There was already a PR for this (#420), but I switched the branch over to my own fork for more proper git usage, so I had to create a new PR. Everything is essentially the same as before, except the branch has been rebased onto the latest version of master, and I made some tweaks to make things work nicely with the new subscription banner.
Overview
When a department's subscription expires, they should no longer be able to access any subscriber endpoints or any pages in the app which access subscriber endpoints.
GitHub Issues
405
Changes
Added subscription column to FireDepartment which stores latest Chargebee subscription json data.
Added Chargebee webhook which updates a fire department's subscription data whenever it changes.
Added express-basic-auth module for authorizing Chargebee webhook calls. Webhook credentials are stored in config.chargebee.webhook. On production the username and password are pulled from CHARGEBEE_WEBHOOK_USERNAME and CHARGEBEE_WEBHOOK_PASSWORD.
Changed getSubscription() to refreshSubscription() in the api fire department controller, so that if a user clicks the Refresh button on the subscription error dialog the department saves its refreshed subscription data.
Moved grace period days value server-side using a setter on the FireDepartment subscription field to ensure consistency between server and client.
Added hasActiveSubscription auth middleware which will throw an error and optionally redirect if an error occurs (used for Kibana routes).
Applied hasActiveSubscription middleware to any endpoint which was already using hasFireDepartment midddleware.
Updated subscription error flow on the client so that the error dialog is shown when a transition error occurs.
Added /api/admin/refreshAllSubscriptions admin endpoint which will update every department with their current subscription data.
Screenshots / Videos
Subscription Canceled
Since most endpoints fail now with an invalid subscription, we can't load any app pages behind the error dialog. It might be nicer to make a special page for this in the future, but I think this works ok for now.
Subscription Not Found
This is an unlikely condition, but it's technically a possibility so I went ahead and handled it just in case to avoid any potential confusion. I think it would only happen if someone tried to login immediately after the subscription was created in Chargebee, before the webhook was hit, or if their subscription data got nulled out for some other reason.
Steps to Test
Sync database schema.
Run /api/admin/refreshAllSubscriptions endpoint to update department subscription data with current Chargebee data.
Setup and run local webhook receiver (such as UltraHook).
Cancel department subscription in Chargebee and wait a few seconds for the webhook to be hit.
Try to access any restricted endpoint and you should receive an error.
Reactivate department subscription in Chargebee and wait a few seconds for the webhook to be hit.
Try to access any restricted endpoint and it should now work.
To disable the grace period, you can comment out line 178 of auth.service.js.
To test the "not found" error, just null out the department's subscription column in the database.
Steps to Deploy
Add subscription json column to "FireDepartments" table
Setup production Chargebee webhook (Chargebee Dashboard -> Settings -> Configure Chargebee -> Webhooks). The webhook url should be https://www.statengine.io/api/chargebee/webhook, and basic auth should be enabled with whatever username/password you want.
Add CHARGEBEE_WEBHOOK_USERNAME and CHARGEBEE_WEBHOOK_PASSWORD to environment variables using basic auth username/password that you entered when setting up the production webhook.
Make API request to https://www.statengine.io/api/admin/refreshAllSubscriptions to update all departments with their current subscription data.
There was already a PR for this (#420), but I switched the branch over to my own fork for more proper git usage, so I had to create a new PR. Everything is essentially the same as before, except the branch has been rebased onto the latest version of master, and I made some tweaks to make things work nicely with the new subscription banner.
Overview
When a department's subscription expires, they should no longer be able to access any subscriber endpoints or any pages in the app which access subscriber endpoints.
GitHub Issues
405
Changes
subscription
column to FireDepartment which stores latest Chargebee subscription json data.express-basic-auth
module for authorizing Chargebee webhook calls. Webhook credentials are stored inconfig.chargebee.webhook
. On production the username and password are pulled fromCHARGEBEE_WEBHOOK_USERNAME
andCHARGEBEE_WEBHOOK_PASSWORD
.getSubscription()
torefreshSubscription()
in the api fire department controller, so that if a user clicks the Refresh button on the subscription error dialog the department saves its refreshed subscription data.subscription
field to ensure consistency between server and client.hasActiveSubscription
auth middleware which will throw an error and optionally redirect if an error occurs (used for Kibana routes).hasActiveSubscription
middleware to any endpoint which was already usinghasFireDepartment
midddleware./api/admin/refreshAllSubscriptions
admin endpoint which will update every department with their current subscription data.Screenshots / Videos
Subscription Canceled
Since most endpoints fail now with an invalid subscription, we can't load any app pages behind the error dialog. It might be nicer to make a special page for this in the future, but I think this works ok for now.
Subscription Not Found
This is an unlikely condition, but it's technically a possibility so I went ahead and handled it just in case to avoid any potential confusion. I think it would only happen if someone tried to login immediately after the subscription was created in Chargebee, before the webhook was hit, or if their subscription data got nulled out for some other reason.
Steps to Test
/api/admin/refreshAllSubscriptions
endpoint to update department subscription data with current Chargebee data.To disable the grace period, you can comment out line 178 of
auth.service.js
.To test the "not found" error, just null out the department's
subscription
column in the database.Steps to Deploy
subscription
json column to "FireDepartments" tablehttps://www.statengine.io/api/chargebee/webhook
, and basic auth should be enabled with whatever username/password you want.CHARGEBEE_WEBHOOK_USERNAME
andCHARGEBEE_WEBHOOK_PASSWORD
to environment variables using basic auth username/password that you entered when setting up the production webhook.https://www.statengine.io/api/admin/refreshAllSubscriptions
to update all departments with their current subscription data.