Skip to content

Improve Stripe webhook reconciliation, logging, and launch diagnostics#64

Merged
SaltProphet merged 1 commit intomainfrom
detect-payment-success-and-refresh-profile
Mar 6, 2026
Merged

Improve Stripe webhook reconciliation, logging, and launch diagnostics#64
SaltProphet merged 1 commit intomainfrom
detect-payment-success-and-refresh-profile

Conversation

@SaltProphet
Copy link
Owner

@SaltProphet SaltProphet commented Mar 6, 2026

Motivation

  • Payment fulfillment sometimes returned to the app before the webhook had applied credits; this change adds a bounded client-side reconciliation loop to avoid confusing UI state.
  • Webhook processing needed better observability at failure and decision points to troubleshoot signature, metadata, and ledger transitions.
  • Operators needed a minimal diagnostics/runbook to inspect payments rows by transaction_id for live troubleshooting without introducing a new admin endpoint.

Description

  • Added a guarded, bounded post-checkout reconciliation loop in src/app/page.tsx that only runs for payment=success returns, introduces PAYMENT_RECONCILE_MAX_ATTEMPTS and PAYMENT_RECONCILE_INTERVAL_MS, and refreshes tokens, plan, and last_payment_at from the profiles row.
  • Instrumented src/app/api/webhooks/stripe/route.ts with structured logs for missing signature, signature verification failures, missing checkout metadata, and payment ledger transitions (transitions to received, fulfilled, replayed, and failure states).
  • Extended src/app/api/webhooks/stripe.test.ts to assert replay idempotency, rejection of paid sessions with missing metadata, and behavior when profile updates fail (ensuring ledger is transitioned to a failure state).
  • Added live webhook validation checklist and admin SQL for inspecting payments by transaction_id to STRIPE_CHECKLIST.md and added a webhook diagnostics runbook to docs/launch/PRODUCTION_LAUNCH_GUIDE.md.

Testing

  • Ran the webhook unit tests with npm test -- src/app/api/webhooks/stripe.test.ts and all tests passed (6 passed, 0 failed).
  • The added tests exercise signature rejection, successful grant + ledger insert/fulfill, replay handling, missing-metadata rejection, and profile-update failure reconciliation behavior, and they succeeded in the test run.

Codex Task

@vercel
Copy link
Contributor

vercel bot commented Mar 6, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
secpriva Ready Ready Preview, Comment Mar 6, 2026 1:52am

Request Review

@chatgpt-codex-connector
Copy link

chatgpt-codex-connector bot commented Mar 6, 2026

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@SaltProphet SaltProphet merged commit 507fed4 into main Mar 6, 2026
3 of 9 checks passed
@SaltProphet SaltProphet deleted the detect-payment-success-and-refresh-profile branch March 6, 2026 01:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SaltProphet