ordinarthur/rubis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rubis/apps/api/start/routes.ts
ordinarthur 1952265217
All checks were successful
Build & Deploy Web / build-and-deploy (push) Successful in 1m0s
Details
Build & Deploy Landing / build-and-deploy (push) Successful in 31s
Details
Build & Deploy API / build-and-deploy (push) Successful in 1m52s
Details
feat(billing): plans Free/Pro/Business + Stripe Checkout & Customer Portal 
Pricing V1 :
  - Free  : 5 factures actives, 1 user, 3 mois de grâce illimité au signup
  - Pro   : 19 €/mois ou 190 €/an, factures illimitées, 1 user
  - Business : 49 €/mois ou 490 €/an, illimité + 5 sièges (V2 multi-users)
              + reply-from-user-email (V2)

Backend :
  - Migration : plan, grace_period_ends_at, stripe_customer_id,
    stripe_subscription_id, subscription_status, billing_cycle,
    current_period_end sur `organizations`. Backfill grace_period auto.
  - `app/services/billing.ts` : PLAN_CAPS, countActiveInvoices,
    canCreateInvoices (enforce post-grace), getOrgSubscriptionState.
  - `app/services/stripe.ts` : client lazy + lookup_keys stables.
  - `app/controllers/billing_controller.ts` :
      • GET  /billing/subscription      → state pour l'UI
      • POST /billing/checkout          → crée une Checkout Session
      • POST /billing/portal            → Customer Portal Session
      • POST /billing/webhook (public)  → handle 4 events Stripe
        (checkout.completed, subscription.updated/deleted, invoice.payment_failed)
  - `commands/stripe_setup.ts` : `node ace stripe:setup` crée Products +
    Prices (idempotent via lookup_key).
  - Enforcement 402 `plan_limit_reached` sur :
      • POST /invoices (saisie manuelle)
      • POST /invoices/import-batch/:id/drafts/:draftId/validate (OCR)

Frontend :
  - `lib/billing.ts` : useSubscription, useStartCheckout, useOpenPortal,
    useIsAtFreeLimit.
  - `routes/_app/parametres_.abonnement.tsx` : page comparaison plans
    avec toggle mensuel/annuel, current plan + portail Stripe, CTA upgrade
    qui redirige vers Checkout hostée.
  - `routes/_app/parametres.tsx` : nouvelle section "Abonnement" qui
    affiche le plan courant + lien vers la page abonnement.
  - `components/billing/PlanLimitBanner.tsx` : banner sur /factures qui
    s'adapte selon période (grâce / approche / atteinte).
  - Toast dédié 402 sur la validation OCR avec action "Passer Pro".

Doc :
  - flow.md : nouvelle section §11 "Pricing & enforcement" qui couvre
    plans, grâce, webhook flow, Customer Portal, env vars.

Setup dev :
  1. STRIPE_SECRET_KEY (sk_test_...) dans apps/api/.env
  2. `stripe listen --forward-to localhost:3333/api/v1/billing/webhook`
     → copier whsec_... → STRIPE_WEBHOOK_SECRET
  3. `node ace stripe:setup` une fois pour créer Products+Prices
  4. Tester via /parametres/abonnement → checkout en mode test Stripe

