2023-02-25 03:57:49 +00:00
|
|
|
import { BookingStatus } from "@prisma/client";
|
|
|
|
import type { Prisma } from "@prisma/client";
|
2021-09-22 18:36:13 +00:00
|
|
|
import { buffer } from "micro";
|
|
|
|
import type { NextApiRequest, NextApiResponse } from "next";
|
2023-02-25 03:57:49 +00:00
|
|
|
import type Stripe from "stripe";
|
2021-09-22 19:52:38 +00:00
|
|
|
|
2022-07-28 19:58:26 +00:00
|
|
|
import stripe from "@calcom/app-store/stripepayment/lib/server";
|
2022-03-23 22:00:30 +00:00
|
|
|
import EventManager from "@calcom/core/EventManager";
|
2023-04-11 21:44:14 +00:00
|
|
|
import { sendScheduledEmails, sendOrganizerRequestEmail, sendAttendeeRequestEmail } from "@calcom/emails";
|
2023-04-04 04:59:09 +00:00
|
|
|
import { getCalEventResponses } from "@calcom/features/bookings/lib/getCalEventResponses";
|
2023-02-25 03:57:49 +00:00
|
|
|
import { handleConfirmation } from "@calcom/features/bookings/lib/handleConfirmation";
|
2022-06-10 00:32:34 +00:00
|
|
|
import { isPrismaObjOrUndefined, parseRecurringEvent } from "@calcom/lib";
|
2022-11-10 20:23:56 +00:00
|
|
|
import { IS_PRODUCTION } from "@calcom/lib/constants";
|
2022-03-16 23:36:43 +00:00
|
|
|
import { getErrorFromUnknown } from "@calcom/lib/errors";
|
2022-11-10 20:23:56 +00:00
|
|
|
import { HttpError as HttpCode } from "@calcom/lib/http-error";
|
|
|
|
import { getTranslation } from "@calcom/lib/server/i18n";
|
2022-05-18 21:05:49 +00:00
|
|
|
import prisma, { bookingMinimalSelect } from "@calcom/prisma";
|
2022-07-28 19:58:26 +00:00
|
|
|
import type { CalendarEvent } from "@calcom/types/Calendar";
|
2021-09-22 19:52:38 +00:00
|
|
|
|
2021-09-22 18:36:13 +00:00
|
|
|
export const config = {
|
|
|
|
api: {
|
|
|
|
bodyParser: false,
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2023-02-25 03:57:49 +00:00
|
|
|
async function getEventType(id: number) {
|
|
|
|
return prisma.eventType.findUnique({
|
|
|
|
where: {
|
|
|
|
id,
|
|
|
|
},
|
|
|
|
select: {
|
|
|
|
recurringEvent: true,
|
|
|
|
requiresConfirmation: true,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2023-04-11 21:44:14 +00:00
|
|
|
async function getBooking(bookingId: number) {
|
|
|
|
const booking = await prisma.booking.findUnique({
|
|
|
|
where: {
|
|
|
|
id: bookingId,
|
|
|
|
},
|
|
|
|
select: {
|
|
|
|
...bookingMinimalSelect,
|
|
|
|
eventType: true,
|
|
|
|
smsReminderNumber: true,
|
|
|
|
location: true,
|
|
|
|
eventTypeId: true,
|
|
|
|
userId: true,
|
|
|
|
uid: true,
|
|
|
|
paid: true,
|
|
|
|
destinationCalendar: true,
|
|
|
|
status: true,
|
|
|
|
user: {
|
|
|
|
select: {
|
|
|
|
id: true,
|
|
|
|
username: true,
|
|
|
|
timeZone: true,
|
|
|
|
email: true,
|
|
|
|
name: true,
|
|
|
|
locale: true,
|
|
|
|
destinationCalendar: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
if (!booking) throw new HttpCode({ statusCode: 204, message: "No booking found" });
|
|
|
|
|
|
|
|
type EventTypeRaw = Awaited<ReturnType<typeof getEventType>>;
|
|
|
|
let eventTypeRaw: EventTypeRaw | null = null;
|
|
|
|
if (booking.eventTypeId) {
|
|
|
|
eventTypeRaw = await getEventType(booking.eventTypeId);
|
|
|
|
}
|
|
|
|
|
|
|
|
const { user } = booking;
|
|
|
|
|
|
|
|
if (!user) throw new HttpCode({ statusCode: 204, message: "No user found" });
|
|
|
|
|
|
|
|
const t = await getTranslation(user.locale ?? "en", "common");
