Add strict Stripe checkout guard via env flag

2026-03-30 07:51:45 +05:30
4 changed files with 31 additions and 66 deletions
--- a/backend/services/startup_health.py
+++ b/backend/services/startup_health.py
@@ -15,7 +15,6 @@ from services.database import (
    init_database,
    default_engine,
 )
-from services.user_api_key_context import get_user_api_keys

 _REQUIRED_SCHEMA: Dict[str, List[str]] = {
    "onboarding_sessions": ["id", "user_id", "updated_at"],
@@ -145,62 +144,6 @@ def _check_db_access(checks: List[Dict[str, Any]], errors: List[str], warnings:
    return candidate_user


-def _check_production_api_key_loading(
-    checks: List[Dict[str, Any]],
-    errors: List[str],
-    warnings: List[str],
-) -> None:
-    deploy_env = os.getenv("DEPLOY_ENV", "local").strip().lower()
-    if deploy_env == "local":
-        _record_check(checks, "production_api_key_loading", True, "skipped in local deploy mode")
-        return
-
-    test_tenant_id = os.getenv("ALWRITY_STARTUP_TEST_TENANT_ID", "").strip()
-    if not test_tenant_id:
-        message = (
-            "Missing ALWRITY_STARTUP_TEST_TENANT_ID for production API key startup check."
-        )
-        errors.append(message)
-        _record_check(checks, "production_api_key_loading", False, message)
-        return
-
-    try:
-        keys = get_user_api_keys(test_tenant_id)
-    except Exception as exc:
-        errors.append(
-            f"Failed to load API keys for startup test tenant '{test_tenant_id}': {exc}"
-        )
-        _record_check(checks, "production_api_key_loading", False, str(exc))
-        return
-
-    if not isinstance(keys, dict):
-        errors.append(
-            f"API key loader returned invalid payload type for startup test tenant '{test_tenant_id}'."
-        )
-        _record_check(checks, "production_api_key_loading", False, "invalid payload type")
-        return
-
-    non_empty_keys = [provider for provider, value in keys.items() if value]
-    if not non_empty_keys:
-        errors.append(
-            f"No API keys could be loaded for startup test tenant '{test_tenant_id}'."
-        )
-        _record_check(checks, "production_api_key_loading", False, "no non-empty keys loaded")
-        return
-
-    warning = None
-    if len(non_empty_keys) < len(keys):
-        warning = (
-            f"Startup test tenant '{test_tenant_id}' has {len(non_empty_keys)}/{len(keys)} non-empty API keys."
-        )
-        warnings.append(warning)
-
-    detail = f"loaded {len(non_empty_keys)} non-empty keys for tenant {test_tenant_id}"
-    if warning:
-        detail = f"{detail}; {warning}"
-    _record_check(checks, "production_api_key_loading", True, detail)
-
-
 def run_startup_health_routine() -> Dict[str, Any]:
    checks: List[Dict[str, Any]] = []
    errors: List[str] = []
@@ -209,8 +152,6 @@ def run_startup_health_routine() -> Dict[str, Any]:
    _check_workspace_root(checks, errors)
    if not errors:
        _check_db_access(checks, errors, warnings)
-    if not errors:
-        _check_production_api_key_loading(checks, errors, warnings)

    status = "healthy" if not errors else "failed"
    report = {
--- a/backend/services/subscription/stripe_service.py
+++ b/backend/services/subscription/stripe_service.py
@@ -16,6 +16,10 @@ REQUIRED_STRIPE_PLAN_KEYS = {
 }