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 15:03:28 +02:00

286 lines
10 KiB
TypeScript
Raw Blame History

/*
|--------------------------------------------------------------------------
| Routes file
|--------------------------------------------------------------------------
|
| Toutes les routes sont sous /api/v1/. Les groupes auth et account sont
| importés depuis le contrôleur généré par Tuyau pour garantir le contrat
| client typé (cf. docs/tech/backend.md §8).
|
*/
import { middleware } from '#start/kernel'
import router from '@adonisjs/core/services/router'
import { controllers } from '#generated/controllers'
router
.group(() => {
/**
* Health check — public, utilisé par les sondes K3s (startup/liveness/
* readiness) et le healthcheck Docker. Retourne 200 sans toucher la DB
* pour rester rapide ; la DB est implicitement vérifiée au boot par
* le init-container migrate.
*/
router.get('health', () => ({ status: 'ok', uptime: process.uptime() })).as('health')
})
.prefix('/api/v1')
router
.group(() => {
/**
* Auth — public. /refresh utilise le cookie httpOnly `rubis_refresh`
* posé par signup/login pour émettre une nouvelle AuthSession.
* /google/* → SSO via Ally, callback pose aussi le refresh cookie.
*/
router
.group(() => {
router.post('signup', [controllers.NewAccount, 'store']).as('signup')
router.post('login', [controllers.AccessTokens, 'store']).as('login')
router.post('refresh', [controllers.Refresh, 'handle']).as('refresh')
router
.get('google/redirect', [controllers.AuthGoogle, 'redirect'])
.as('google.redirect')
router
.get('google/callback', [controllers.AuthGoogle, 'callback'])
.as('google.callback')
router
.get('microsoft/redirect', [controllers.AuthMicrosoft, 'redirect'])
.as('microsoft.redirect')
router
.get('microsoft/callback', [controllers.AuthMicrosoft, 'callback'])
.as('microsoft.callback')
})
.prefix('auth')
.as('auth')
/**
* Check-in in-app — auth requise. La modale au login liste les factures
* en attente de confirmation et permet à l'user d'y répondre directement
* sans passer par l'email.
*
* IMPORTANT : ce groupe doit être déclaré AVANT le groupe public à token,
* sinon `/checkin/:token/pending` mange `/checkin/inapp/pending` (token
* littéral = "inapp") et redirige vers le SPA en 302.
*/
router
.group(() => {
router
.get('pending', [controllers.Checkin, 'inappPending'])
.as('pending')
router
.post(':invoiceId/paid', [controllers.Checkin, 'inappRespondPaid'])
.as('paid')
.where('invoiceId', router.matchers.uuid())
router
.post(':invoiceId/pending', [controllers.Checkin, 'inappRespondPending'])
.as('pending.post')
.where('invoiceId', router.matchers.uuid())
})
.prefix('checkin/inapp')
.as('checkin.inapp')
.use(middleware.auth())
/**
* Check-in — public (pas d'auth Bearer). Token signé en URL,
* lookup hash en DB. Redirige vers le SPA avec ?checkin=... pour
* que l'UI affiche un toast.
*/
router
.group(() => {
router
.get(':token/paid', [controllers.Checkin, 'respondPaid'])
.as('paid')
router
.get(':token/pending', [controllers.Checkin, 'respondPending'])
.as('pending')
})
.prefix('checkin')
.as('checkin')
/**
* Compte courant — auth requise.
*/
router
.group(() => {
router.get('profile', [controllers.Profile, 'show']).as('profile.show')
router.patch('profile', [controllers.Profile, 'update']).as('profile.update')
router.post('logout', [controllers.AccessTokens, 'destroy']).as('logout')
})
.prefix('account')
.as('account')
.use(middleware.auth())
/**
* Organisation rattachée à l'utilisateur courant — auth requise.
*/
router
.group(() => {
router.get('me', [controllers.Organizations, 'show']).as('show')
router.patch('me', [controllers.Organizations, 'update']).as('update')
})
.prefix('organizations')
.as('organizations')
.use(middleware.auth())
/**
* Clients — auth requise, scope par organization de l'utilisateur courant.
*/
router
.group(() => {
router.get('', [controllers.Clients, 'index']).as('index')
router.post('', [controllers.Clients, 'store']).as('store')
router.get(':id', [controllers.Clients, 'show']).as('show').where('id', router.matchers.uuid())
router
.get(':id/timeseries', [controllers.Clients, 'timeseries'])
.as('timeseries')
.where('id', router.matchers.uuid())
router.patch(':id', [controllers.Clients, 'update']).as('update').where('id', router.matchers.uuid())
