Commit Graph

412 Commits

Author SHA1 Message Date
Fabien O'Carroll
05d5310343 Updated members-api to allow passing options to models
no-issue

This allows us to do multiple operations within a db transaction, which
will be used for the importer to ensure atomic inserts
2020-12-04 10:10:59 +00:00
Fabien O'Carroll
bd1173ef9f Published new versions
- @tryghost/magic-link@0.6.2
 - @tryghost/members-api@0.35.0
 - @tryghost/members-csv@0.3.3
 - @tryghost/members-ssr@0.8.6
2020-11-23 16:53:10 +00:00
Fabien 'egg' O'Carroll
ecd5bb2c01 Stored cancellation reason in local database (#222)
refs https://github.com/TryGhost/Ghost/issues/12403
refs https://github.com/TryGhost/Ghost/pull/12405

This smol change means that we keep our local cancellation_reason column in sync with what we set in Stripe metadata
2020-11-23 16:50:03 +00:00
Fabien 'egg' O'Carroll
da00444961 Added support for cancellation_reason (#221)
refs https://github.com/TryGhost/Ghost/issues/12403

Adds support for sending a cancellation_reason when cancelling a plan and store the reason on the Subscription metadata
2020-11-23 16:28:35 +00:00
Renovate Bot
5879193940 Update dependency ghost-ignition to v4.2.4 2020-11-05 12:04:34 +00:00
Renovate Bot
a4d2dcaa8c Update dependency ghost-ignition to v4.2.3 2020-11-02 01:05:58 +00:00
Rish
ed1a1ae049 Published new versions
- @tryghost/members-api@0.34.2
2020-10-29 17:55:00 +05:30
Rish
0ec84d1948 Fixed lint
no refs
2020-10-29 17:54:18 +05:30
Rish
2c2d639838 Fixed magic link type for member email update
no issue

- In case of a member updating their email, the `updateEmail` type was overridden with `signup` or `signin` without the force option. The fix forces the correct email type for when member requests to update their email.
2020-10-29 17:53:07 +05:30
Rish
06f9eb6dfe Published new versions
- @tryghost/magic-link@0.6.1
 - @tryghost/members-api@0.34.1
 - @tryghost/members-csv@0.3.2
2020-10-29 12:38:06 +05:30
Rish
18fa6ead56 Allowed requestSrc in stripe checkout metadata flow
refs https://github.com/TryGhost/Ghost/issues/12253

Allows reading `requestSrc` from Stripe checkout flow metadata to send signup emails with customized action param when requesting from Portal
2020-10-29 12:12:15 +05:30
Rish
216aeb572e Added request source option for magic link url
no issue

refs https://github.com/TryGhost/Ghost/issues/12253

Currently, Ghost uses standard query params like action, success and stripe for all actions and redirects to a site for member events. This needed to be extended to allow for portal specific query params so it doesn't overlap with specific theme handling or custom notifications.

The change here adds an extra option - `requestSrc` - which can be passed when using magic link API to send a link which is passed down to `getSigninURL`, and allows the `action` param to configured to `portal-action` when magic links are sent from Portal
2020-10-29 11:59:01 +05:30
Rish
6ccdea6632 Removed magic link email for upgrade checkout
no issue

Previously, we were sending a magic link email to signup in case a logged-in member upgrades to a paid account, as we didn't check for logged in status while sending the magic link and always sent one on finishing checkout. Since Portal allows members to upgrade their account from free, it doesn't make sense to send another email to signup after completing checkout.

The fix here adds a metadata `checkoutType` to checkout session creation which can be passed in with `upgrade` value to denote an existing member is upgrading and doesn't need an email.
2020-10-29 11:59:01 +05:30
Rish
5bcf180163 Published new versions
- @tryghost/members-api@0.34.0
2020-10-27 15:20:47 +05:30
Rishabh Garg
c996c7b576 Added unpaid and past_due subscription status as paid member (#211)
refs https://github.com/TryGhost/Ghost/issues/12256 , https://github.com/TryGhost/Ghost/issues/12255

Currently when listing subscriptions for Members, we were only showing the subscriptions which have a status of trialing or active.

Based on discussion, the `unpaid` and `past_due` states on Stripe also represent owner's intention of considering a subscription as active instead of `cancelled`, so we allow any subscriptions under these 2 states to be also listed for a member and consider them as `paid`.

- Subscriptions will go into a past_due state if the payment is missed, this should be considered a grace period where the member still has access.

- After this the subscriptions will either go to the unpaid or the cancelled state - this can be configured on an account by account basis in the Stripe dashboard. `unpaid` is considered as an intention to keep the subscription to allow for re-activation later.
2020-10-27 15:15:23 +05:30
Fabien O'Carroll
4463b7471f Published new versions
- @tryghost/members-api@0.33.3
2020-10-19 12:44:44 +01:00
Fabien 'egg' O'Carroll
aa228e9eb9 Created member with name on checkout completion (#209)
refs https://github.com/TryGhost/Ghost/issues/12270

Previously we would create the member, and then update their name from
stripe data, this mean that webhooks would be sent _without_ a name,
despite us possibly having the information to provide one.

