feat: add real Stripe integration, e2e tests, and Pi deployment

Replace documentation-only repo with working code: - Stripe integration: webhook handler (8 event types), billing API (customers, checkout, payments, subscriptions, invoices) - Express API server with health endpoint, structured logging - E2E tests (Playwright): health, webhook signature verification, billing API validation - Unit tests: webhook event handler coverage for all event types - Pi deployment: deploy.sh (rsync + systemd), NGINX load balancer across Pi cluster, Docker support - CI/CD: test workflow, Pi deploy workflow, updated auto-deploy and self-healing to run real tests before deploying - Move resume docs to docs/ to separate code from documentation https://claude.ai/code/session_01Mf5Pg82fV6BTRS9GnpV7nr
2026-03-18 05:34:08 -05:00 · 2026-03-04 09:00:51 +00:00
parent dfa351891e
commit 20232bfd69
31 changed files with 1409 additions and 299 deletions
--- a/tests/e2e/stripe-webhook.spec.js
+++ b/tests/e2e/stripe-webhook.spec.js
@@ -0,0 +1,48 @@
+const { test, expect } = require('@playwright/test');
+const crypto = require('crypto');
+
+const BASE_URL = process.env.BASE_URL || 'http://localhost:3000';
+const WEBHOOK_SECRET = process.env.STRIPE_WEBHOOK_SECRET || 'whsec_test_secret';
+
+function generateStripeSignature(payload, secret) {
+  const timestamp = Math.floor(Date.now() / 1000);
+  const signedPayload = `${timestamp}.${payload}`;
+  const signature = crypto
+    .createHmac('sha256', secret)
+    .update(signedPayload)
+    .digest('hex');
+  return `t=${timestamp},v1=${signature}`;
+}
+
+test.describe('Stripe Webhook E2E', () => {
+  test('POST /api/webhooks/stripe rejects missing signature', async ({ request }) => {
+    const res = await request.post(`${BASE_URL}/api/webhooks/stripe`, {
+      data: JSON.stringify({ type: 'test' }),
+      headers: { 'Content-Type': 'application/json' },
+    });
+    expect(res.status()).toBe(400);
+
+    const body = await res.json();
+    expect(body.error).toContain('Missing stripe-signature');
+  });
+
+  test('POST /api/webhooks/stripe rejects invalid signature', async ({ request }) => {
+    const payload = JSON.stringify({
+      id: 'evt_test_123',
+      type: 'invoice.paid',
+      data: { object: { id: 'inv_test_123' } },
+    });
+
+    const res = await request.post(`${BASE_URL}/api/webhooks/stripe`, {
+      data: payload,
+      headers: {
+        'Content-Type': 'application/json',
+        'stripe-signature': 't=123,v1=invalid_signature',
+      },
+    });
+    expect(res.status()).toBe(400);
+
+    const body = await res.json();
+    expect(body.error).toContain('Webhook Error');
+  });
+});