Samir Boulahtit
4e28d91a78
Templates Migration: - Migrate admin templates to modules (tenancy, billing, monitoring, marketplace, etc.) - Migrate vendor templates to modules (tenancy, billing, orders, messaging, etc.) - Migrate storefront templates to modules (catalog, customers, orders, cart, checkout, cms) - Migrate public templates to modules (billing, marketplace, cms) - Keep shared templates in app/templates/ (base.html, errors/, partials/, macros/) - Migrate letzshop partials to marketplace module Static Files Migration: - Migrate admin JS to modules: tenancy (23 files), core (5 files), monitoring (1 file) - Migrate vendor JS to modules: tenancy (4 files), core (2 files) - Migrate shared JS: vendor-selector.js to core, media-picker.js to cms - Migrate storefront JS: storefront-layout.js to core - Keep framework JS in static/ (api-client, utils, money, icons, log-config, lib/) - Update all template references to use module_static paths Naming Consistency: - Rename static/platform/ to static/public/ - Rename app/templates/platform/ to app/templates/public/ - Update all extends and static references Documentation: - Update module-system.md with shared templates documentation - Update frontend-structure.md with new module JS organization Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
65 lines
2.0 KiB
Python
65 lines
2.0 KiB
Python
# app/modules/payments/routes/api/webhooks.py
|
|
"""
|
|
External webhook endpoints.
|
|
|
|
Handles webhooks from:
|
|
- Stripe (payments and subscriptions)
|
|
|
|
Webhooks use signature verification for security, not user authentication.
|
|
"""
|
|
|
|
import logging
|
|
|
|
from fastapi import APIRouter, Header, Request
|
|
|
|
from app.core.database import get_db
|
|
from app.modules.payments.exceptions import InvalidWebhookSignatureException, WebhookMissingSignatureException
|
|
from app.modules.billing.services.stripe_service import stripe_service
|
|
from app.handlers.stripe_webhook import stripe_webhook_handler
|
|
|
|
router = APIRouter(prefix="/stripe")
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
@router.post("") # Uses signature verification, not user auth
|
|
async def stripe_webhook(
|
|
request: Request,
|
|
stripe_signature: str = Header(None, alias="Stripe-Signature"),
|
|
):
|
|
"""
|
|
Handle Stripe webhook events.
|
|
|
|
Stripe sends events for:
|
|
- Subscription lifecycle (created, updated, deleted)
|
|
- Invoice and payment events
|
|
- Checkout session completion
|
|
|
|
The endpoint verifies the webhook signature and processes events idempotently.
|
|
"""
|
|
if not stripe_signature:
|
|
logger.warning("Stripe webhook received without signature")
|
|
raise WebhookMissingSignatureException()
|
|
|
|
# Get raw body for signature verification
|
|
payload = await request.body()
|
|
|
|
try:
|
|
# Verify and construct event
|
|
event = stripe_service.construct_event(payload, stripe_signature)
|
|
except ValueError as e:
|
|
logger.warning(f"Invalid Stripe webhook: {e}")
|
|
raise InvalidWebhookSignatureException(str(e))
|
|
|
|
# Process the event
|
|
db = next(get_db())
|
|
try:
|
|
result = stripe_webhook_handler.handle_event(db, event)
|
|
return {"received": True, **result}
|
|
except Exception as e:
|
|
logger.error(f"Error processing Stripe webhook: {e}")
|
|
# Return 200 to prevent Stripe retries for processing errors
|
|
# The event is marked as failed and can be retried manually
|
|
return {"received": True, "error": str(e)}
|
|
finally:
|
|
db.close()
|