Merge pull request #384 from akintewe/feat/transak-onramp-integration

Author: davedumto

app/api/wallet/onramp/order/route.ts

@@ -0,0 +1,88 @@
+/**
+ * POST /api/wallet/onramp/order
+ *
+ * Called by the client (useTransak hook) after a successful Transak order event.
+ * Upserts the order record in transak_orders tied to the authenticated user.
+ *
+ * This is a convenience path for client-initiated upserts. The authoritative
+ * record update comes via the server-side webhook at /api/webhooks/transak.
+ */
+
+import { NextRequest, NextResponse } from "next/server";
+import { sql } from "@vercel/postgres";
+import { verifySession } from "@/lib/auth/verify-session";
+
+export async function POST(req: NextRequest) {
+  const session = await verifySession(req);
+  if (!session.ok) {
+    return session.response;
+  }
+
+  let body: {
+    id?: string;
+    status?: string;
+    cryptoAmount?: number | null;
+    cryptoCurrency?: string;
+    fiatAmount?: number;
+    fiatCurrency?: string;
+    walletAddress?: string;
+    txHash?: string | null;
+  };
+
+  try {
+    body = await req.json();
+  } catch {
+    return NextResponse.json({ error: "Invalid JSON" }, { status: 400 });
+  }
+
+  const {
+    id,
+    status,
+    cryptoAmount,
+    cryptoCurrency,
+    fiatAmount,
+    fiatCurrency,
+    walletAddress,
+    txHash,
+  } = body;
+
+  if (!id || typeof id !== "string" || id.trim() === "") {
+    return NextResponse.json({ error: "Missing order id" }, { status: 400 });
+  }
+  if (!status || typeof status !== "string") {
+    return NextResponse.json({ error: "Missing order status" }, { status: 400 });
+  }
+
+  try {
+    await sql`
+      INSERT INTO transak_orders (
+        id, user_id, status, crypto_amount, crypto_currency,
+        fiat_amount, fiat_currency, wallet_address, tx_hash,
+        created_at, updated_at
+      )
+      VALUES (
+        ${id},
+        ${session.userId},
+        ${status},
+        ${cryptoAmount ?? null},
+        ${cryptoCurrency ?? null},
+        ${fiatAmount ?? null},
+        ${fiatCurrency ?? null},
+        ${walletAddress ?? null},
+        ${txHash ?? null},
+        now(),
+        now()
+      )
+      ON CONFLICT (id) DO UPDATE SET
+        status        = EXCLUDED.status,
+        crypto_amount = COALESCE(EXCLUDED.crypto_amount, transak_orders.crypto_amount),
+        tx_hash       = COALESCE(EXCLUDED.tx_hash,       transak_orders.tx_hash),
+        updated_at    = now()
+    `;
+
+    return NextResponse.json({ ok: true });
+  } catch (err) {
+    console.error("[onramp/order] DB error:", err);
+    return NextResponse.json({ error: "Failed to save order" }, { status: 500 });
+  }
+}

app/api/webhooks/transak/route.ts

@@ -0,0 +1,125 @@
+/**
+ * POST /api/webhooks/transak
+ *
+ * Receives server-side order status updates from Transak.
+ * Verifies the X-Transak-Signature HMAC-SHA256 header, then upserts
+ * the order into transak_orders.
+ *
+ * Setup:
+ *  1. In the Transak dashboard, set the webhook URL to:
+ *       https://<your-domain>/api/webhooks/transak
+ *  2. Copy the webhook secret into TRANSAK_WEBHOOK_SECRET env var.
+ *
+ * Signature format (Transak):
+ *   X-Transak-Signature: <hex-encoded HMAC-SHA256(secret, rawBody)>
+ */
+
+import { createHmac, timingSafeEqual } from "crypto";
+import { NextResponse } from "next/server";
+import { sql } from "@vercel/postgres";
+import type { TransakWebhookPayload } from "@/types/transak";
+
+function verifyTransakSignature(
+  signature: string,
+  rawBody: string,
+  secret: string
+): boolean {
+  const expected = createHmac("sha256", secret)
+    .update(rawBody)
+    .digest("hex");
+
+  try {
+    return timingSafeEqual(Buffer.from(expected), Buffer.from(signature));
+  } catch {
+    return false;
+  }
+}
+
+export async function POST(req: Request) {
+  const rawBody = await req.text();
+  const signature = req.headers.get("x-transak-signature");
+  const webhookSecret = process.env.TRANSAK_WEBHOOK_SECRET;
+
+  if (webhookSecret) {
+    if (!signature) {
+      console.error("❌ [transak webhook] Missing X-Transak-Signature header");
+      return NextResponse.json({ error: "Missing signature" }, { status: 401 });
+    }
+    if (!verifyTransakSignature(signature, rawBody, webhookSecret)) {
+      console.error("❌ [transak webhook] Invalid signature");
+      return NextResponse.json({ error: "Invalid signature" }, { status: 401 });
+    }
+  } else {
+    console.warn(
+      "⚠️  TRANSAK_WEBHOOK_SECRET not set — skipping signature verification (set it in production)"
+    );
+  }
+
+  let payload: TransakWebhookPayload;
+  try {
+    payload = JSON.parse(rawBody);
+  } catch {
+    return NextResponse.json({ error: "Invalid JSON" }, { status: 400 });
+  }
+
+  const order = payload?.webhookData;
+  if (!order?.id || !order?.status) {
+    console.error("❌ [transak webhook] Missing order data in payload", payload);
+    return NextResponse.json({ error: "Invalid payload" }, { status: 400 });
+  }
+
+  console.log(`🔔 Transak webhook: order ${order.id} → ${order.status}`);
+
+  try {
+    // Resolve the StreamFi user by wallet address so we can associate the order.
+    // wallet_address is the Stellar public key the user provided to Transak.
+    const userResult = await sql`
+      SELECT id FROM users WHERE wallet = ${order.walletAddress} LIMIT 1
+    `;
+    const userId: string | null =
+      userResult.rows.length > 0 ? userResult.rows[0].id : null;
+
+    await sql`
+      INSERT INTO transak_orders (
+        id, user_id, status, crypto_amount, crypto_currency,
+        fiat_amount, fiat_currency, wallet_address, tx_hash,
+        created_at, updated_at
+      )
+      VALUES (
+        ${order.id},
+        ${userId},
+        ${order.status},
+        ${order.cryptoAmount ?? null},
+        ${order.cryptoCurrency ?? null},
+        ${order.fiatAmount ?? null},
+        ${order.fiatCurrency ?? null},
+        ${order.walletAddress ?? null},
+        ${order.transactionHash ?? null},
+        now(),
+        now()
+      )
+      ON CONFLICT (id) DO UPDATE SET
+        status        = EXCLUDED.status,
+        crypto_amount = COALESCE(EXCLUDED.crypto_amount, transak_orders.crypto_amount),
+        tx_hash       = COALESCE(EXCLUDED.tx_hash,       transak_orders.tx_hash),
+        updated_at    = now()
+    `;
+
+    console.log(`✅ [transak webhook] Upserted order ${order.id}`);
+    return NextResponse.json({ received: true });
+  } catch (err) {
+    console.error("❌ [transak webhook] DB error:", err);
+    return NextResponse.json(
+      { error: "Failed to process webhook" },
+      { status: 500 }
+    );
+  }
+}
+
+// Health check
+export async function GET() {
+  return NextResponse.json({
+    status: "ok",
+    message: "Transak webhook endpoint is active",
+  });
+}

