Compare commits

..

1 Commits

Author SHA1 Message Date
ي
4e0f176842 Add strict Stripe checkout guard via env flag 2026-03-30 07:51:45 +05:30
4 changed files with 61 additions and 61 deletions

View File

@@ -48,9 +48,6 @@ load_dotenv(backend_dir / '.env') # backend/.env
load_dotenv(project_root / '.env') # root .env (fallback) load_dotenv(project_root / '.env') # root .env (fallback)
load_dotenv() # CWD .env (fallback) load_dotenv() # CWD .env (fallback)
# Feature flags (read early so app wiring can rely on a single source of truth)
PODCAST_ONLY_DEMO_MODE = os.getenv("PODCAST_ONLY_DEMO_MODE", "false").lower() == "true"
# Set up clean logging for end users # Set up clean logging for end users
from logging_config import setup_clean_logging from logging_config import setup_clean_logging
setup_clean_logging() setup_clean_logging()
@@ -408,62 +405,48 @@ async def analyze_urls_ai_endpoint(request: AnalyzeURLsRequest, current_user: di
"""Run AI-powered SEO analysis on selected URLs.""" """Run AI-powered SEO analysis on selected URLs."""
return await analyze_urls_ai(request, current_user) return await analyze_urls_ai(request, current_user)
# Centralized mode helpers for router wiring. # Include platform analytics router
# Keep all mode decisions in this section to avoid scattered env checks. from routers.platform_analytics import router as platform_analytics_router
def is_podcast_only_demo_mode() -> bool: app.include_router(platform_analytics_router)
return PODCAST_ONLY_DEMO_MODE # Include Bing Analytics Storage router to expose storage-backed endpoints
from routers.bing_analytics_storage import router as bing_analytics_storage_router
app.include_router(bing_analytics_storage_router)
app.include_router(images_router)
app.include_router(image_studio_router)
app.include_router(product_marketing_router)
app.include_router(campaign_creator_router)
# Include content assets router
from api.content_assets.router import router as content_assets_router
app.include_router(content_assets_router)
def should_include_non_podcast_routers() -> bool: # Include Podcast Maker router
return not is_podcast_only_demo_mode()
# Include Podcast Maker router (available in all modes)
from api.podcast.router import router as podcast_router from api.podcast.router import router as podcast_router
app.include_router(podcast_router) app.include_router(podcast_router)
if should_include_non_podcast_routers(): # Include YouTube Creator Studio router
# Include platform analytics router from api.youtube.router import router as youtube_router
from routers.platform_analytics import router as platform_analytics_router app.include_router(youtube_router, prefix="/api")
app.include_router(platform_analytics_router)
# Include Bing Analytics Storage router to expose storage-backed endpoints # Include research configuration router
from routers.bing_analytics_storage import router as bing_analytics_storage_router app.include_router(research_config_router, prefix="/api/research", tags=["research"])
app.include_router(bing_analytics_storage_router)
app.include_router(images_router)
app.include_router(image_studio_router)
app.include_router(product_marketing_router)
app.include_router(campaign_creator_router)
# Include content assets router # Include Research Engine router (standalone AI research module)
from api.content_assets.router import router as content_assets_router from api.research.router import router as research_engine_router
app.include_router(content_assets_router) app.include_router(research_engine_router, tags=["Research Engine"])
# Include YouTube Creator Studio router # Scheduler dashboard routes
from api.youtube.router import router as youtube_router from api.scheduler_dashboard import router as scheduler_dashboard_router
app.include_router(youtube_router, prefix="/api") app.include_router(scheduler_dashboard_router)
app.include_router(oauth_token_monitoring_router)
# Include research configuration router # Autonomous Agents API routes (Phase 3A)
app.include_router(research_config_router, prefix="/api/research", tags=["research"]) from api.agents_api import router as agents_router
app.include_router(agents_router)
# Include Research Engine router (standalone AI research module) # Today workflow routes
from api.research.router import router as research_engine_router from api.today_workflow import router as today_workflow_router
app.include_router(research_engine_router, tags=["Research Engine"]) app.include_router(today_workflow_router)
# Scheduler dashboard routes
from api.scheduler_dashboard import router as scheduler_dashboard_router
app.include_router(scheduler_dashboard_router)
app.include_router(oauth_token_monitoring_router)
# Autonomous Agents API routes (Phase 3A)
from api.agents_api import router as agents_router
app.include_router(agents_router)
# Today workflow routes
from api.today_workflow import router as today_workflow_router
app.include_router(today_workflow_router)
else:
logger.info("PODCAST_ONLY_DEMO_MODE is enabled: non-podcast routers are not registered.")
# Setup frontend serving using modular utilities # Setup frontend serving using modular utilities
frontend_serving.setup_frontend_serving() frontend_serving.setup_frontend_serving()