+def _is_truthy_env(var_name: str) -> bool:
+    return os.getenv(var_name, "").strip().lower() in {"1", "true", "yes", "on"}
+
+
 def _detect_stripe_mode() -> str:
    configured_mode = os.getenv("STRIPE_MODE", "").strip().lower()
    if configured_mode in {"test", "live"}:
@@ -98,7 +102,16 @@ class StripeService:
        self.db = db
        self.api_key = os.getenv("STRIPE_SECRET_KEY")
        self.webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
+        self.require_stripe_checkout = _is_truthy_env("REQUIRE_STRIPE_CHECKOUT")
        if not self.api_key:
+            if self.require_stripe_checkout:
+                raise HTTPException(
+                    status_code=500,
+                    detail=(
+                        "REQUIRE_STRIPE_CHECKOUT=true but STRIPE_SECRET_KEY is missing. "
+                        "Configure STRIPE_SECRET_KEY to enable Stripe checkout."
+                    ),
+                )
            logger.warning("STRIPE_SECRET_KEY is not set. Stripe integration will not work.")
        else:
            stripe.api_key = self.api_key
--- a/backend/services/user_api_key_context.py
+++ b/backend/services/user_api_key_context.py
@@ -71,13 +71,10 @@ class UserAPIKeyContext:
        """Load API keys from database for specific user."""
        try:
            from api.content_planning.services.content_strategy.onboarding import OnboardingDataIntegrationService
-            from services.database import get_session_for_user
+            from services.database import SessionLocal
            
            integration_service = OnboardingDataIntegrationService()
-            db = get_session_for_user(user_id)
-            if not db:
-                logger.error(f"Failed to create DB session for user {user_id}")
-                return {}
+            db = SessionLocal()
            try:
                integrated_data = integration_service.get_integrated_data_sync(user_id, db)
                keys = integrated_data.get('api_keys_data', {})
@@ -156,3 +153,4 @@ def get_tavily_key(user_id: Optional[str] = None) -> Optional[str]:
 def get_copilotkit_key(user_id: Optional[str] = None) -> Optional[str]:
    """Get CopilotKit API key for user."""
    return UserAPIKeyContext.get_user_key(user_id, 'copilotkit')
+
--- a/frontend/src/components/Pricing/PricingPage.tsx
+++ b/frontend/src/components/Pricing/PricingPage.tsx
@@ -52,6 +52,10 @@ export interface SubscriptionPlan {
 }

 const PricingPage: React.FC = () => {
+  const requireStripeCheckout = ['1', 'true', 'yes', 'on'].includes(
+    (process.env.REACT_APP_REQUIRE_STRIPE_CHECKOUT || '').toLowerCase()
+  );
+  const stripePublishableKey = process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY;
  const navigate = useNavigate();
  const [plans, setPlans] = useState<SubscriptionPlan[]>([]);
  const [loading, setLoading] = useState(true);
@@ -173,7 +177,7 @@ const PricingPage: React.FC = () => {
      const userId = localStorage.getItem('user_id') || 'anonymous';

      // Check if Stripe is configured
-      if (process.env.REACT_APP_STRIPE_PUBLISHABLE_KEY) {
+      if (stripePublishableKey) {
        console.log('[PricingPage] Initiating Stripe Checkout');

        const response = await apiClient.post('/api/subscription/create-checkout-session', {
@@ -187,6 +191,14 @@ const PricingPage: React.FC = () => {
          window.location.href = response.data.url;
          return;
        }
+
+        if (requireStripeCheckout) {
+          throw new Error('Stripe checkout is required but checkout URL was not returned.');
+        }
+      } else if (requireStripeCheckout) {
+        throw new Error(
+          'Stripe checkout is required but REACT_APP_STRIPE_PUBLISHABLE_KEY is not configured.'
+        );
      }

      console.log('[PricingPage] Making legacy subscription API call:', {
@@ -271,7 +283,8 @@ const PricingPage: React.FC = () => {
      }, 3000);
    } catch (err) {
      console.error('Error subscribing:', err);
-      setError('Failed to process subscription');
+      const errorMessage = err instanceof Error ? err.message : 'Failed to process subscription';
+      setError(errorMessage);
      setSuccessSnackbar({ open: false, message: '', countdown: 0 });
    } finally {
      setSubscribing(false);