183 lines
5.2 KiB
JavaScript
183 lines
5.2 KiB
JavaScript
const express = require("express");
|
|
const { authenticateToken } = require("../middleware/auth");
|
|
const { User, Item } = require("../models");
|
|
const StripeService = require("../services/stripeService");
|
|
const router = express.Router();
|
|
|
|
router.post("/create-checkout-session", authenticateToken, async (req, res) => {
|
|
try {
|
|
const { itemName, total, return_url, rentalData } = req.body;
|
|
|
|
if (!itemName) {
|
|
return res.status(400).json({ error: "No item name found" });
|
|
}
|
|
if (total == null || total === undefined) {
|
|
return res.status(400).json({ error: "No total found" });
|
|
}
|
|
if (!return_url) {
|
|
return res.status(400).json({ error: "No return_url found" });
|
|
}
|
|
|
|
// Validate rental data and user authorization
|
|
if (rentalData && rentalData.itemId) {
|
|
const item = await Item.findByPk(rentalData.itemId);
|
|
|
|
if (!item) {
|
|
return res.status(404).json({ error: "Item not found" });
|
|
}
|
|
|
|
if (!item.availability) {
|
|
return res
|
|
.status(400)
|
|
.json({ error: "Item is not available for rent" });
|
|
}
|
|
|
|
// Check if user is trying to rent their own item
|
|
if (item.ownerId === req.user.id) {
|
|
return res.status(400).json({ error: "You cannot rent your own item" });
|
|
}
|
|
}
|
|
|
|
// Prepare metadata - Stripe metadata keys must be strings
|
|
const metadata = rentalData
|
|
? {
|
|
itemId: rentalData.itemId,
|
|
renterId: req.user.id.toString(), // Add authenticated user ID
|
|
startDateTime: rentalData.startDateTime,
|
|
endDateTime: rentalData.endDateTime,
|
|
totalAmount: rentalData.totalAmount.toString(),
|
|
deliveryMethod: rentalData.deliveryMethod,
|
|
}
|
|
: { renterId: req.user.id.toString() };
|
|
|
|
const session = await StripeService.createCheckoutSession({
|
|
item_name: itemName,
|
|
total: total,
|
|
return_url: return_url,
|
|
metadata: metadata,
|
|
});
|
|
|
|
res.json({ clientSecret: session.client_secret });
|
|
} catch (error) {
|
|
console.error("Error creating checkout session:", error);
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Get checkout session status
|
|
router.get("/checkout-session/:sessionId", async (req, res) => {
|
|
try {
|
|
const { sessionId } = req.params;
|
|
|
|
const session = await StripeService.getCheckoutSession(sessionId);
|
|
|
|
res.json({
|
|
status: session.status,
|
|
payment_status: session.payment_status,
|
|
customer_email: session.customer_details?.email,
|
|
metadata: session.metadata,
|
|
});
|
|
} catch (error) {
|
|
console.error("Error retrieving checkout session:", error);
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Create connected account
|
|
router.post("/accounts", authenticateToken, async (req, res) => {
|
|
try {
|
|
const user = await User.findByPk(req.user.id);
|
|
|
|
if (!user) {
|
|
return res.status(404).json({ error: "User not found" });
|
|
}
|
|
|
|
// Check if user already has a connected account
|
|
if (user.stripeConnectedAccountId) {
|
|
return res
|
|
.status(400)
|
|
.json({ error: "User already has a connected account" });
|
|
}
|
|
|
|
// Create connected account
|
|
const account = await StripeService.createConnectedAccount({
|
|
email: user.email,
|
|
country: "US", // You may want to make this configurable
|
|
});
|
|
|
|
// Update user with account ID
|
|
await user.update({
|
|
stripeConnectedAccountId: account.id,
|
|
});
|
|
|
|
res.json({
|
|
stripeConnectedAccountId: account.id,
|
|
success: true,
|
|
});
|
|
} catch (error) {
|
|
console.error("Error creating connected account:", error);
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Generate onboarding link
|
|
router.post("/account-links", authenticateToken, async (req, res) => {
|
|
try {
|
|
const user = await User.findByPk(req.user.id);
|
|
|
|
if (!user || !user.stripeConnectedAccountId) {
|
|
return res.status(400).json({ error: "No connected account found" });
|
|
}
|
|
|
|
const { refreshUrl, returnUrl } = req.body;
|
|
|
|
if (!refreshUrl || !returnUrl) {
|
|
return res
|
|
.status(400)
|
|
.json({ error: "refreshUrl and returnUrl are required" });
|
|
}
|
|
|
|
const accountLink = await StripeService.createAccountLink(
|
|
user.stripeConnectedAccountId,
|
|
refreshUrl,
|
|
returnUrl
|
|
);
|
|
|
|
res.json({
|
|
url: accountLink.url,
|
|
expiresAt: accountLink.expires_at,
|
|
});
|
|
} catch (error) {
|
|
console.error("Error creating account link:", error);
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
// Get account status
|
|
router.get("/account-status", authenticateToken, async (req, res) => {
|
|
try {
|
|
const user = await User.findByPk(req.user.id);
|
|
|
|
if (!user || !user.stripeConnectedAccountId) {
|
|
return res.status(400).json({ error: "No connected account found" });
|
|
}
|
|
|
|
const accountStatus = await StripeService.getAccountStatus(
|
|
user.stripeConnectedAccountId
|
|
);
|
|
|
|
res.json({
|
|
accountId: accountStatus.id,
|
|
detailsSubmitted: accountStatus.details_submitted,
|
|
payoutsEnabled: accountStatus.payouts_enabled,
|
|
capabilities: accountStatus.capabilities,
|
|
requirements: accountStatus.requirements,
|
|
});
|
|
} catch (error) {
|
|
console.error("Error getting account status:", error);
|
|
res.status(500).json({ error: error.message });
|
|
}
|
|
});
|
|
|
|
module.exports = router;
|