From ebb6bb2a1a9f6c1e122a9061b089d279b2d917be Mon Sep 17 00:00:00 2001 From: Tiago Ribeiro Date: Fri, 13 Oct 2023 15:22:01 +0100 Subject: [PATCH] Updated the Stripe webhook to work better --- src/pages/api/stripe.ts | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/pages/api/stripe.ts b/src/pages/api/stripe.ts index e863a8bf..7a60aafa 100644 --- a/src/pages/api/stripe.ts +++ b/src/pages/api/stripe.ts @@ -1,7 +1,7 @@ // Next.js API route support: https://nextjs.org/docs/api-routes/introduction import type {NextApiRequest, NextApiResponse} from "next"; import {app} from "@/firebase"; -import {getFirestore, setDoc, doc} from "firebase/firestore"; +import {getFirestore, setDoc, doc, getDocs, query, collection, where} from "firebase/firestore"; import {withIronSessionApiRoute} from "iron-session/next"; import {sessionOptions} from "@/lib/session"; import {Type} from "@/interfaces/user"; @@ -14,7 +14,7 @@ import ShortUniqueId from "short-unique-id"; const db = getFirestore(app); export default async function handler(req: NextApiRequest, res: NextApiResponse) { - const {email, expiryDate, key} = req.body as {email: string; expiryDate: Date; key: string}; + const {email, expiryDate, key, checkout} = req.body as {email: string; expiryDate: Date; key: string; checkout: string}; if (!key || key !== process.env.STRIPE_KEY) { res.status(403).json({ok: false}); return; @@ -23,8 +23,14 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) const uid = new ShortUniqueId(); const code = uid.randomUUID(6); + const codeCheckerRef = await getDocs(query(collection(db, "codes"), where("checkout", "==", checkout))); + if (codeCheckerRef.docs.length !== 0) { + res.status(401).json({ok: false}); + return; + } + const codeRef = doc(db, "codes", code); - await setDoc(codeRef, {type: "student", code, expiryDate}); + await setDoc(codeRef, {type: "student", code, expiryDate, checkout}); const transport = prepareMailer(); const mailOptions = prepareMailOptions(