Phase8: Auto bill credit card
All checks were successful
Build and Push / build (push) Successful in 1m48s
All checks were successful
Build and Push / build (push) Successful in 1m48s
This commit is contained in:
@@ -1,51 +1,27 @@
|
||||
import { NextResponse } from "next/server";
|
||||
import { z } from "zod";
|
||||
import { getSessionUser } from "@/lib/session";
|
||||
import { setAutoChargeEnabled } from "@/lib/db";
|
||||
import { safeError } from "@/lib/errors";
|
||||
|
||||
/**
|
||||
* POST /api/billing/auto-charge
|
||||
* POST /api/billing/auto-charge — RETIRED.
|
||||
*
|
||||
* Phase 9. Toggle the auto_charge_enabled flag on the caller's
|
||||
* org. The body is `{ enabled: boolean }`.
|
||||
* Auto-pay is no longer a customer-toggleable setting. A saved
|
||||
* card on file is the consent to auto-bill; customers manage their
|
||||
* card via update/remove on /settings/billing, nothing else. The
|
||||
* auto_charge_enabled flag is now an admin-only pause used during
|
||||
* disputes, set from /admin/billing/orgs.
|
||||
*
|
||||
* When OFF: invoices issued for this org won't trigger an
|
||||
* auto-charge against the saved card. The customer pays
|
||||
* manually (or admin marks paid) — same flow as a bank-transfer
|
||||
* customer.
|
||||
*
|
||||
* When ON: future invoice issuance attempts the auto-charge.
|
||||
* No effect if there's no saved card on file.
|
||||
*
|
||||
* Idempotent: setting OFF on an already-OFF flag is a no-op
|
||||
* (same outcome).
|
||||
* This route is kept as an explicit 410 (Gone) so any stale client
|
||||
* that still POSTs here fails loudly rather than silently toggling
|
||||
* a flag the customer shouldn't control. The old behaviour lived
|
||||
* here through Phase 9b-2.
|
||||
*/
|
||||
|
||||
const bodySchema = z.object({
|
||||
enabled: z.boolean(),
|
||||
});
|
||||
|
||||
export async function POST(request: Request) {
|
||||
const user = await getSessionUser();
|
||||
if (!user) {
|
||||
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
||||
}
|
||||
const body = await request.json().catch(() => ({}));
|
||||
const parsed = bodySchema.safeParse(body);
|
||||
if (!parsed.success) {
|
||||
return NextResponse.json(
|
||||
{ error: "Invalid request", details: parsed.error.flatten() },
|
||||
{ status: 400 }
|
||||
);
|
||||
}
|
||||
try {
|
||||
await setAutoChargeEnabled(user.orgId, parsed.data.enabled);
|
||||
return NextResponse.json({ enabled: parsed.data.enabled });
|
||||
} catch (e) {
|
||||
return NextResponse.json(
|
||||
{ error: safeError(e, "Failed to update auto-charge setting") },
|
||||
{ status: 500 }
|
||||
);
|
||||
}
|
||||
export async function POST() {
|
||||
return NextResponse.json(
|
||||
{
|
||||
error:
|
||||
"Auto-pay can no longer be disabled. A saved card is required for service. " +
|
||||
"Contact support if you need to switch to bank-transfer billing.",
|
||||
code: "auto_pay_not_toggleable",
|
||||
},
|
||||
{ status: 410 }
|
||||
);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user