View File

@@ -16,6 +16,10 @@ REQUIRED_STRIPE_PLAN_KEYS = {
} }
def _is_truthy_env(var_name: str) -> bool:
return os.getenv(var_name, "").strip().lower() in {"1", "true", "yes", "on"}
def _detect_stripe_mode() -> str: def _detect_stripe_mode() -> str:
configured_mode = os.getenv("STRIPE_MODE", "").strip().lower() configured_mode = os.getenv("STRIPE_MODE", "").strip().lower()
if configured_mode in {"test", "live"}: if configured_mode in {"test", "live"}:
@@ -98,7 +102,16 @@ class StripeService:
self.db = db self.db = db
self.api_key = os.getenv("STRIPE_SECRET_KEY") self.api_key = os.getenv("STRIPE_SECRET_KEY")
self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET") self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
self.require_stripe_checkout = _is_truthy_env("REQUIRE_STRIPE_CHECKOUT")
if not self.api_key: if not self.api_key:
if self.require_stripe_checkout:
raise HTTPException(
status_code=500,
detail=(
"REQUIRE_STRIPE_CHECKOUT=true but STRIPE_SECRET_KEY is missing. "
"Configure STRIPE_SECRET_KEY to enable Stripe checkout."
),
)
logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.") logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.")
else: else:
stripe.api_key = self.api_key stripe.api_key = self.api_key

View File

@@ -298,11 +298,6 @@ def main():
parser.add_argument("--dev", action="store_true", help="Enable development mode (auto-reload)") parser.add_argument("--dev", action="store_true", help="Enable development mode (auto-reload)")
parser.add_argument("--production", action="store_true", help="Enable production mode (optimized for deployment)") parser.add_argument("--production", action="store_true", help="Enable production mode (optimized for deployment)")
parser.add_argument("--verbose", action="store_true", help="Enable verbose logging for debugging") parser.add_argument("--verbose", action="store_true", help="Enable verbose logging for debugging")
parser.add_argument(
"--podcast-only-demo",
action="store_true",
help="Enable podcast-only demo mode (sets PODCAST_ONLY_DEMO_MODE=true before app startup)",
)
args = parser.parse_args() args = parser.parse_args()
# Determine mode # Determine mode
@@ -312,8 +307,6 @@ def main():
# Set global verbose flag for utilities # Set global verbose flag for utilities
os.environ["ALWRITY_VERBOSE"] = "true" if verbose_mode else "false" os.environ["ALWRITY_VERBOSE"] = "true" if verbose_mode else "false"
if args.podcast_only_demo:
os.environ["PODCAST_ONLY_DEMO_MODE"] = "true"
print("[*] ALwrity Backend Server") print("[*] ALwrity Backend Server")
print("=" * 40) print("=" * 40)
@@ -321,8 +314,6 @@ def main():
print(f"Auto-reload: {'ENABLED' if enable_reload else 'DISABLED'}") print(f"Auto-reload: {'ENABLED' if enable_reload else 'DISABLED'}")
if verbose_mode: if verbose_mode:
print("Verbose logging: ENABLED") print("Verbose logging: ENABLED")
if args.podcast_only_demo:
print("Podcast-only demo mode: ENABLED")
print("=" * 40) print("=" * 40)
# Check if we're in the right directory # Check if we're in the right directory
@@ -410,4 +401,4 @@ def main():
if __name__ == "__main__": if __name__ == "__main__":
success = main() success = main()
if not success: if not success:
sys.exit(1) sys.exit(1)

View File

@@ -52,6 +52,10 @@ export interface SubscriptionPlan {
} }
const PricingPage: React.FC = () => { const PricingPage: React.FC = () => {
const requireStripeCheckout = ['1', 'true', 'yes', 'on'].includes(
(process.env.REACT_APP_REQUIRE_STRIPE_CHECKOUT || '').toLowerCase()
);
const stripePublishableKey = process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY;
const navigate = useNavigate(); const navigate = useNavigate();
const [plans, setPlans] = useState<SubscriptionPlan[]>([]); const [plans, setPlans] = useState<SubscriptionPlan[]>([]);
const [loading, setLoading] = useState(true); const [loading, setLoading] = useState(true);
@@ -173,7 +177,7 @@ const PricingPage: React.FC = () => {
const userId = localStorage.getItem('user_id') || 'anonymous'; const userId = localStorage.getItem('user_id') || 'anonymous';
// Check if Stripe is configured // Check if Stripe is configured
if (process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY) { if (stripePublishableKey) {
console.log('[PricingPage] Initiating Stripe Checkout'); console.log('[PricingPage] Initiating Stripe Checkout');
const response = await apiClient.post('/api/subscription/create-checkout-session', { const response = await apiClient.post('/api/subscription/create-checkout-session', {
@@ -187,6 +191,14 @@ const PricingPage: React.FC = () => {
window.location.href = response.data.url; window.location.href = response.data.url;
return; return;
} }
if (requireStripeCheckout) {
throw new Error('Stripe checkout is required but checkout URL was not returned.');
}
} else if (requireStripeCheckout) {
throw new Error(
'Stripe checkout is required but REACT_APP_STRIPE_PUBLISHABLE_KEY is not configured.'
);
} }
console.log('[PricingPage] Making legacy subscription API call:', { console.log('[PricingPage] Making legacy subscription API call:', {
@@ -271,7 +283,8 @@ const PricingPage: React.FC = () => {
}, 3000); }, 3000);
} catch (err) { } catch (err) {
console.error('Error subscribing:', err); console.error('Error subscribing:', err);
setError('Failed to process subscription'); const errorMessage = err instanceof Error ? err.message : 'Failed to process subscription';
setError(errorMessage);
setSuccessSnackbar({ open: false, message: '', countdown: 0 }); setSuccessSnackbar({ open: false, message: '', countdown: 0 });
} finally { } finally {
setSubscribing(false); setSubscribing(false);