Here we've updated the creation of members to include the name attached
to the default billing method, this will ensure that webhooks are sent
with all availiable information.
2020-10-19 12:44:01 +01:00
Rish
73982ab4ff Published new versions
- @tryghost/members-api@0.33.2
2020-10-15 16:29:35 +05:30
Matt Hanley
4359517e75 Added Stripe webhook listener for subscription created event (#208)
no-issue

Subscription created events are required for migrating Stripe subscriptions from
alternative platforms, which involves creating a new subscription for a customer
(outside of Ghost) before cancelling the original subscription.
2020-10-15 16:25:36 +05:30
Rish
2544212ff7 Published new versions
- @tryghost/members-api@0.33.1
2020-10-15 16:20:41 +05:30
Rish
d3bc625c35 🐛 Fixed email update magic link not working
no issue

- Email update magic link was not sent out for sites which did not allow self signup as it didn't find the member on new email, which is expected.
- Updates sending magic link check in case an old email is found to correctly trigger update email
2020-10-15 16:19:41 +05:30
Fabien O'Carroll
5129c0d9fc Published new versions
- @tryghost/members-api@0.33.0
2020-10-05 17:19:08 +01:00
Fabien 'egg' O'Carroll
8efc4c7016 Removed old webhook cleanup code (#207)
no-issue

This is no longer necessary anymore, it would delete all webhooks which
matched the current webhook handler URL, which is undesirable
2020-10-05 09:21:20 +01:00
Fabien O'Carroll
4a15ee6852 Published new versions
- @tryghost/members-api@0.32.0
2020-09-28 16:59:50 +01:00
Fabien O'Carroll
f41f366b5a Updated customer when member email is changed
refs: https://github.com/TryGhost/Ghost/issues/12055

This ensures that newsletters and billing related emails are all sent to
the same address
2020-09-28 16:57:51 +01:00
Fabien O'Carroll
b189584f98 Added method to to update customer email address
refs: https://github.com/TryGhost/Ghost/issues/12055

This will be used by the users module when updating a members email
address to keep the Stripe Customer email in sync.
2020-09-28 16:57:51 +01:00
Fabien O'Carroll
feaf73f7d2 Fixed a bug with setting geolocation
no-issue

We were passing a string rather than an object to find the member to set
the geolocation on, this was causing us to always find the same member
each time, and so newer members would never have their geolocation set.
2020-09-28 16:57:51 +01:00
Fabien O'Carroll
d2bb50a436 Refactored async function to throw errors
no-issue

There's no need to return rejected promises in an async function as
thrown errors will behave the same, this just makes it a little cleaner.
2020-09-28 13:06:59 +01:00
Fabien O'Carroll
6e96f44f39 Published new versions
- @tryghost/members-api@0.31.0
2020-09-21 11:54:15 +01:00
Kristian Freeman
6ec7eeae33 Added support for promo codes in Stripe Checkout (#194)
no-issue

This commit adds support for Stripe's newly-added promotional code
parameter when creating a new Stripe Checkout session.

ref: https://stripe.com/docs/payments/checkout/set-up-a-subscription#coupons
2020-09-21 11:53:36 +01:00
Fabien O'Carroll
016e05b234 Published new versions
- @tryghost/members-api@0.30.1
2020-09-18 17:44:22 +01:00
Fabien O'Carroll
c0ac7b6b37 Updated getMagicLink usage
no-issue

This updates the call to getMagicLink to correctly pass tokenData
2020-09-18 17:43:42 +01:00
Fabien O'Carroll
7b63fd6862 Published new versions
- @tryghost/members-api@0.30.0
2020-09-18 17:02:27 +01:00
Fabien O'Carroll
0d14e33436 Updated members-api to accept a TokenProvider
no-issue

This paves the way for Ghost to be able to pass in a custom token
provider which will handle the shortening of tokens and making them
single use.
2020-09-18 16:37:32 +01:00
Fabien O'Carroll
42c2468314 Published new versions
- @tryghost/magic-link@0.6.0
 - @tryghost/members-api@0.29.0
2020-09-18 13:23:54 +01:00
Fabien O'Carroll
97ceb13d42 Moved JWTTokenProvider to lib and exported from index
no-issue

This brings the module in line with our current package standards.
2020-09-18 13:20:12 +01:00
Fabien O'Carroll
e38dbc1e6e Published new versions
- @tryghost/magic-link@0.5.0
 - @tryghost/members-api@0.28.3
 - @tryghost/members-csv@0.3.1
2020-09-18 12:43:56 +01:00
Fabien O'Carroll
0723a1f9ed Updated members-api to work with new magic-link class
no-issue

The MagicLink class now accepts a TokenProvider rather than a secret
2020-09-18 12:42:31 +01:00
Fabien 'egg' O'Carroll
6957c2725b Refactored magic-link to be more generic (#202)
no-issue

This removes the concept of `subject` & `payload` from the function
signatures, making the implementation a little more generic, and less
JWT centric.

We also replace getUserFromToken and getPayloadFromToken with a single
method getDataFromToken, which will contain all the necessary data.

* Updated members-api to use new magic-link module

This updates the usage of magic-link to work with the new interface

* Fixed labels not saving for new members

Due to how bookshelf-relations works, we must fetch the labels before
saving a member, otherwise the labels are all deleted.

