# frozen_string_literal: true require "braintree" require "date" require "delegate" require "dhall" require "forwardable" require "pg" require "redis" require "roda" require "uri" if ENV["RACK_ENV"] == "development" require "pry-rescue" use PryRescue::Rack end require_relative "lib/auto_top_up_repo" require_relative "lib/three_d_secure_repo" require_relative "lib/electrum" require "sentry-ruby" Sentry.init do |config| config.traces_sample_rate = 1 end use Sentry::Rack::CaptureExceptions REDIS = Redis.new PLANS = Dhall.load("env:PLANS").sync BRAINTREE_CONFIG = Dhall.load("env:BRAINTREE_CONFIG").sync ELECTRUM = Electrum.new( **Dhall::Coder.load("env:ELECTRUM_CONFIG", transform_keys: :to_sym) ) DB = PG.connect(dbname: "jmp") DB.type_map_for_results = PG::BasicTypeMapForResults.new(DB) DB.type_map_for_queries = PG::BasicTypeMapForQueries.new(DB) class CreditCardGateway class ErrorResult < StandardError def self.for(result) if result.verification&.status == "gateway_rejected" && result.verification&.gateway_rejection_reason == "cvv" new("fieldInvalidForCvv") else new(result.message) end end end def initialize(jid, customer_id=nil) @jid = jid @customer_id = customer_id @gateway = Braintree::Gateway.new( environment: BRAINTREE_CONFIG[:environment].to_s, merchant_id: BRAINTREE_CONFIG[:merchant_id].to_s, public_key: BRAINTREE_CONFIG[:public_key].to_s, private_key: BRAINTREE_CONFIG[:private_key].to_s ) end def check_customer_id(cid) return cid unless ENV["RACK_ENV"] == "production" raise "customer_id does not match" unless @customer_id == cid cid end def customer_id customer_id = REDIS.get(redis_key_jid) return customer_id if check_customer_id(customer_id) result = @gateway.customer.create raise "Braintree customer create failed" unless result.success? @customer_id = result.customer.id save_customer_id! end def save_customer_id! unless REDIS.set(redis_key_jid, @customer_id) == "OK" raise "Saving new jid,customer to redis failed" end unless REDIS.set(redis_key_customer_id, @jid) == "OK" raise "Saving new customer,jid to redis failed" end @customer_id end def customer_plan name = DB.exec_params(<<~SQL, [customer_id]).first&.[]("plan_name") SELECT plan_name FROM customer_plans WHERE customer_id=$1 LIMIT 1 SQL PLANS.find { |plan| plan[:name].to_s == name } end def merchant_account plan = customer_plan return unless plan BRAINTREE_CONFIG[:merchant_accounts][plan[:currency]] end def client_token kwargs = {} kwargs[:merchant_account_id] = merchant_account.to_s if merchant_account @gateway.client_token.generate(customer_id: customer_id, **kwargs) end def payment_methods? !@gateway.customer.find(customer_id).payment_methods.empty? end def default_method(nonce) result = @gateway.payment_method.create( customer_id: customer_id, payment_method_nonce: nonce, options: { verify_card: true, make_default: true } ) raise ErrorResult.for(result) unless result.success? result end def remove_method(token) @gateway.payment_method.delete(token) end protected def redis_key_jid "jmp_customer_id-#{@jid}" end def redis_key_customer_id "jmp_customer_jid-#{@customer_id}" end end class UnknownTransactions def self.from(customer_id, address, tx_hashes) self.for( customer_id, fetch_rows_for(address, tx_hashes).map { |row| row["transaction_id"] } ) end def self.fetch_rows_for(address, tx_hashes) values = tx_hashes.map { |tx_hash| "('#{DB.escape_string(tx_hash)}/#{DB.escape_string(address)}')" } return [] if values.empty? DB.exec_params(<<-SQL) SELECT transaction_id FROM (VALUES #{values.join(',')}) AS t(transaction_id) LEFT JOIN transactions USING (transaction_id) WHERE transactions.transaction_id IS NULL SQL end def self.for(customer_id, transaction_ids) transaction_ids.empty? ? None.new : new(customer_id, transaction_ids) end def initialize(customer_id, transaction_ids) @customer_id = customer_id @transaction_ids = transaction_ids end def enqueue! REDIS.hset( "pending_btc_transactions", *@transaction_ids.flat_map { |txid| [txid, @customer_id] } ) end class None def enqueue!; end end end class JmpPay < Roda SENTRY_DSN = ENV["SENTRY_DSN"] && URI(ENV["SENTRY_DSN"]) plugin :render, engine: "slim" plugin :common_logger, $stdout extend Forwardable def_delegators :request, :params def redis_key_btc_addresses "jmp_customer_btc_addresses-#{params['customer_id']}" end def verify_address_customer_id(r) return if REDIS.sismember(redis_key_btc_addresses, params["address"]) warn "Address and customer_id do not match" r.halt([ 403, { "Content-Type" => "text/plain" }, "Address and customer_id do not match" ]) end route do |r| r.on "electrum_notify" do verify_address_customer_id(r) UnknownTransactions.from( params["customer_id"], params["address"], ELECTRUM .getaddresshistory(params["address"]) .map { |item| item["tx_hash"] } ).enqueue! "OK" end r.on :jid do |jid| Sentry.set_user(id: params["customer_id"], jid: jid) gateway = CreditCardGateway.new(jid, params["customer_id"]) topup = AutoTopUpRepo.new r.on "credit_cards" do r.get do view( "credit_cards", locals: { token: gateway.client_token, customer_id: gateway.customer_id, auto_top_up: topup.find(gateway.customer_id) || (gateway.payment_methods? ? "" : "15") } ) end r.post do result = gateway.default_method(params["braintree_nonce"]) ThreeDSecureRepo.new.put_from_payment_method( gateway.customer_id, result.payment_method ) topup.put( gateway.customer_id, params["auto_top_up_amount"].to_i ) "OK" rescue ThreeDSecureRepo::Failed gateway.remove_method($!.message) response.status = 400 "hostedFieldsFieldsInvalidError" rescue CreditCardGateway::ErrorResult response.status = 400 $!.message end end end end end run JmpPay.freeze.app