Module: BetterAuth::Stripe::Middleware

Defined in:

lib/better_auth/stripe/middleware.rb

Class Method Summary

• .authorize_reference!(ctx, session, reference_id, action, customer_type, subscription_options, explicit: false) ⇒ Object
• .customer_type!(source) ⇒ Object
• .reference_by_customer(ctx, config, customer_id) ⇒ Object
• .reference_id!(_ctx, session, customer_type, explicit_reference_id, config) ⇒ Object

Class Method Details

.authorize_reference!(ctx, session, reference_id, action, customer_type, subscription_options, explicit: false) ⇒ Object

Raises:

• (APIError)

# File 'lib/better_auth/stripe/middleware.rb', line 18

def authorize_reference!(ctx, session, reference_id, action, customer_type, subscription_options, explicit: false)
  callback = subscription_options[:authorize_reference]
  if customer_type == "organization"
    raise APIError.new("BAD_REQUEST", message: BetterAuth::Stripe::ERROR_CODES.fetch("AUTHORIZE_REFERENCE_REQUIRED")) unless callback
  elsif !explicit || reference_id == session.fetch(:user).fetch("id")
    return
  elsif !callback
    raise APIError.new("BAD_REQUEST", message: BetterAuth::Stripe::ERROR_CODES.fetch("REFERENCE_ID_NOT_ALLOWED"))
  end

  allowed = callback.call({user: session.fetch(:user), session: session.fetch(:session), referenceId: reference_id, reference_id: reference_id, action: action}, ctx)
  raise APIError.new("UNAUTHORIZED", message: BetterAuth::Stripe::ERROR_CODES.fetch("UNAUTHORIZED")) unless allowed
end

.customer_type!(source) ⇒ Object

Raises:

• (APIError)

# File 'lib/better_auth/stripe/middleware.rb', line 32

def customer_type!(source)
  body = BetterAuth::Plugins.normalize_hash(source || {})
  customer_type = (body[:customer_type] || "user").to_s
  raise APIError.new("BAD_REQUEST", message: BetterAuth::Stripe::ERROR_CODES.fetch("INVALID_CUSTOMER_TYPE")) unless BetterAuth::Stripe::Types::CUSTOMER_TYPES.include?(customer_type)

  customer_type
end

.reference_by_customer(ctx, config, customer_id) ⇒ Object

# File 'lib/better_auth/stripe/middleware.rb', line 40

def reference_by_customer(ctx, config, customer_id)
  if config.dig(:organization, :enabled)
    org = ctx.context.adapter.find_one(model: "organization", where: [{field: "stripeCustomerId", value: customer_id}])
    return {customer_type: "organization", reference_id: org.fetch("id")} if org
  end
  user = ctx.context.adapter.find_one(model: "user", where: [{field: "stripeCustomerId", value: customer_id}])
  return {customer_type: "user", reference_id: user.fetch("id")} if user

  nil
end

.reference_id!(_ctx, session, customer_type, explicit_reference_id, config) ⇒ Object

Raises:

• (APIError)

# File 'lib/better_auth/stripe/middleware.rb', line 8

def reference_id!(_ctx, session, customer_type, explicit_reference_id, config)
  return explicit_reference_id || session.fetch(:user).fetch("id") unless customer_type == "organization"
  raise APIError.new("BAD_REQUEST", message: BetterAuth::Stripe::ERROR_CODES.fetch("ORGANIZATION_SUBSCRIPTION_NOT_ENABLED")) unless config.dig(:organization, :enabled)

  reference_id = explicit_reference_id || session.fetch(:session)["activeOrganizationId"]
  raise APIError.new("BAD_REQUEST", message: BetterAuth::Stripe::ERROR_CODES.fetch("ORGANIZATION_REFERENCE_ID_REQUIRED")) if reference_id.to_s.empty?

  reference_id
end