* Used a proper class rather than constructor function

This just moves the code to a more modern standard

* Updated methods to be async

This prepares us for a future where token generation and validation may
require access to storage and thus be an asyncronous operation
2020-09-17 15:42:01 +01:00
Nazar Gargol
a578ae4076 Published new versions
- @tryghost/members-api@0.28.2
2020-08-24 18:31:02 +12:00
Nazar Gargol
30f758e297 🐛 Fixed create and update user methods to account for created_at and subscribed fields
refs https://github.com/TryGhost/Ghost/issues/12156

- During the refactor - 117309b4e8 (diff-3daeef67d07a2a0f94c89a86cafcede9R44), `subscribed` and `created_at` fields have been overlooked. All fields accepted by Ghost's `POST /members` and `PUT /members/:id` should be supported
2020-08-24 18:29:03 +12:00
Rish
56b9f4d350 Published new versions
- @tryghost/members-api@0.28.1
2020-08-21 16:12:31 +05:30
Rish
1fe75532e5 🐛 Fixed incorrect stripe method for cancelling subscriptions
refs https://github.com/TryGhost/Ghost/issues/12150

- `destroy` method was using incorrect cancel subscriptions method - stripe.cancelStripeSubscriptions - which doesn't exist
- Fixes call with intended method - `stripe.cancelAllSubscriptions` - to cancel all subscriptions
2020-08-21 16:11:24 +05:30
Rish
838ec6bb26 Published new versions
- @tryghost/members-api@0.28.0
2020-08-20 14:26:39 +05:30
Rishabh Garg
0dad6d147f Added update subscription method to members api (#198)
refs TryGhost/Ghost#12127

- Adds new `updateSubscription` method to members-api which allows updating individual subscription for a member
- New method only allows toggling of cancellation at period end for a subscription at the moment
2020-08-20 14:24:29 +05:30
Fabien O'Carroll
1625bc94c4 Published new versions
- @tryghost/members-api@0.27.2
2020-08-18 11:29:02 +01:00
Fabien O'Carroll
66b099222f Fixed throttling of Stripe API requests
no-issue

This ensures any requests during exponential backoff are correctly rate
limited too
2020-08-18 11:28:15 +01:00
Fabien O'Carroll
f8a705448b Published new versions
- @tryghost/members-api@0.27.1
2020-08-18 10:39:56 +01:00
Fabien O'Carroll
2d347cd5fd Fixed LeakyBucket params for test and live mode
no-issue

These were the wrong way round initially, and not caught when testing
with live api keys
2020-08-18 10:38:26 +01:00
Fabien O'Carroll
4fb68c6b19 Published new versions
- @tryghost/members-api@0.27.0
2020-08-17 17:37:23 +01:00
Fabien 'egg' O'Carroll
c7ea226d9e Updated stripe module for the bulk importer (#196)
no-issue

* Added LeakyBucket rate limiting for all Stripe requests
* Added createCustomer method
* Added createComplimentarySubscription method
* Replaced getStripeCustomer with getCustomer
* Exported createStripeCustomer & createComplimentarySubscription
2020-08-17 17:35:18 +01:00
Nazar Gargol
8cc8cc7acc Published new versions
- @tryghost/members-api@0.26.0
 - @tryghost/members-csv@0.3.0
2020-08-17 18:00:44 +12:00
Fabien 'egg' O'Carroll
117309b4e8 Used models internally and for exported API (#195)
no-issue

Using models internally and in the exported API means that we avoid expensive
`toJSON` calls, which affects performance when looping through large lists of
members. It also allows us to take advantage of the new relations used in the
models.

The addition of "ByID" methods for linking stripe customers and setting
complimentary subscriptions allows bulk imports to avoid the overhead of creating
a model for each members, instead passing an id string. n.b. currently the impl
_does_ still create models, but it makes it easier to optimise and refactor in the 
future.
2020-08-12 12:57:28 +01:00
Daniel Lockyer
85800c57f7 Published new versions
- @tryghost/magic-link@0.4.13
 - @tryghost/members-api@0.25.2
 - @tryghost/members-ssr@0.8.5
2020-08-11 09:10:32 +01:00
Daniel Lockyer
56ef95c397 Updated ghost-ignition dependency
- this will resolve the lodash warnings when running `yarn audit`
2020-08-11 09:08:54 +01:00
Fabien O'Carroll
043609b194 Published new versions
- @tryghost/members-api@0.25.1
2020-07-24 15:40:35 +02:00
Fabien 'egg' O'Carroll
e7484638e3 Ensured that we do not insert orphaned rows (#190)
no-issue

Previously we would blindly put subscriptions into the database when we
received a webhook, which could result in orphaned rows that were not
linked to a customer (and by extension a member)

This updates the logic so that we will only add subscriptions if we have
a record of their customer.

