Billing (#1269)

* Change env SELF_HOSTING_ENABLED to SELF_HOSTED

* Initial Stripe implementation

* Fix portal link

* Use webhook signatures

* Migrated to new Stripe gem conventions

Also updated resource routing

* Added faraday-multipart gem to resolve middleware notice

* Merge fix

* Merge fix

* Temporary upgrade prompt for early access

* Lint fix

* i18n fixes

* Remove catch-all rescue

* Update .env.example

app/controllers/settings/billings_controller.rb

@@ -0,0 +1,2 @@
+class Settings::BillingsController < SettingsController
+end

app/controllers/subscriptions_controller.rb

@@ -0,0 +1,36 @@
+class SubscriptionsController < ApplicationController
+  def new
+    client = Stripe::StripeClient.new(ENV["STRIPE_SECRET_KEY"])
+
+    if Current.family.stripe_customer_id.blank?
+      customer = client.v1.customers.create(
+        email: Current.family.primary_user.email,
+        metadata: { family_id: Current.family.id }
+      )
+      Current.family.update(stripe_customer_id: customer.id)
+    end
+
+    session = client.v1.checkout.sessions.create({
+      customer: Current.family.stripe_customer_id,
+      line_items: [ {
+        price: ENV["STRIPE_PLAN_ID"],
+        quantity: 1
+      } ],
+      mode: "subscription",
+      success_url: settings_billing_url,
+      cancel_url: settings_billing_url
+    })
+
+    redirect_to session.url, allow_other_host: true, status: :see_other
+  end
+
+  def show
+    client = Stripe::StripeClient.new(ENV["STRIPE_SECRET_KEY"])
+
+    portal_session = client.v1.billing_portal.sessions.create(
+      customer: Current.family.stripe_customer_id,
+      return_url: settings_billing_url
+    )
+    redirect_to portal_session.url, allow_other_host: true, status: :see_other
+  end
+end

app/controllers/webhooks_controller.rb

@@ -0,0 +1,61 @@
+class WebhooksController < ApplicationController
+  skip_before_action :verify_authenticity_token, only: [ :stripe ]
+  skip_authentication
+
+  def stripe
+    webhook_body = request.body.read
+    sig_header = request.env["HTTP_STRIPE_SIGNATURE"]
+    client = Stripe::StripeClient.new(ENV["STRIPE_SECRET_KEY"])
+
+    begin
+      thin_event = client.parse_thin_event(webhook_body, sig_header, ENV["STRIPE_WEBHOOK_SECRET"])
+
+      event = client.v1.events.retrieve(thin_event.id)
+
+      case event.type
+      when /^customer\.subscription\./
+        handle_subscription_event(event)
+      when "customer.created", "customer.updated", "customer.deleted"
+        handle_customer_event(event)
+      else
+        Rails.logger.info "Unhandled event type: #{event.type}"
+      end
+
+    rescue JSON::ParserError
+      render json: { error: "Invalid payload" }, status: :bad_request
+      return
+    rescue Stripe::SignatureVerificationError
+      render json: { error: "Invalid signature" }, status: :bad_request
+      return
+    end
+
+    render json: { received: true }, status: :ok
+  end
+
+  private
+
+    def handle_subscription_event(event)
+      subscription = event.data.object
+      family = Family.find_by(stripe_customer_id: subscription.customer)
+
+      if family
+        family.update(
+          stripe_plan_id: subscription.plan.id,
+          stripe_subscription_status: subscription.status
+        )
+      else
+        Rails.logger.error "Family not found for Stripe customer ID: #{subscription.customer}"
+      end
+    end
+
+    def handle_customer_event(event)
+      customer = event.data.object
+      family = Family.find_by(stripe_customer_id: customer.id)
+
+      if family
+        family.update(stripe_customer_id: customer.id)
+      else
+        Rails.logger.error "Family not found for Stripe customer ID: #{customer.id}"
+      end
+    end
+end