|
|
|
|
const attendeesListPromises = booking.attendees.map(async (attendee) => {
|
|
|
|
return {
|
|
|
|
name: attendee.name,
|
|
|
|
email: attendee.email,
|
|
|
|
timeZone: attendee.timeZone,
|
|
|
|
language: {
|
|
|
|
translate: await getTranslation(attendee.locale ?? "en", "common"),
|
|
|
|
locale: attendee.locale ?? "en",
|
|
|
|
},
|
|
|
|
};
|
|
|
|
});
|
|
|
|
|
|
|
|
const attendeesList = await Promise.all(attendeesListPromises);
|
|
|
|
|
|
|
|
const evt: CalendarEvent = {
|
|
|
|
type: booking.title,
|
|
|
|
title: booking.title,
|
|
|
|
description: booking.description || undefined,
|
|
|
|
startTime: booking.startTime.toISOString(),
|
|
|
|
endTime: booking.endTime.toISOString(),
|
|
|
|
customInputs: isPrismaObjOrUndefined(booking.customInputs),
|
|
|
|
organizer: {
|
|
|
|
email: user.email,
|
|
|
|
name: user.name!,
|
|
|
|
timeZone: user.timeZone,
|
|
|
|
language: { translate: t, locale: user.locale ?? "en" },
|
|
|
|
id: user.id,
|
|
|
|
},
|
|
|
|
attendees: attendeesList,
|
|
|
|
uid: booking.uid,
|
|
|
|
destinationCalendar: booking.destinationCalendar || user.destinationCalendar,
|
|
|
|
recurringEvent: parseRecurringEvent(eventTypeRaw?.recurringEvent),
|
|
|
|
};
|
|
|
|
|
|
|
|
return {
|
|
|
|
booking,
|
|
|
|
user,
|
|
|
|
evt,
|
|
|
|
eventTypeRaw,
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2021-09-22 18:36:13 +00:00
|
|
|
async function handlePaymentSuccess(event: Stripe.Event) {
|
|
|
|
const paymentIntent = event.data.object as Stripe.PaymentIntent;
|
2022-04-04 20:39:59 +00:00
|
|
|
const payment = await prisma.payment.findFirst({
|
2021-09-22 18:36:13 +00:00
|
|
|
where: {
|
|
|
|
externalId: paymentIntent.id,
|
|
|
|
},
|
|
|
|
select: {
|
2022-04-04 20:39:59 +00:00
|
|
|
id: true,
|
2021-09-22 18:36:13 +00:00
|
|
|
bookingId: true,
|
2022-04-04 20:39:59 +00:00
|
|
|
},
|
|
|
|
});
|
2022-04-23 18:45:46 +00:00
|
|
|
if (!payment?.bookingId) {
|
2022-04-26 11:15:57 +00:00
|
|
|
console.log(JSON.stringify(paymentIntent), JSON.stringify(payment));
|
2022-04-23 18:45:46 +00:00
|
|
|
}
|
2022-06-16 21:55:47 +00:00
|
|
|
if (!payment?.bookingId) throw new HttpCode({ statusCode: 204, message: "Payment not found" });
|
2022-04-04 20:39:59 +00:00
|
|
|
|
|
|
|
const booking = await prisma.booking.findUnique({
|
|
|
|
where: {
|
|
|
|
id: payment.bookingId,
|
|
|
|
},
|
|
|
|
select: {
|
2022-05-18 21:05:49 +00:00
|
|
|
...bookingMinimalSelect,
|
2023-02-25 03:57:49 +00:00
|
|
|
eventType: true,
|
|
|
|
smsReminderNumber: true,
|
2022-04-04 20:39:59 +00:00
|
|
|
location: true,
|
2022-05-05 21:16:25 +00:00
|
|
|
eventTypeId: true,
|
2022-04-04 20:39:59 +00:00
|
|
|
userId: true,
|
|
|
|
uid: true,
|
|
|
|
paid: true,
|
|
|
|
destinationCalendar: true,
|
2022-06-06 16:54:47 +00:00
|
|
|
status: true,
|
2023-04-04 04:59:09 +00:00
|
|
|
responses: true,
|
2022-04-04 20:39:59 +00:00
|
|
|
user: {
|
2021-09-22 18:36:13 +00:00
|
|
|
select: {
|
|
|
|
id: true,
|
2023-02-25 03:57:49 +00:00
|
|
|
username: true,
|
2022-04-04 20:39:59 +00:00
|
|
|
credentials: true,
|
|
|
|
timeZone: true,
|
|
|
|
email: true,
|
|
|
|
name: true,
|
|
|
|
locale: true,
|
2022-01-21 21:35:31 +00:00
|
|
|
destinationCalendar: true,
|
2021-09-22 18:36:13 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
2022-06-16 21:55:47 +00:00
|
|
|