Customers are only added during a checkout.session.completed webhook, at
which point a member is guarunteed, but for formailty and safety against
changes in the flow, the logic has been applied to inserting customers
too.
2020-07-24 15:39:01 +02:00
Fabien O'Carroll
20e3b6cc8a Published new versions
- @tryghost/magic-link@0.4.12
 - @tryghost/members-api@0.25.0
 - @tryghost/members-ssr@0.8.4
2020-07-24 13:48:27 +02:00
Fabien O'Carroll
d63484e99a Handled subscription deletion errors with logging
refs https://github.com/TryGhost/Ghost/issues/11557

If a subscription failed to delete, we would error and bailout of the
process, this updates it to log the error so that site owners have a
record of the error in the logs, but also to continue through the rest
of the subscriptions.
2020-07-24 13:46:38 +02:00
Fabien O'Carroll
b435d6a8c1 Renamed destroyStripeSubscriptions to cancelStripeSubscriptions
no-issue

Destroy is terminology we usually use for the model layer and was a
little confusing without context, this method is used in one place so
it's a low effort cleanup with minimal repercussions
2020-07-24 13:46:38 +02:00
Renovate Bot
8137d5aa72 Update dependency mocha to v6.2.3 2020-07-23 13:04:38 +00:00
Rish
f23503e35c Published new versions
- @tryghost/members-api@0.24.5
2020-07-22 16:08:35 +05:30
Rish
f792148ce8 Updated magic link email to use custom status code for failures
refs https://github.com/TryGhost/Team/issues/342

- Send magic link middleware was not using custom status code from error and sending 500
- Updates error code to be picked from err object if present, or fallback to 500 as before otherwise
2020-07-22 16:07:21 +05:30
Fabien O'Carroll
763153d110 Published new versions
- @tryghost/members-api@0.24.4
2020-07-22 12:28:43 +02:00
Fabien 'egg' O'Carroll
bf38d836d4 Updated webhooks cleanup to handle all older webhooks (#186)
refs https://github.com/TryGhost/Ghost/issues/12074

Some sites may have had duplicate webhooks created due to a race
condition. This updates the members-api to cleanup _all_ webhooks before
starting, allowing it to create webhooks on a fresh slate, and removing
possible causes of 401 errors due to incorrect webhook secrets.
2020-07-22 12:27:48 +02:00
Fabien O'Carroll
cdfa31af1a Published new versions
- @tryghost/members-api@0.24.3
2020-07-21 13:45:34 +02:00
Fabien 'egg' O'Carroll
d1cd0fe80e Caught & handled 'resource_already_exists' errors (#185)
refs https://github.com/TryGhost/Ghost/issues/12065

This protects us against multiple instances of the members-api being
started simultaneously and race conditions where inbetween the initial
"GET" of a plan which returns empty, and the "POST" of a plan to create
it, another instance has already created it.
2020-07-21 13:40:49 +02:00
Fabien O'Carroll
8c73c4a42b Published new versions
- @tryghost/members-api@0.24.2
2020-07-21 12:03:41 +02:00
Fabien 'egg' O'Carroll
9f1b9d6156 Used mode to determine flow for checkout session (#184)
no-issue

This fixes a problem when subscribing to a Plan (Price) with a default
trial period. We also add logging to add a little more information about
which flow we're entering.

Subscriptions that are started with a trial have a `setup_intent`
present on the Checkout Session object, which was incorrectly causing us
to determine that we are in a "setup" flow and attempt to update a
customers card details.

We now use the `mode` property of the Checkout Session to determine
whether we are handling a new Subscription, or if we are in a "setup"
flow and should update the Customer's card details.
2020-07-21 12:03:16 +02:00
Fabien O'Carroll
9dc22b2bb2 Published new versions
- @tryghost/magic-link@0.4.11
 - @tryghost/members-api@0.24.1
 - @tryghost/members-ssr@0.8.3
2020-07-21 12:02:36 +02:00
Fabien O'Carroll
c30ffba75a Revert "Used mode to determine flow for checkout session (#184)"
no-issue

Reverting so that changesets can be released independently

This reverts commit d41e5f3b55.
2020-07-21 12:01:07 +02:00
Fabien 'egg' O'Carroll
d41e5f3b55 Used mode to determine flow for checkout session (#184)
no-issue

This fixes a problem when subscribing to a Plan (Price) with a default
trial period. We also add logging to add a little more information about
which flow we're entering.

Subscriptions that are started with a trial have a `setup_intent`
present on the Checkout Session object, which was incorrectly causing us
to determine that we are in a "setup" flow and attempt to update a
customers card details.

We now use the `mode` property of the Checkout Session to determine
whether we are handling a new Subscription, or if we are in a "setup"
flow and should update the Customer's card details.
2020-07-21 11:50:10 +02:00
Fabien 'egg' O'Carroll
400dba62a9 Added cleanup on startup for old webhooks (#181)
refs https://github.com/TryGhost/Ghost/issues/12061

Due to a bug in Ghost webhooks are now created with a trailing "/" which
meant that the previous webhooks to that (without a slash) was never
removed.

This results in users receiving emails from stripe about failed webhook
delivery, which is not good at all.

This fix lists out the webhooks and finds (if present) the webhook which
matches the current URL, minus the trailing slash. If found it will then
attempt to delete that webhook thus stopping the emails from Stripe.

