Add strict Stripe checkout guard via env flag

backend/middleware/api_key_injection_middleware.py

@@ -8,7 +8,6 @@ IMPORTANT: This is a compatibility layer. For new code, use UserAPIKeyContext di
 """
 
 import os
-import time
 from fastapi import Request
 from loguru import logger
 from typing import Callable
@@ -21,61 +20,8 @@ class APIKeyInjectionMiddleware:
     for the duration of each request.
     """
     
-    # Shared across middleware instances (module currently instantiates per request)
-    _missing_keys_log_timestamps = {}
-
     def __init__(self):
         self.original_keys = {}
-
-    @staticmethod
-    def _should_skip_missing_key_warning(request: Request) -> bool:
-        """
-        Optionally suppress missing-key warnings for non-AI/internal routes.
-        Controlled by API_KEY_INJECTION_SKIP_NON_AI_WARNINGS (default: true).
-        """
-        skip_non_ai_warnings = os.getenv('API_KEY_INJECTION_SKIP_NON_AI_WARNINGS', 'true').lower() in ('1', 'true', 'yes')
-        if not skip_non_ai_warnings:
-            return False
-
-        path_lower = (request.url.path or '').lower()
-        return (
-            path_lower.startswith('/api/subscription/')
-            or path_lower.startswith('/api/onboarding/')
-            or path_lower.endswith('/status')
-            or path_lower.endswith('/health')
-            or path_lower == '/health'
-            or path_lower == '/status'
-        )
-
-    def _log_missing_keys_non_blocking(self, request: Request, user_id: str) -> None:
-        """
-        Log missing API keys without interrupting request flow.
-        - Defaults to debug-level logging.
-        - Optional warn once-per-user-per-interval via env:
-          API_KEY_INJECTION_MISSING_KEYS_LOG_MODE=warn_once
-          API_KEY_INJECTION_MISSING_KEYS_LOG_INTERVAL_SECONDS=900
-        """
-        try:
-            if self._should_skip_missing_key_warning(request):
-                logger.debug(f"[API Key Injection] Missing keys for user {user_id} on non-AI route; skipping warning")
-                return
-
-            log_mode = os.getenv('API_KEY_INJECTION_MISSING_KEYS_LOG_MODE', 'debug').lower()
-            if log_mode != 'warn_once':
-                logger.debug(f"No API keys found for user {user_id}")
-                return
-
-            interval_seconds = int(os.getenv('API_KEY_INJECTION_MISSING_KEYS_LOG_INTERVAL_SECONDS', '900'))
-            now = time.time()
-            last_logged_at = self._missing_keys_log_timestamps.get(user_id, 0)
-            if (now - last_logged_at) >= max(interval_seconds, 1):
-                logger.warning(f"No API keys found for user {user_id}")
-                self._missing_keys_log_timestamps[user_id] = now
-            else:
-                logger.debug(f"No API keys found for user {user_id} (warning suppressed by interval)")
-        except Exception as log_error:
-            # Logging should never block request processing
-            logger.debug(f"[API Key Injection] Failed to log missing keys state for user {user_id}: {log_error}")
     
     async def __call__(self, request: Request, call_next: Callable):
         """
@@ -122,7 +68,7 @@ class APIKeyInjectionMiddleware:
         # Get user-specific API keys from database
         with user_api_keys(user_id) as user_keys:
             if not user_keys:
-                self._log_missing_keys_non_blocking(request, user_id)
+                logger.warning(f"No API keys found for user {user_id}")
                 return await call_next(request)
             
             # Save original environment values
@@ -174,3 +120,4 @@ async def api_key_injection_middleware(request: Request, call_next: Callable):
     """
     middleware = APIKeyInjectionMiddleware()
     return await middleware(request, call_next)
+

backend/services/subscription/stripe_service.py

@@ -16,6 +16,10 @@ REQUIRED_STRIPE_PLAN_KEYS = {
 }
 
 
+def _is_truthy_env(var_name: str) -> bool:
+    return os.getenv(var_name, "").strip().lower() in {"1", "true", "yes", "on"}
+
+
 def _detect_stripe_mode() -> str:
     configured_mode = os.getenv("STRIPE_MODE", "").strip().lower()
     if configured_mode in {"test", "live"}:
@@ -98,7 +102,16 @@ class StripeService:
         self.db = db
         self.api_key = os.getenv("STRIPE_SECRET_KEY")
         self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
+        self.require_stripe_checkout = _is_truthy_env("REQUIRE_STRIPE_CHECKOUT")
         if not self.api_key:
+            if self.require_stripe_checkout:
+                raise HTTPException(
+                    status_code=500,
+                    detail=(
+                        "REQUIRE_STRIPE_CHECKOUT=true but STRIPE_SECRET_KEY is missing. "
+                        "Configure STRIPE_SECRET_KEY to enable Stripe checkout."
+                    ),
+                )
             logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.")
         else:
             stripe.api_key = self.api_key

frontend/src/components/Pricing/PricingPage.tsx

@@ -52,6 +52,10 @@ export interface SubscriptionPlan {
 }
 
 const PricingPage: React.FC = () => {
+  const requireStripeCheckout = ['1', 'true', 'yes', 'on'].includes(
+    (process.env.REACT_APP_REQUIRE_STRIPE_CHECKOUT || '').toLowerCase()
+  );
+  const stripePublishableKey = process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY;
   const navigate = useNavigate();
   const [plans, setPlans] = useState<SubscriptionPlan[]>([]);
   const [loading, setLoading] = useState(true);
@@ -173,7 +177,7 @@ const PricingPage: React.FC = () => {
       const userId = localStorage.getItem('user_id') || 'anonymous';
 
       // Check if Stripe is configured
-      if (process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY) {
+      if (stripePublishableKey) {
         console.log('[PricingPage] Initiating Stripe Checkout');
 
         const response = await apiClient.post('/api/subscription/create-checkout-session', {
@@ -187,6 +191,14 @@ const PricingPage: React.FC = () => {
           window.location.href = response.data.url;
           return;
         }
+
+        if (requireStripeCheckout) {
+          throw new Error('Stripe checkout is required but checkout URL was not returned.');
+        }
+      } else if (requireStripeCheckout) {
+        throw new Error(
+          'Stripe checkout is required but REACT_APP_STRIPE_PUBLISHABLE_KEY is not configured.'
+        );
       }
 
       console.log('[PricingPage] Making legacy subscription API call:', {
@@ -271,7 +283,8 @@ const PricingPage: React.FC = () => {
       }, 3000);
     } catch (err) {
       console.error('Error subscribing:', err);
-      setError('Failed to process subscription');
+      const errorMessage = err instanceof Error ? err.message : 'Failed to process subscription';
+      setError(errorMessage);
       setSuccessSnackbar({ open: false, message: '', countdown: 0 });
     } finally {
       setSubscribing(false);