if (!booking) throw new HttpCode({ statusCode: 204, message: "No booking found" });
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2023-02-25 03:57:49 +00:00
|
|
|
type EventTypeRaw = Awaited<ReturnType<typeof getEventType>>;
|
2022-05-05 21:16:25 +00:00
|
|
|
let eventTypeRaw: EventTypeRaw | null = null;
|
|
|
|
if (booking.eventTypeId) {
|
2023-02-25 03:57:49 +00:00
|
|
|
eventTypeRaw = await getEventType(booking.eventTypeId);
|
2022-05-05 21:16:25 +00:00
|
|
|
}
|
|
|
|
|
2023-04-20 15:55:19 +00:00
|
|
|
const { user: userWithCredentials } = booking;
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2023-04-20 15:55:19 +00:00
|
|
|
if (!userWithCredentials) throw new HttpCode({ statusCode: 204, message: "No user found" });
|
|
|
|
|
|
|
|
const { credentials, ...user } = userWithCredentials;
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2021-10-28 22:58:26 +00:00
|
|
|
const t = await getTranslation(user.locale ?? "en", "common");
|
2022-01-27 20:32:53 +00:00
|
|
|
const attendeesListPromises = booking.attendees.map(async (attendee) => {
|
|
|
|
return {
|
|
|
|
name: attendee.name,
|
|
|
|
email: attendee.email,
|
|
|
|
timeZone: attendee.timeZone,
|
|
|
|
language: {
|
|
|
|
translate: await getTranslation(attendee.locale ?? "en", "common"),
|
|
|
|
locale: attendee.locale ?? "en",
|
|
|
|
},
|
|
|
|
};
|
|
|
|
});
|
2021-10-26 16:17:24 +00:00
|
|
|
|
2022-01-27 20:32:53 +00:00
|
|
|
const attendeesList = await Promise.all(attendeesListPromises);
|
|
|
|
|
|
|
|
const evt: CalendarEvent = {
|
2021-09-22 18:36:13 +00:00
|
|
|
type: booking.title,
|
|
|
|
title: booking.title,
|
|
|
|
description: booking.description || undefined,
|
|
|
|
startTime: booking.startTime.toISOString(),
|
|
|
|
endTime: booking.endTime.toISOString(),
|
2022-05-18 21:05:49 +00:00
|
|
|
customInputs: isPrismaObjOrUndefined(booking.customInputs),
|
2023-04-04 04:59:09 +00:00
|
|
|
...getCalEventResponses({
|
|
|
|
booking: booking,
|
|
|
|
bookingFields: booking.eventType?.bookingFields || null,
|
|
|
|
}),
|
2022-01-27 20:32:53 +00:00
|
|
|
organizer: {
|
2022-05-18 21:05:49 +00:00
|
|
|
email: user.email,
|
2022-01-27 20:32:53 +00:00
|
|
|
name: user.name!,
|
|
|
|
timeZone: user.timeZone,
|
|
|
|
language: { translate: t, locale: user.locale ?? "en" },
|
|
|
|
},
|
|
|
|
attendees: attendeesList,
|
2021-10-26 16:17:24 +00:00
|
|
|
uid: booking.uid,
|
2022-01-21 21:35:31 +00:00
|
|
|
destinationCalendar: booking.destinationCalendar || user.destinationCalendar,
|
2022-06-10 00:32:34 +00:00
|
|
|
recurringEvent: parseRecurringEvent(eventTypeRaw?.recurringEvent),
|
2021-09-22 18:36:13 +00:00
|
|
|
};
|
2021-10-28 22:58:26 +00:00
|
|
|
|
2021-09-22 18:36:13 +00:00
|
|
|
if (booking.location) evt.location = booking.location;
|
|
|
|
|
2022-05-18 16:05:25 +00:00
|
|
|
const bookingData: Prisma.BookingUpdateInput = {
|
2022-04-04 20:39:59 +00:00
|
|
|
paid: true,
|
2022-06-06 16:54:47 +00:00
|
|
|
status: BookingStatus.ACCEPTED,
|
2022-04-04 20:39:59 +00:00
|
|
|
};
|
|
|
|
|
2022-06-06 16:54:47 +00:00
|
|
|
const isConfirmed = booking.status === BookingStatus.ACCEPTED;
|
|
|
|
if (isConfirmed) {
|
2023-04-20 15:55:19 +00:00
|
|
|
const eventManager = new EventManager(userWithCredentials);
|
2021-10-26 16:17:24 +00:00
|
|
|
const scheduleResult = await eventManager.create(evt);
|
2022-04-04 20:39:59 +00:00
|