})
.prefix('clients')
.as('clients')
.use(middleware.auth())
/**
* IA — auth requise. Génération de templates de relance avec Mistral
* pour le wizard de création de plan custom.
*/
router
.group(() => {
router.post('generate-relance', [controllers.Ai, 'generateRelance']).as('generate-relance')
})
.prefix('ai')
.as('ai')
.use(middleware.auth())
/**
* Plans — auth requise. Lookup par slug (stable et lisible :
* /parametres/plans/standard-30j). POST = création d'un plan custom,
* slug auto-généré depuis le name.
*/
router
.group(() => {
router.get('', [controllers.Plans, 'index']).as('index')
router.post('', [controllers.Plans, 'store']).as('store')
router.get(':slug', [controllers.Plans, 'show']).as('show')
router.patch(':slug', [controllers.Plans, 'update']).as('update')
})
.prefix('plans')
.as('plans')
.use(middleware.auth())
/**
* Billing / Stripe — auth requise pour subscription/checkout/portal.
* Le webhook est PUBLIC (signature Stripe vérifiée côté handler).
*/
router
.post('billing/webhook', [controllers.Billing, 'webhook'])
.as('billing.webhook')
router
.group(() => {
router
.get('subscription', [controllers.Billing, 'subscription'])
.as('subscription')
router
.post('checkout', [controllers.Billing, 'checkout'])
.as('checkout')
router.post('portal', [controllers.Billing, 'portal']).as('portal')
})
.prefix('billing')
.as('billing')
.use(middleware.auth())
/**
* Demo — auth requise. Mode démo opt-in par org (cf. CLAUDE.md →
* Architecture). Routes opérantes seulement si `org.demo_mode = true`.
*/
router
.group(() => {
router.post('start', [controllers.Demo, 'start']).as('start')
router.post('end', [controllers.Demo, 'end']).as('end')
router.post('tick', [controllers.Demo, 'tick']).as('tick')
router.get('state', [controllers.Demo, 'state']).as('state')
router.get('inbox', [controllers.Demo, 'inbox']).as('inbox')
})
.prefix('demo')
.as('demo')
.use(middleware.auth())
/**
* Dashboard — auth requise. Calculs agrégés on-the-fly (pas de cache V1).
*/
router
.group(() => {
router.get('kpis', [controllers.Dashboard, 'kpis']).as('kpis')
router.get('activity', [controllers.Dashboard, 'activity']).as('activity')
router.get('top-late', [controllers.Dashboard, 'topLate']).as('top-late')
router
.get('timeseries', [controllers.Dashboard, 'timeseries'])
.as('timeseries')
})
.prefix('dashboard')
.as('dashboard')
.use(middleware.auth())
/**
* Invoices — auth requise. Ordre IMPORTANT : les routes statiques
* (/upload, /counts, /import-batch/...) sont déclarées AVANT /:id
* sinon `:id` matche les segments littéraux.
*/
router
.group(() => {
router.get('', [controllers.Invoices, 'index']).as('index')
router.post('', [controllers.Invoices, 'store']).as('store')
router.get('counts', [controllers.Invoices, 'counts']).as('counts')
// OCR / Import batch (cf. ImportBatchesController)
router.post('upload', [controllers.ImportBatches, 'upload']).as('upload')
router
.get('import-batch/:id', [controllers.ImportBatches, 'show'])
.as('import-batch.show')
.where('id', router.matchers.uuid())
router
.get('import-batch/:id/drafts/:draftId/pdf', [
controllers.ImportBatches,
'draftPdf',
])
.as('import-batch.draft.pdf')
.where('id', router.matchers.uuid())
.where('draftId', router.matchers.uuid())
router
.post('import-batch/:id/drafts/:draftId/validate', [
controllers.ImportBatches,
'validateDraft',
])
.as('import-batch.draft.validate')
.where('id', router.matchers.uuid())
.where('draftId', router.matchers.uuid())
router
.post('import-batch/:id/drafts/:draftId/skip', [
controllers.ImportBatches,
'skipDraft',
])
.as('import-batch.draft.skip')
.where('id', router.matchers.uuid())
.where('draftId', router.matchers.uuid())
router
.delete('import-batch/:id', [controllers.ImportBatches, 'destroy'])
.as('import-batch.destroy')
.where('id', router.matchers.uuid())
router.get(':id', [controllers.Invoices, 'show']).as('show').where('id', router.matchers.uuid())
router
.get(':id/pdf', [controllers.Invoices, 'pdf'])
.as('pdf')
.where('id', router.matchers.uuid())
router
.post(':id/mark-paid', [controllers.Invoices, 'markPaid'])
.as('mark-paid')
.where('id', router.matchers.uuid())
})
.prefix('invoices')
.as('invoices')
.use(middleware.auth())
})
.prefix('/api/v1')
Reference in New Issue View Git Blame Copy Permalink