, plan, stripe_subscription_item_id,
|
||||
status, sync_error,
|
||||
@@ -103,7 +103,7 @@ impl Query {
|
||||
groups_enabled, management_enabled, blossom_enabled,
|
||||
livekit_enabled, push_enabled, synced
|
||||
FROM relay
|
||||
WHERE TRIM(sync_error) != ''
|
||||
WHERE synced = 0 OR TRIM(sync_error) != ''
|
||||
ORDER BY id",
|
||||
)
|
||||
.fetch_all(&self.pool)
|
||||
@@ -161,6 +161,29 @@ impl Query {
|
||||
Ok(row)
|
||||
}
|
||||
|
||||
pub async fn get_invoice_nwc_payment_state(&self, invoice_id: &str) -> Result<Option<String>> {
|
||||
let state = sqlx::query_scalar::<_, String>(
|
||||
"SELECT state FROM invoice_nwc_payment WHERE invoice_id = ?",
|
||||
)
|
||||
.bind(invoice_id)
|
||||
.fetch_optional(&self.pool)
|
||||
.await?;
|
||||
Ok(state)
|
||||
}
|
||||
|
||||
pub async fn get_invoice_manual_lightning_bolt11(
|
||||
&self,
|
||||
invoice_id: &str,
|
||||
) -> Result<Option<String>> {
|
||||
let bolt11 = sqlx::query_scalar::<_, String>(
|
||||
"SELECT bolt11 FROM invoice_manual_lightning_payment WHERE invoice_id = ?",
|
||||
)
|
||||
.bind(invoice_id)
|
||||
.fetch_optional(&self.pool)
|
||||
.await?;
|
||||
Ok(bolt11)
|
||||
}
|
||||
|
||||
pub async fn has_active_paid_relays(&self, tenant_id: &str) -> Result<bool> {
|
||||
let plans = sqlx::query_scalar::<_, String>(
|
||||
"SELECT plan FROM relay WHERE tenant = ? AND status = 'active'",
|
||||
@@ -184,4 +207,20 @@ impl Query {
|
||||
.await?;
|
||||
Ok(rows)
|
||||
}
|
||||
|
||||
pub async fn relay_has_completed_sync(&self, relay_id: &str) -> Result<bool> {
|
||||
let found = sqlx::query_scalar::<_, i64>(
|
||||
"SELECT 1
|
||||
FROM activity
|
||||
WHERE resource_type = 'relay'
|
||||
AND resource_id = ?
|
||||
AND activity_type = 'complete_relay_sync'
|
||||
LIMIT 1",
|
||||
)
|
||||
.bind(relay_id)
|
||||
.fetch_optional(&self.pool)
|
||||
.await?;
|
||||
|
||||
Ok(found.is_some())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -160,6 +160,25 @@ impl Robot {
|
||||
Ok(relays)
|
||||
}
|
||||
|
||||
pub async fn fetch_nostr_name(&self, pubkey: &str) -> Option<String> {
|
||||
let pubkey = PublicKey::parse(pubkey).ok()?;
|
||||
let filter = Filter::new().author(pubkey).kind(Kind::Metadata).limit(1);
|
||||
let events = self
|
||||
.indexer_client
|
||||
.fetch_events(filter, Duration::from_secs(5))
|
||||
.await
|
||||
.ok()?;
|
||||
let event = events.into_iter().max_by_key(|e| e.created_at)?;
|
||||
let content: serde_json::Value = serde_json::from_str(&event.content).ok()?;
|
||||
let name = content
|
||||
.get("display_name")
|
||||
.or_else(|| content.get("name"))
|
||||
.and_then(|v| v.as_str())
|
||||
.map(|s| s.trim().to_string())
|
||||
.filter(|s| !s.is_empty())?;
|
||||
Some(name)
|
||||
}
|
||||
|
||||
async fn fetch_messaging_relays_from_outbox(
|
||||
&self,
|
||||
recipient: &str,
|
||||
|
||||
@@ -40,7 +40,7 @@ export default function PaymentSetup(props: PaymentSetupProps) {
|
||||
setRedirecting(true)
|
||||
setError("")
|
||||
try {
|
||||
const { url } = await createPortalSession(account()!.pubkey)
|
||||
const { url } = await createPortalSession(account()!.pubkey, window.location.href)
|
||||
window.location.href = url
|
||||
} catch (e) {
|
||||
setError(e instanceof Error ? e.message : "Failed to open billing portal")
|
||||
|
||||
@@ -253,8 +253,9 @@ export function reactivateRelay(id: string) {
|
||||
return callApi<undefined, void>("POST", `/relays/${id}/reactivate`)
|
||||
}
|
||||
|
||||
export function createPortalSession(pubkey: string) {
|
||||
return callApi<undefined, { url: string }>("GET", `/tenants/${pubkey}/stripe/session`)