|
|
bookingData.references = { create: scheduleResult.referencesToCreate };
|
2021-09-22 18:36:13 +00:00
|
|
|
}
|
2021-12-17 16:58:23 +00:00
|
|
|
|
2022-11-29 18:28:02 +00:00
|
|
|
if (eventTypeRaw?.requiresConfirmation) {
|
|
|
|
delete bookingData.status;
|
|
|
|
}
|
|
|
|
|
2022-04-04 20:39:59 +00:00
|
|
|
const paymentUpdate = prisma.payment.update({
|
|
|
|
where: {
|
|
|
|
id: payment.id,
|
|
|
|
},
|
|
|
|
data: {
|
|
|
|
success: true,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
const bookingUpdate = prisma.booking.update({
|
|
|
|
where: {
|
|
|
|
id: booking.id,
|
|
|
|
},
|
|
|
|
data: bookingData,
|
|
|
|
});
|
|
|
|
|
|
|
|
await prisma.$transaction([paymentUpdate, bookingUpdate]);
|
|
|
|
|
2023-02-25 03:57:49 +00:00
|
|
|
if (!isConfirmed && !eventTypeRaw?.requiresConfirmation) {
|
2023-04-20 15:55:19 +00:00
|
|
|
await handleConfirmation({
|
|
|
|
user: userWithCredentials,
|
|
|
|
evt,
|
|
|
|
prisma,
|
|
|
|
bookingId: booking.id,
|
|
|
|
booking,
|
|
|
|
paid: true,
|
|
|
|
});
|
2023-02-25 03:57:49 +00:00
|
|
|
} else {
|
|
|
|
await sendScheduledEmails({ ...evt });
|
|
|
|
}
|
2022-04-02 14:30:07 +00:00
|
|
|
|
2021-12-17 16:58:23 +00:00
|
|
|
throw new HttpCode({
|
|
|
|
statusCode: 200,
|
|
|
|
message: `Booking with id '${booking.id}' was paid and confirmed.`,
|
|
|
|
});
|
2021-09-22 18:36:13 +00:00
|
|
|
}
|
|
|
|
|
2023-04-11 21:44:14 +00:00
|
|
|
const handleSetupSuccess = async (event: Stripe.Event) => {
|
|
|
|
const setupIntent = event.data.object as Stripe.SetupIntent;
|
|
|
|
const payment = await prisma.payment.findFirst({
|
|
|
|
where: {
|
|
|
|
externalId: setupIntent.id,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
if (!payment?.data || !payment?.id) throw new HttpCode({ statusCode: 204, message: "Payment not found" });
|
|
|
|
|
2023-04-20 15:55:19 +00:00
|
|
|
const { user, evt, eventTypeRaw } = await getBooking(payment.bookingId);
|
2023-04-11 21:44:14 +00:00
|
|
|
|
|
|
|
const bookingData: Prisma.BookingUpdateInput = {
|
|
|
|
paid: true,
|
|
|
|
};
|
|
|
|
|
2023-04-20 15:55:19 +00:00
|
|
|
const userWithCredentials = await prisma.user.findUnique({
|
|
|
|
where: {
|
|
|
|
id: user.id,
|
|
|
|
},
|
|
|
|
select: {
|
|
|
|
id: true,
|
|
|
|
username: true,
|
|
|
|
timeZone: true,
|
|
|
|
email: true,
|
|
|
|
name: true,
|
|
|
|
locale: true,
|
|
|
|
destinationCalendar: true,
|
|
|
|
credentials: true,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
if (!userWithCredentials) throw new HttpCode({ statusCode: 204, message: "No user found" });
|
|
|
|
|
2023-04-11 21:44:14 +00:00
|
|
|
if (!eventTypeRaw?.requiresConfirmation) {
|
2023-04-20 15:55:19 +00:00
|
|
|
const eventManager = new EventManager(userWithCredentials);
|
2023-04-11 21:44:14 +00:00
|
|
|
const scheduleResult = await eventManager.create(evt);
|
|
|
|
bookingData.references = { create: scheduleResult.referencesToCreate };
|
|
|
|
bookingData.status = BookingStatus.ACCEPTED;
|
|
|
|
}
|
|
|
|
|
|
|
|
await prisma.payment.update({
|
|
|
|
where: {
|
|
|
|
id: payment.id,
|
|
|
|
},
|
|
|
|
data: {
|
|
|
|
data: {
|
|
|
|
...(payment.data as Prisma.JsonObject),
|
|
|
|
setupIntent: setupIntent as unknown as Prisma.JsonObject,
|
|
|
|
},
|
|
|
|
booking: {
|
|
|
|
update: {
|
|
|
|
...bookingData,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
