binouz/app/api/checkout/route.ts

import Stripe from "stripe";
import { db } from "@/lib/db";
import { fallbackGrades } from "@/lib/site";

export const dynamic = "force-dynamic";

const stripeSecretKey = process.env.STRIPE_SECRET_KEY;
const stripe = stripeSecretKey
  ? new Stripe(stripeSecretKey, {
      apiVersion: "2023-10-16",
    })
  : null;

const minecraftNameRegex = /^[A-Za-z0-9_]{3,16}$/;

type GradeInfo = {
  id: string;
  name: string;
  price: number;
  description: string;
};

const getGradeById = async (gradeId: string): Promise<GradeInfo | null> => {
  try {
    const grade = await db.grade.findUnique({ where: { id: gradeId } });
    if (grade) {
      return {
        id: grade.id,
        name: grade.name,
        price: grade.price,
        description: grade.description,
      };
    }
  } catch {
    // ignore db errors and fall back to static data
  }

  return fallbackGrades.find((grade) => grade.id === gradeId) ?? null;
};

export async function POST(request: Request) {
  const body = await request.json().catch(() => ({}));
  const gradeId = body?.gradeId?.toString();
  const minecraftUsername = body?.minecraftUsername?.toString().trim();

  if (!gradeId || !minecraftUsername) {
    return Response.json({ error: "Missing checkout details." }, { status: 400 });
  }

  if (!minecraftNameRegex.test(minecraftUsername)) {
    return Response.json(
      { error: "Invalid Minecraft username." },
      { status: 400 }
    );
  }

  const grade = await getGradeById(gradeId);
  if (!grade) {
    return Response.json({ error: "Grade not found." }, { status: 404 });
  }

  if (!stripe) {
    return Response.json({ error: "Stripe not configured." }, { status: 500 });
  }

  const baseUrl = process.env.NEXTAUTH_URL ?? "http://localhost:3000";
  const session = await stripe.checkout.sessions.create({
    mode: "payment",
    payment_method_types: ["card"],
    success_url: `${baseUrl}/?checkout=success`,
    cancel_url: `${baseUrl}/?checkout=cancel`,
    line_items: [
      {
        price_data: {
          currency: "eur",
          unit_amount: Math.round(grade.price * 100),
          product_data: {
            name: grade.name,
            description: grade.description,
          },
        },
        quantity: 1,
      },
    ],
    metadata: {
      gradeId: grade.id,
      minecraftUsername,
    },
    client_reference_id: minecraftUsername,
  });

  if (!session.url) {
    return Response.json({ error: "Stripe session failed." }, { status: 500 });
  }

  return Response.json({ url: session.url });
}