|
||||
export function createPortalSession(pubkey: string, returnUrl?: string) {
|
||||
const query = returnUrl ? `?return_url=${encodeURIComponent(returnUrl)}` : ""
|
||||
return callApi<undefined, { url: string }>("GET", `/tenants/${pubkey}/stripe/session${query}`)
|
||||
}
|
||||
|
||||
export function getInvoiceBolt11(invoiceId: string) {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import { createSignal } from "solid-js"
|
||||
import { updateRelayById, deactivateRelayById, reactivateRelayById, getLatestOpenInvoice, type Relay } from "@/lib/hooks"
|
||||
import { updateRelayById, deactivateRelayById, reactivateRelayById, getLatestOpenInvoice, tenantNeedsPaymentSetup, type Relay } from "@/lib/hooks"
|
||||
import { setToastMessage } from "@/components/Toast"
|
||||
import type { Invoice, PlanId } from "@/lib/api"
|
||||
|
||||
@@ -31,6 +31,7 @@ export default function useRelayToggles(
|
||||
) {
|
||||
const [busy, setBusy] = createSignal(false)
|
||||
const [pendingInvoice, setPendingInvoice] = createSignal<Invoice | undefined>()
|
||||
const [pendingPaymentSetup, setPendingPaymentSetup] = createSignal(false)
|
||||
|
||||
async function updateRelay(next: Relay, previous: Relay) {
|
||||
mutate(next)
|
||||
@@ -101,8 +102,12 @@ export default function useRelayToggles(
|
||||
}
|
||||
|
||||
if (plan !== "free") {
|
||||
const invoice = await getLatestOpenInvoice()
|
||||
if (invoice) setPendingInvoice(invoice)
|
||||
const needsSetup = await tenantNeedsPaymentSetup()
|
||||
if (needsSetup) {
|
||||
const invoice = await getLatestOpenInvoice()
|
||||
if (invoice) setPendingInvoice(invoice)
|
||||
setPendingPaymentSetup(true)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -116,5 +121,5 @@ export default function useRelayToggles(
|
||||
onToggleLivekitSupport: () => toggle("livekit_enabled", relay()?.plan !== "free"),
|
||||
}
|
||||
|
||||
return { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice: () => setPendingInvoice(undefined), toggles }
|
||||
return { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice: () => setPendingInvoice(undefined), pendingPaymentSetup, clearPendingPaymentSetup: () => setPendingPaymentSetup(false), toggles }
|
||||
}
|
||||
|
||||
@@ -49,7 +49,7 @@ export default function Account() {
|
||||
async function openPortal() {
|
||||
setPortalLoading(true)
|
||||
try {
|
||||
const { url } = await createPortalSession(account()!.pubkey)
|
||||
const { url } = await createPortalSession(account()!.pubkey, window.location.href)
|
||||
window.location.href = url
|
||||
} catch (e) {
|
||||
setError(e instanceof Error ? e.message : "Failed to open billing portal")
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
import { useParams } from "@solidjs/router"
|
||||
import { createMemo, createResource, createSignal, Show } from "solid-js"
|
||||
import { createEffect, createMemo, createResource, createSignal, Show } from "solid-js"
|
||||
import BackLink from "@/components/BackLink"
|
||||
import PageContainer from "@/components/PageContainer"
|
||||
import PaymentDialog from "@/components/PaymentDialog"
|
||||
@@ -28,13 +28,20 @@ export default function RelayDetail() {
|
||||
})
|
||||
const loading = useMinLoading(() => relay.loading && !relay())
|
||||
const [activity] = useRelayActivity(relayId)
|
||||
const { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice, toggles } = useRelayToggles(relayId, relay, { refetch, mutate })
|
||||
