Compare commits

..

1 Commits

Author SHA1 Message Date
ي
4e0f176842 Add strict Stripe checkout guard via env flag 2026-03-30 07:51:45 +05:30
3 changed files with 30 additions and 20 deletions

View File

@@ -48,13 +48,6 @@ load_dotenv(backend_dir / '.env') # backend/.env
load_dotenv(project_root / '.env') # root .env (fallback) load_dotenv(project_root / '.env') # root .env (fallback)
load_dotenv() # CWD .env (fallback) load_dotenv() # CWD .env (fallback)
PODCAST_ONLY_DEMO_MODE = os.getenv("PODCAST_ONLY_DEMO_MODE", "false").lower() in {
"1",
"true",
"yes",
"on",
}
# Set up clean logging for end users # Set up clean logging for end users
from logging_config import setup_clean_logging from logging_config import setup_clean_logging
setup_clean_logging() setup_clean_logging()
@@ -190,9 +183,7 @@ rate_limiter = RateLimiter(window_seconds=60, max_requests=200)
frontend_serving = FrontendServing(app) frontend_serving = FrontendServing(app)
router_manager = RouterManager(app) router_manager = RouterManager(app)
onboarding_manager = None onboarding_manager = OnboardingManager(app)
if not PODCAST_ONLY_DEMO_MODE:
onboarding_manager = OnboardingManager(app)
# Middleware Order (FastAPI executes in REVERSE order of registration - LIFO): # Middleware Order (FastAPI executes in REVERSE order of registration - LIFO):
# Registration order: 1. Monitoring 2. Rate Limit 3. API Key Injection # Registration order: 1. Monitoring 2. Rate Limit 3. API Key Injection
@@ -264,14 +255,7 @@ async def router_status():
# Onboarding management endpoints # Onboarding management endpoints
@app.get("/api/onboarding/status") @app.get("/api/onboarding/status")
async def onboarding_status(): async def onboarding_status():
"""Get onboarding manager status (or demo-mode disabled state).""" """Get onboarding manager status."""
if PODCAST_ONLY_DEMO_MODE:
return {
"enabled": False,
"status": "disabled",
"message": "Onboarding is disabled for podcast-only demo mode.",
"demo_mode": "podcast_only",
}
return onboarding_manager.get_onboarding_status() return onboarding_manager.get_onboarding_status()
# Include routers using modular utilities # Include routers using modular utilities

View File

@@ -16,6 +16,10 @@ REQUIRED_STRIPE_PLAN_KEYS = {
} }
def _is_truthy_env(var_name: str) -> bool:
return os.getenv(var_name, "").strip().lower() in {"1", "true", "yes", "on"}
def _detect_stripe_mode() -> str: def _detect_stripe_mode() -> str:
configured_mode = os.getenv("STRIPE_MODE", "").strip().lower() configured_mode = os.getenv("STRIPE_MODE", "").strip().lower()
if configured_mode in {"test", "live"}: if configured_mode in {"test", "live"}:
@@ -98,7 +102,16 @@ class StripeService:
self.db = db self.db = db
self.api_key = os.getenv("STRIPE_SECRET_KEY") self.api_key = os.getenv("STRIPE_SECRET_KEY")
self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET") self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
self.require_stripe_checkout = _is_truthy_env("REQUIRE_STRIPE_CHECKOUT")
if not self.api_key: if not self.api_key:
if self.require_stripe_checkout:
raise HTTPException(
status_code=500,
detail=(
"REQUIRE_STRIPE_CHECKOUT=true but STRIPE_SECRET_KEY is missing. "
"Configure STRIPE_SECRET_KEY to enable Stripe checkout."
),
)
logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.") logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.")
else: else:
stripe.api_key = self.api_key stripe.api_key = self.api_key

View File

@@ -52,6 +52,10 @@ export interface SubscriptionPlan {
} }
const PricingPage: React.FC = () => { const PricingPage: React.FC = () => {
const requireStripeCheckout = ['1', 'true', 'yes', 'on'].includes(
(process.env.REACT_APP_REQUIRE_STRIPE_CHECKOUT || '').toLowerCase()
);
const stripePublishableKey = process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY;
const navigate = useNavigate(); const navigate = useNavigate();
const [plans, setPlans] = useState<SubscriptionPlan[]>([]); const [plans, setPlans] = useState<SubscriptionPlan[]>([]);
const [loading, setLoading] = useState(true); const [loading, setLoading] = useState(true);
@@ -173,7 +177,7 @@ const PricingPage: React.FC = () => {
const userId = localStorage.getItem('user_id') || 'anonymous'; const userId = localStorage.getItem('user_id') || 'anonymous';
// Check if Stripe is configured // Check if Stripe is configured
if (process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY) { if (stripePublishableKey) {
console.log('[PricingPage] Initiating Stripe Checkout'); console.log('[PricingPage] Initiating Stripe Checkout');
const response = await apiClient.post('/api/subscription/create-checkout-session', { const response = await apiClient.post('/api/subscription/create-checkout-session', {
@@ -187,6 +191,14 @@ const PricingPage: React.FC = () => {
window.location.href = response.data.url; window.location.href = response.data.url;
return; return;
} }
if (requireStripeCheckout) {
throw new Error('Stripe checkout is required but checkout URL was not returned.');
}
} else if (requireStripeCheckout) {
throw new Error(
'Stripe checkout is required but REACT_APP_STRIPE_PUBLISHABLE_KEY is not configured.'
);
} }
console.log('[PricingPage] Making legacy subscription API call:', { console.log('[PricingPage] Making legacy subscription API call:', {
@@ -271,7 +283,8 @@ const PricingPage: React.FC = () => {
}, 3000); }, 3000);
} catch (err) { } catch (err) {
console.error('Error subscribing:', err); console.error('Error subscribing:', err);
setError('Failed to process subscription'); const errorMessage = err instanceof Error ? err.message : 'Failed to process subscription';
setError(errorMessage);
setSuccessSnackbar({ open: false, message: '', countdown: 0 }); setSuccessSnackbar({ open: false, message: '', countdown: 0 });
} finally { } finally {
setSubscribing(false); setSubscribing(false);