I've added a note to remove this code as it should only ever need to run
once, and can be removed for the Ghost release after these changes.
2020-07-20 17:54:22 +02:00
renovate[bot]
adf66ce1ae Pin dependency @types/stripe to 7.13.24 (#176)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-07-10 16:37:24 +02:00
renovate[bot]
0687210bfc Update dependency ghost-ignition to v4 (#108)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-07-10 16:36:33 +02:00
Fabien O'Carroll
f2a8387bdb Published new versions
- @tryghost/members-api@0.24.0
2020-07-09 17:36:06 +02:00
Fabien 'egg' O'Carroll
ac923af0f7 Refactored webhook creation (#175)
no-issue

* Refactored model dependencies
  This groups all of the model depenencies into a single models object,
  and renames the models with more concise identifiers

* Fixed spacing
* Added webhook support to metadata
* Refactored stripe configure to have better logging
* Refactored webhook creation to reuse existing webhook
* Installed @types/stripe
2020-07-09 16:40:48 +02:00
Rish
68dbfb707d Published new versions
- @tryghost/members-api@0.23.2
2020-07-08 21:50:30 +05:30
Rish
1acf7d40be 🐛 Fixed incorrect payload creation for magic link token
no issue

- The extra payload added to magic link token included `name`, `labels` and `oldEmail`
- Refactor in commit [here](bf63ffe424 (diff-9f9ef757543bb9a90baba0d3bea76a83L157-R169)) changed the `body` variable assignment causing the payload objection creation to not include the extra data from request body
- Updates `body` to `req.body` to use correct data from request
2020-07-08 21:48:12 +05:30
Nazar Gargol
5b909735fd Published new versions
- @tryghost/magic-link@0.4.10
 - @tryghost/members-api@0.23.1
 - @tryghost/members-csv@0.2.1
 - @tryghost/members-ssr@0.8.2
2020-07-08 20:23:05 +12:00
Fabien O'Carroll
1b51ed7a5d Published new versions
- @tryghost/members-api@0.23.0
2020-06-18 18:03:46 +02:00
Fabien 'egg' O'Carroll
ae9870993a Added hasActiveStripeSubscriptions method (#169)
no-issue

This can be used by Ghost to determine if the Stripe keys can be deleted
2020-06-18 18:01:04 +02:00
Hannah Wolfe
aa0b02b75e Published new versions
- @tryghost/members-api@0.22.0
2020-06-12 17:11:14 +01:00
Hannah Wolfe
ebaf9538b6 Adding INR currency support
- We have many customers asking for INR as there are special rules in Stripe for this currency
- As well as a desire for local-selling
- Meaning it's not valid to use e.g. USD instead
2020-06-12 08:58:49 +01:00
Nazar Gargol
7872355962 Published new versions
- @tryghost/members-api@0.21.0
2020-06-12 15:36:07 +12:00
Nazar Gargol
d83525b54b Added stripe customer fetching method to member's API
no issue

- This method is needed to be able to validate if customer exist in configured Stripe account before attempting to link one with local member.
2020-06-12 15:35:16 +12:00
Rish
a136e5f839 Published new versions
- @tryghost/magic-link@0.4.9
 - @tryghost/members-api@0.20.1
 - @tryghost/members-ssr@0.8.1
2020-06-10 16:32:14 +05:30
Rish
11e2732d50 Handled error for stripe checkout rejection
refs https://github.com/TryGhost/members.js/issues/38

- In case of incomplete Stripe setup like Account name, checkout session creation fails and throws error, which was not being handled and 200 returned after long timeout
- This change catches the error and returns correct status along with message for clients to handle it downstream
2020-06-10 16:29:48 +05:30
Kevin Ansfield
88146dc3a3 Published new versions
- @tryghost/magic-link@0.4.8
 - @tryghost/members-api@0.20.0
 - @tryghost/members-ssr@0.8.0
2020-06-04 13:27:14 +01:00
Kevin Ansfield
bf63ffe424 Moved members geolocation fetch/update into members-ssr (#151)
closes https://github.com/TryGhost/Members/issues/148

- geolocation was not being fetched/stored for paid member signup
  - magic link was being sent after Stripe webhook but we don't have an IP at that stage
  - it only worked when a magic link was requested by the browser
- moved the geolocation fetch/update to `members-ssr`
  - kept the ip geolookup and storage inside `members-api` but exposed it as a method so consumers are able to choose when it's performed
  - used the new api method in `members-ssr` when exchanging a token from the session as that is always driven by browser requests so we know we have an IP and it's likely the correct one (reliant on consumers having "trust proxy" config correct)
  - stopped storing IP addresses in the token payload (keeps links shorter)
2020-06-04 13:20:19 +01:00
Rish
8891777681 Published new versions
- @tryghost/members-api@0.19.0
2020-05-28 20:37:29 +05:30
Rishabh Garg
e9b7dacb2e Updated magic link flow to allow changing member's email (#161)
refs https://github.com/TryGhost/members.js/issues/30

- Updates `sendMagicLink` middleware to allow adding old email address to payload. Checks for if new email address already exists in db before creating magic link, throws error in case of duplicate email.
- Updates magic link parsing for data to check if the intention is to update email address and update member's email to new email address in case its allowed.
- Return session data from magic link using the new email address
2020-05-28 19:37:03 +05:30
Daniel Lockyer
730ddc2ae6 Published new versions
- @tryghost/magic-link@0.4.7
 - @tryghost/members-api@0.18.7
 - @tryghost/members-ssr@0.7.10
2020-05-25 13:11:54 +01:00
Fabien O'Carroll
24e13651a8 Published new versions
- @tryghost/members-api@0.18.6
2020-05-25 13:38:11 +02:00
Fabien 'egg' O'Carroll
48260dedba Used plans trial by default for checkout sessions (#158)
no-issue