const { busy, handleDeactivate, handleReactivate, handleUpdatePlan, pendingInvoice, clearPendingInvoice, pendingPaymentSetup, clearPendingPaymentSetup, toggles } = useRelayToggles(relayId, relay, { refetch, mutate })
|
||||
|
||||
const [tenant, { refetch: refetchTenant }] = useTenant()
|
||||
const [paymentSetupOpen, setPaymentSetupOpen] = createSignal(false)
|
||||
const [invoiceDialogOpen, setInvoiceDialogOpen] = createSignal(false)
|
||||
const [paymentBannerDismissed, setPaymentBannerDismissed] = createSignal(false)
|
||||
|
||||
createEffect(() => {
|
||||
if (pendingPaymentSetup() && !pendingInvoice()) {
|
||||
setPaymentSetupOpen(true)
|
||||
clearPendingPaymentSetup()
|
||||
}
|
||||
})
|
||||
|
||||
const isPaidRelay = createMemo(() => {
|
||||
const r = relay()
|
||||
if (!r) return false
|
||||
|
||||
@@ -3,13 +3,15 @@ import { useNavigate } from "@solidjs/router"
|
||||
import BackLink from "@/components/BackLink"
|
||||
import PageContainer from "@/components/PageContainer"
|
||||
import PaymentDialog from "@/components/PaymentDialog"
|
||||
import PaymentSetup from "@/components/PaymentSetup"
|
||||
import RelayForm, { type RelayFormValues } from "@/components/RelayForm"
|
||||
import { createRelayForActiveTenant, getLatestOpenInvoice } from "@/lib/hooks"
|
||||
import { createRelayForActiveTenant, getLatestOpenInvoice, tenantNeedsPaymentSetup } from "@/lib/hooks"
|
||||
import type { Invoice } from "@/lib/api"
|
||||
|
||||
export default function RelayNew() {
|
||||
const navigate = useNavigate()
|
||||
const [pendingInvoice, setPendingInvoice] = createSignal<Invoice | undefined>()
|
||||
const [paymentSetupOpen, setPaymentSetupOpen] = createSignal(false)
|
||||
let createdRelayId = ""
|
||||
|
||||
async function handleSubmit(values: RelayFormValues) {
|
||||
@@ -17,9 +19,14 @@ export default function RelayNew() {
|
||||
createdRelayId = relay.id
|
||||
|
||||
if (values.plan !== "free") {
|
||||
const invoice = await getLatestOpenInvoice()
|
||||
if (invoice) {
|
||||
setPendingInvoice(invoice)
|
||||
const needsSetup = await tenantNeedsPaymentSetup()
|
||||
if (needsSetup) {
|
||||
const invoice = await getLatestOpenInvoice()
|
||||
if (invoice) {
|
||||
setPendingInvoice(invoice)
|
||||
return
|
||||
}
|
||||
setPaymentSetupOpen(true)
|
||||
return
|
||||
}
|
||||
}
|
||||
@@ -27,8 +34,13 @@ export default function RelayNew() {
|
||||
navigate(`/relays/${relay.id}`)
|
||||
}
|
||||
|
||||
function handleDialogClose() {
|
||||
function handleInvoiceClose() {
|
||||
setPendingInvoice(undefined)
|
||||
setPaymentSetupOpen(true)
|
||||
}
|
||||
|
||||
function handleSetupClose() {
|
||||
setPaymentSetupOpen(false)
|
||||
navigate(`/relays/${createdRelayId}`)
|
||||
}
|
||||
|
||||
@@ -47,10 +59,14 @@ export default function RelayNew() {
|
||||
<PaymentDialog
|
||||
invoice={inv()}
|
||||
open={true}
|
||||
onClose={handleDialogClose}
|
||||
onClose={handleInvoiceClose}
|
||||
/>
|
||||
)}
|
||||
</Show>
|
||||
<PaymentSetup
|
||||
open={paymentSetupOpen()}
|
||||
onClose={handleSetupClose}
|
||||
/>
|
||||
</PageContainer>
|
||||
)
|
||||
}
|
||||
|
||||
@@ -5,6 +5,9 @@ dev:
|
||||
cd frontend && bun dev &
|
||||
wait
|
||||
|
||||
dev-backend:
|
||||
cd backend && onchange src -ik -- bash -c 'RUST_LOG=backend=info cargo run'
|
||||
|
||||
dev-frontend:
|
||||
cd frontend && bun run dev
|
||||
|
||||
@@ -27,7 +30,7 @@ build-backend:
|
||||
cd backend && cargo build
|
||||
|
||||
build-frontend:
|
||||
cd frontend && bun run build
|
||||
cd frontend && bun i && bun run build
|
||||
|
||||
fmt: fmt-backend
|
||||
|
||||
|
||||
Reference in New Issue
Block a user