// If the card information was already captured in the same customer. Delete the previous payment method
|
|
|
|
|
|
|
|
if (!eventTypeRaw?.requiresConfirmation) {
|
|
|
|
await sendScheduledEmails({ ...evt });
|
|
|
|
} else {
|
|
|
|
await sendOrganizerRequestEmail({ ...evt });
|
|
|
|
await sendAttendeeRequestEmail({ ...evt }, evt.attendees[0]);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2021-09-28 13:00:19 +00:00
|
|
|
type WebhookHandler = (event: Stripe.Event) => Promise<void>;
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2021-09-28 13:00:19 +00:00
|
|
|
const webhookHandlers: Record<string, WebhookHandler | undefined> = {
|
|
|
|
"payment_intent.succeeded": handlePaymentSuccess,
|
2023-04-11 21:44:14 +00:00
|
|
|
"setup_intent.succeeded": handleSetupSuccess,
|
2021-09-28 13:00:19 +00:00
|
|
|
};
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2022-03-23 22:00:30 +00:00
|
|
|
/**
|
|
|
|
* @deprecated
|
|
|
|
* We need to create a PaymentManager in `@calcom/core`
|
|
|
|
* to prevent circular dependencies on App Store migration
|
|
|
|
*/
|
2021-09-28 13:00:19 +00:00
|
|
|
export default async function handler(req: NextApiRequest, res: NextApiResponse) {
|
2021-09-22 18:36:13 +00:00
|
|
|
try {
|
2021-09-28 13:00:19 +00:00
|
|
|
if (req.method !== "POST") {
|
2021-12-17 16:58:23 +00:00
|
|
|
throw new HttpCode({ statusCode: 405, message: "Method Not Allowed" });
|
2021-09-28 13:00:19 +00:00
|
|
|
}
|
|
|
|
const sig = req.headers["stripe-signature"];
|
|
|
|
if (!sig) {
|
2021-12-17 16:58:23 +00:00
|
|
|
throw new HttpCode({ statusCode: 400, message: "Missing stripe-signature" });
|
2021-09-28 13:00:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!process.env.STRIPE_WEBHOOK_SECRET) {
|
2021-12-17 16:58:23 +00:00
|
|
|
throw new HttpCode({ statusCode: 500, message: "Missing process.env.STRIPE_WEBHOOK_SECRET" });
|
2021-09-28 13:00:19 +00:00
|
|
|
}
|
|
|
|
const requestBuffer = await buffer(req);
|
|
|
|
const payload = requestBuffer.toString();
|
|
|
|
|
|
|
|
const event = stripe.webhooks.constructEvent(payload, sig, process.env.STRIPE_WEBHOOK_SECRET);
|
2021-09-22 18:36:13 +00:00
|
|
|
|
2022-06-16 21:55:47 +00:00
|
|
|
if (!event.account) {
|
|
|
|
throw new HttpCode({ statusCode: 202, message: "Incoming connected account" });
|
|
|
|
}
|
|
|
|
|
2021-09-28 13:00:19 +00:00
|
|
|
const handler = webhookHandlers[event.type];
|
|
|
|
if (handler) {
|
|
|
|
await handler(event);
|
2021-09-22 18:36:13 +00:00
|
|
|
} else {
|
2021-11-30 23:50:49 +00:00
|
|
|
/** Not really an error, just letting Stripe know that the webhook was received but unhandled */
|
2021-12-17 16:58:23 +00:00
|
|
|
throw new HttpCode({
|
2021-11-30 23:50:49 +00:00
|
|
|
statusCode: 202,
|
|
|
|
message: `Unhandled Stripe Webhook event type ${event.type}`,
|
|
|
|
});
|
2021-09-22 18:36:13 +00:00
|
|
|
}
|
|
|
|
} catch (_err) {
|
|
|
|
const err = getErrorFromUnknown(_err);
|
|
|
|
console.error(`Webhook Error: ${err.message}`);
|
|
|
|
res.status(err.statusCode ?? 500).send({
|
|
|
|
message: err.message,
|
2021-12-01 10:32:08 +00:00
|
|
|
stack: IS_PRODUCTION ? undefined : err.stack,
|
2021-09-22 18:36:13 +00:00
|
|
|
});
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Return a response to acknowledge receipt of the event
|
|
|
|
res.json({ received: true });
|
|
|
|
}
|