Without this flag the checkout session will ignore any default trial periods
attached to the plan. Now we are able to give basic support for trials, by
attaching a trial period in Stripe Dashboard
2020-05-21 10:14:36 +02:00
Rish
ce72aa40a0 Published new versions
- @tryghost/magic-link@0.4.6
 - @tryghost/members-api@0.18.5
 - @tryghost/members-ssr@0.7.9
2020-05-20 14:34:40 +05:30
Rish
d5d2cc5137 Added name from magic link token to member creation
refs https://github.com/TryGhost/members.js/issues/26

- Allows magic link tokens to pass member name on signup
- Uses member name from magic link token to assign member name during creation
2020-05-20 14:33:15 +05:30
Rish
23e343d3b4 Published new versions
- @tryghost/magic-link@0.4.5
 - @tryghost/members-api@0.18.4
 - @tryghost/members-ssr@0.7.8
2020-05-19 22:03:56 +05:30
Rish
a1f29d8ede Updated member update method
no issue

- Makes passing `name` and `note` field in member update data as optional instead of making them undefined
- Allows email to be updated
- Adds stripe subscriptions list to updated member's response data to make update consistent with get method
2020-05-19 20:35:36 +05:30
Rish
167811c5fd Updated stripe checkout to store member name from metadata
refs TryGhost/members.js#29

- Uses the metadata option in stripe checkout flow to add member's name on creation via anonymous checkout flow
- Allows clients like memebrs.js to pass member's info like name from checkout signup flow
2020-05-19 13:54:25 +05:30
Rish
2f90c97629 Added metadata option to stripe checkout session
refs TryGhost/members.js#29

- Allows passing metadata to checkout session API
- Metadata is passed to stripe's checkout session on creation and read back from webhook event
- Allows clients like members.js to pass custom info like member name to Stripe flow
2020-05-19 13:54:25 +05:30
Rishabh Garg
b015a08c43 Added plan update option to stripe subscription update API (#154)
no issue

- Current update stripe subscription API calls only allowed cancelling a plan
- This change adds option to pass plan's nickname as `planName` in request to update subscription to new plan
- Checks if plan name is valid and updates stripe subscription to new plan at default prorate behavior
2020-05-19 12:59:39 +05:30
Rish
ef9fa8e623 Published new versions
- @tryghost/magic-link@0.4.4
 - @tryghost/members-api@0.18.3
 - @tryghost/members-ssr@0.7.7
2020-04-30 16:08:09 +05:30
Rish
fac6c3d97e Added ability to prefill customer email for anonymous checkouts
refs https://github.com/TryGhost/members.js/issues/10

- Allows passing an additional `customerEmail` value to our checkout creation API
- This value is used to pass `customer_email` option to stripe's checkout session - https://stripe.com/docs/api/checkout/sessions/create#create_checkout_session-customer_email.

The `customer_email` allows pre-filling the customer's email field in case of an anonymous checkout as customer doesn't exist already, and also ensures the stripe subscription is created with same email address as given by user during signup flow.
2020-04-30 16:01:22 +05:30
Renovate Bot
2c14a337ad Update dependency jsdom to v15.2.1 2020-04-27 15:15:52 +00:00
Rish
66e106e3ac Published new versions
- @tryghost/magic-link@0.4.3
 - @tryghost/members-api@0.18.2
 - @tryghost/members-ssr@0.7.6
2020-04-21 15:32:00 +05:30
Rish
ab3fe634f4 🐛 Fixed incorrect logging for geolocation error
no issue

We were using incorrect method for logging in geolocation warning - `this.logging.warn(err)` - as `this.logging` doesn't exist in this file. Updated to use correct logging method.
2020-04-21 15:28:13 +05:30
Nazar Gargol
07cb94d57e Published new versions
- @tryghost/magic-link@0.4.2
 - @tryghost/members-api@0.18.1
 - @tryghost/members-ssr@0.7.5
2020-04-17 14:09:59 +12:00
Renovate Bot
808aa8f9a3 Update dependency nock to v12.0.3 2020-03-17 12:25:52 +00:00
Renovate Bot
f628708317 Update Test & linting packages 2020-03-17 03:20:46 +00:00
Renovate Bot
f341891fd2 Pin dependency nock to 12.0.0 2020-03-17 02:15:32 +00:00
Nazar Gargol
95ab4e7b51 Published new versions
- @tryghost/members-api@0.18.0
2020-03-04 11:36:06 +08:00
Nazar Gargol
076e328f20 Added currency and currency_symbol properties to plans
no issue

- Adding these properties allows specifying which currency is currently used on member's plan.
- Supported currencies list: USD, AUD, CAD, GBP, EUR
- They were chosen based on the most used/requested currencies within Ghost
- With adding multiple available currencies that can be setup also had to add handling of Stripes limitation of having single currency per paying customer
2020-03-04 11:33:19 +08:00
Kevin Ansfield
7fb1c2e07e Published new versions
- @tryghost/members-api@0.17.0
2020-02-27 10:35:43 +00:00
Kevin Ansfield
615a482c48 Store geolocation data during member signup/signin (#128)
requires f38d490886

