4da6e21126
WHAT WAS DONE: - Created src/routes/stripe.js with 3 endpoints: * POST /stripe/create-checkout-session (dynamic mode: subscription or payment) * POST /stripe/webhook (signature verified, transaction-safe, idempotent) * POST /stripe/create-portal-session (Stripe Customer Portal access) - Updated package.json to add stripe@^14.14.0 dependency - Updated src/index.js to register Stripe routes (webhook BEFORE body parsers - critical!) - Updated .env.example with STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET, BASE_URL WHY: - Eliminates Paymenter dependency (Gemini-approved architecture) - Handles both recurring subscriptions (tiers 2-9) and one-time payments (Awakened, Sovereign) - Webhook processes 8 event types with full transaction safety - Grace period system for failed payments (3-day countdown, auto-downgrade to Awakened) - Chargeback = immediate permanent ban - Idempotency protection via webhook_events_processed table TECHNICAL DETAILS: - Checkout dynamically switches mode based on billing_type (recurring vs one-time) - Webhook uses BEGIN/COMMIT/ROLLBACK for all database operations - Raw body parser for webhook signature verification (must come before express.json()) - Supports Stripe Customer Portal for self-service subscription management - Handles both stripe_subscription_id and stripe_payment_intent_id correctly - Grace period logic excludes lifetime users (is_lifetime = TRUE) FILES CHANGED: - services/arbiter-3.0/src/routes/stripe.js (new, 421 lines) - services/arbiter-3.0/package.json (added stripe dependency) - services/arbiter-3.0/src/index.js (registered stripe routes, webhook ordering) - services/arbiter-3.0/.env.example (added Stripe env vars) NEXT STEPS: - Deploy to Command Center - Add STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET to production .env - Configure Stripe webhook endpoint in Dashboard - Test end-to-end in test mode - Switch to live mode for launch Signed-off-by: Claude (Chronicler #57) <claude@firefrostgaming.com>
861 B
861 B