- adds `lib/geolocation.js` with `getGeolocationFromIP()` function which uses https://geojs.io to lookup geolocation data from an IPv4 or IPv6 address
- updates `create/updateMember()` functions to work with a `geolocation` property in the passed in object
  - if `geolocation` is `undefined` when updating a member do not reset any existing property
- updates `sendMagicLink` middleware to extract the IP address from the request and stores it as part of the token payload
- updates `getMemberDataFromMagicLinkToken()` method to extract the IP address from the token payload and perform a geolocation lookup if we have an IP address and a matching member does not already have geolocation data
2020-02-27 10:29:36 +00:00
Nazar Gargol
fb7fa87c3b Published new versions
- @tryghost/members-api@0.16.2
2020-02-27 17:09:59 +08:00
Nazar Gargol
9a783f9f0c Revert "Added precaution to avoid creating multiple Complimentary plans"
This reverts commit 5f0d2168f3.

After discussing the best approach to multipe currency problem would be
to allow creating multiple "Complimentary" plans. All security related
checks should stay strictly based on name and would not cause issues.
2020-02-27 16:55:03 +08:00
Nazar Gargol
fbe153cc97 Published new versions
- @tryghost/members-api@0.16.1
2020-02-27 13:53:46 +08:00
Nazar Gargol
5f0d2168f3 Added precaution to avoid creating multiple Complimentary plans
refs https://github.com/TryGhost/Ghost-Admin/pull/1430

- When the client creates a complimentary plan with other currency than USD we should not allow for it to avoid creating a mess in the Stripe plans
2020-02-27 13:53:05 +08:00
Nazar Gargol
71395fcfcb Published new versions
- @tryghost/members-api@0.16.0
2020-02-26 12:11:21 +08:00
Naz
b34b7bfa9c Added middleware to handle billing updates (#122)
refs https://github.com/TryGhost/Ghost/pull/11571 

- Allows updating members billing information through Stripe's setup intent (stripe.com/docs/payments/checkout/subscriptions/updating#set)
- Accepts 2 new parameter to handle redirects specific to billing update.
2020-02-26 12:09:09 +08:00
Nazar Gargol
56c4c664c2 Published new versions
- @tryghost/members-api@0.15.1
2020-02-17 16:26:50 +08:00
Nazar Gargol
13773cbeb4 Removed "Complimentary" subscription edit limitation
no issue

- There is no need to treat complimentary subscriptions in different way to regular subscription on the client.
2020-02-17 16:25:41 +08:00
Rish
cf6b9501ca Published new versions
- @tryghost/magic-link@0.4.1
 - @tryghost/members-api@0.15.0
2020-02-12 16:44:08 +05:30
Rishabh Garg
789462aa5f Added labels to member signup flow (#124)
no issue

refs https://github.com/TryGhost/Ghost/pull/11538
2020-02-12 16:42:49 +05:30
Nazar Gargol
5e2256833c Published new versions
- @tryghost/members-api@0.14.2
2020-02-11 14:04:12 +08:00
Nazar Gargol
a669cda605 Added fallback plan nickname to inteval instead of empty string
no issue

- On model layer in Ghost empty string is always converted to `null` for not nullable fields, which wasn't letting the value through to the database
- Current solution is a stopgap to fix imports of cyclic plans without nicknames. Ideally nickname field should become nullable in the future so this logic can be simplified
2020-02-11 14:02:40 +08:00
Nazar Gargol
38bfef2b83 Published new versions
- @tryghost/members-api@0.14.1
2020-02-10 19:01:34 +08:00
Naz
f2a7790cc9 Added plan nickname fallback to empty string (#126)
no issue

- This solves a problem when connected Stripe plan doesn't have plan `nickname` filled out (possible with older versions of Stripe API)
- Defaulting to empty string instead of creating a migration because SQLite doesn't support `ALTER ... MODIFY` syntax and thus knex can't altter the table that easy
- "Marks the column as an alter / modify, instead of the default add. Note: This only works in .alterTable() and is not supported by SQlite or Amazon Redshift. Alter is not done incrementally over older column type so if you like to add notNull and keep the old default value, the alter statement must contain both .notNull().defaultTo(1).alter(). If one just tries to add .notNull().alter() the old default value will be dropped." (ref. https://knexjs.org/#Chainable)
2020-02-10 18:59:52 +08:00
Nazar Gargol
6de6a15376 Published new versions
- @tryghost/magic-link@0.4.0
 - @tryghost/members-api@0.14.0
2020-02-06 18:04:18 +08:00
Naz
2a51a478fc Exposed getMagicLink method (#123)
refs https://github.com/TryGhost/Ghost/pull/11573

- Adds `getMagicLink` method to members-api which can be used to generate a signin link for the member
2020-02-06 17:08:39 +08:00
Nazar Gargol
e4637ac56f Published new versions
- @tryghost/members-api@0.13.0
2020-01-28 19:01:14 +07:00
Naz Gargol
96aea55270 Added ability to link member to existing stripe customer (#120)
refs https://github.com/TryGhost/Ghost/pull/11539

- Method needed to allow linking existing Stripe customers and subscriptions with members
2020-01-28 19:00:28 +07:00
Nazar Gargol
cf0d52c2da Published new versions
- @tryghost/members-api@0.12.0
2020-01-27 12:35:37 +07:00
Naz Gargol
28d3a37824 Added "complimentary" subscription handling (#118)
refs https://github.com/TryGhost/Ghost/pull/11537

- Adds ability to assign and cancel "complimentary" type of subscriptions to the member
- The functionality is needed to be able to provide free premium plans for members (e.g. family members, trials, gifts)
- When member already has an active paid subscription and complimentary one is applied the old one is upgraded. Proration is not given
- When deleting a subscription we need to update localy stored records right away to be albe to reflect the change in the UI. This behavior will also be in line with how subscriptions updates/creates are handled
- Blocked any client update for complimentary subscription. We should prevent non authenticated clients from upgrading/subscribing themselves to "complimentary" plan.
2020-01-27 12:34:22 +07:00
Nazar Gargol
89b78a883d Published new versions
- @tryghost/members-api@0.11.4
2020-01-22 12:54:34 +07:00
Nazar Gargol
726ffaf1f8 🐛 Fixed creation of extra customer when updating plans
no issue

- `customers` property contains an array of customer for which 'for..of' syntax is more appropriate
- Bug was causing creation of multiple customers in Stripe when new checkout session was initiated for existing customer
- Discussed in https://github.com/TryGhost/Members/pull/90/files#r368889289
2020-01-22 12:53:27 +07:00
Nazar Gargol
92b3cc3758 Published new versions
- @tryghost/members-api@0.11.3
2020-01-20 15:59:38 +07:00
Nazar Gargol
6c7139b1fe Fixed preexisting member name check
refs 1dc0b36b56

- The name can also be 'null' so the check should take that into account
2020-01-20 15:51:06 +07:00
Rish
47f5ca6625 Published new versions
- @tryghost/members-api@0.11.2
2020-01-20 13:32:20 +05:30
Rishabh Garg
a1ad80f6ac 🐛 Fixed incorrect fetch of empty stripe subscriptions (#116)
no issue

refs e19e06f9b3

While refactoring user CRUD for Ghost core, we inadvertently changed the members subscriptions object returned by nesting the value as object. This also broke the deserialization in Ghost-Admin for members subscription object [here](https://github.com/TryGhost/Ghost-Admin/blob/master/app/transforms/member-subscription.js#L9).
2020-01-20 13:28:59 +05:30
Nazar Gargol
1dc0b36b56 Updated checkout session to record member name
no issue

- When the customer has provided a name on the card during checkout it should be recorded for convenience as members' name
2020-01-20 13:25:17 +07:00
Nazar Gargol
be207f98e7 Published new versions
- @tryghost/members-api@0.11.1
2020-01-15 15:40:54 +07:00
Naz Gargol
e19e06f9b3 Refactored user CRUD to be usable by Ghost core (#113)
refs https://github.com/TryGhost/Members/pull/105

- It's a follow up to a series of refactorings in the module mostly discussed in refed PR
- The sendEmailWithMagicLink and destroyStripeSubscriptions were exposed through members API so that Ghost  could call it from the controller level
2020-01-15 15:35:15 +07:00
Nazar Gargol
46f6ce8db3 Removed console.log statement in favor of common logger
no issue

- Using console is a very bad practice and probably was left here by mistake. Using common logging instead
2020-01-13 19:16:51 +07:00
Nazar Gargol
3b14e7c1fa Removed redundant empty string handling logic in users module
no issue

- Since the Member model started to be used the logic handling empty strings -> null conversion is now handled in the core here https://github.com/TryGhost/Ghost/blob/8fd1e81/core/server/models/base/index.js#L492-L499
2020-01-13 18:49:25 +07:00
Nazar Gargol
911d5a27fe Published new versions
- @tryghost/magic-link@0.3.3
 - @tryghost/members-api@0.11.0
 - @tryghost/members-ssr@0.7.4
2020-01-13 15:54:59 +07:00
Nazar Gargol
08fbcf25ec Extracted metadata get/set methods into internal metadata module
no issue

- This is the refactor similar to what has been done with Memeber model being passed in directly in the constructor
- Relevent discussion here https://github.com/TryGhost/Members/pull/105#pullrequestreview-324254267
2020-01-13 15:45:22 +07:00
Nazar Gargol
ef3de2a295 Published new versions
- @tryghost/members-api@0.10.2
2019-12-12 15:27:45 +07:00
Naz Gargol
ff5fceafc8 Added subscription update middleware (#107)
refs #https://github.com/TryGhost/Ghost/pull/11434

- Added method to allow updating single subscription. Only `cancel_at_period_end` field can be updated. 
- Middleware is needed to allow Ghost Core to cancel/uncancel member's subscription. 
- Relies on the request containing identity information to be able to verify if subscription belongs to the user
- When member could not be identified by the identity information present in the request we should throw instead of continuing processing
- Handling and messaging inspired by https://github.com/TryGhost/Ghost/blob/3.1.1/core/server/services/mega/mega.js#L132
- When the user initiates subscription cancellation we can safely mark the subscription as canceled so that it's not shown in the interface on subsequent request. Otherwise, we end up in a situation where we still return the subscription in the period until Stripe triggers the webhook.
- Added boolean coercion for cancel_at_period_end parameter. If anything but boolean is passed to Stripe API it throws an error.  Coercing the value on our side is a gives a better dev experience
2019-12-12 15:19:36 +07:00