app/dashboard/payout/page.tsx

@@ -6,6 +6,8 @@ import useSWR from "swr";
 import Link from "next/link";
 import { motion, AnimatePresence } from "framer-motion";
 import { TipCounter } from "@/components/tipping";
+import { AddFundsButton } from "@/components/wallet/AddFundsButton";
+import { TRANSAK_ORDER_COMPLETE_EVENT } from "@/hooks/useTransak";
 import {
   Wallet,
   Copy,
@@ -85,6 +87,15 @@ export default function PayoutPage() {
     return () => clearInterval(interval);
   }, [fetchPrice]);
 
+  // Refresh balance automatically after a completed Transak order
+  useEffect(() => {
+    const handler = () => {
+      void refreshBalance();
+    };
+    window.addEventListener(TRANSAK_ORDER_COMPLETE_EVENT, handler);
+    return () => window.removeEventListener(TRANSAK_ORDER_COMPLETE_EVENT, handler);
+  }, [refreshBalance]);
+
   const handleCopy = () => {
     if (!walletAddress) {
       return;
@@ -146,18 +157,27 @@ export default function PayoutPage() {
                     Stellar Balance
                   </span>
                 </div>
-                <button
-                  onClick={() => refreshBalance()}
-                  className="p-1.5 rounded-lg hover:bg-muted transition-colors text-muted-foreground"
-                  aria-label="Refresh balance"
-                >
-                  <RefreshCcw
-                    className={cn(
-                      "w-4 h-4",
-                      balanceLoading && "animate-spin text-highlight"
-                    )}
-                  />
-                </button>
+                <div className="flex items-center gap-2">
+                  {walletAddress && (
+                    <AddFundsButton
+                      walletAddress={walletAddress}
+                      email={privyWallet?.email ?? undefined}
+                      isPrivyUser={isPrivyUser}
+                    />
+                  )}
+                  <button
+                    onClick={() => refreshBalance()}
+                    className="p-1.5 rounded-lg hover:bg-muted transition-colors text-muted-foreground"
+                    aria-label="Refresh balance"
+                  >
+                    <RefreshCcw
+                      className={cn(
+                        "w-4 h-4",
+                        balanceLoading && "animate-spin text-highlight"
+                      )}
+                    />
+                  </button>
+                </div>
               </div>
 
               {/* Balance amount */}

components/tipping/TipModal.tsx

@@ -14,6 +14,7 @@ import {
 import { Input } from "@/components/ui/input";
 import { Label } from "@/components/ui/label";
 import { Loader2, XCircle, AlertTriangle } from "lucide-react";
+import { AddFundsButton } from "@/components/wallet/AddFundsButton";
 import {
   buildTipTransaction,
   submitTransaction,
@@ -33,6 +34,8 @@ interface TipModalProps {
   recipientPublicKey: string;
   recipientAvatar?: string;
   senderPublicKey: string;
+  /** Whether the sender is a Privy custodial user — used to contextualise the "Add Funds" nudge */
+  isPrivyUser?: boolean;
   onSuccess?: (txHash: string, amount: string) => void;
   onError?: (error: string) => void;
 }
@@ -56,6 +59,7 @@ export function TipModal({
   recipientPublicKey,
   recipientAvatar,
   senderPublicKey,
+  isPrivyUser = false,
   onSuccess,
   onError,
 }: TipModalProps) {
@@ -75,6 +79,7 @@ export function TipModal({
     details?: string;
     code?: string;
   } | null>(null);
+  const [isInsufficientBalance, setIsInsufficientBalance] = useState(false);
 
   const { kit } = useStellarWallet();
   const fee = calculateFeeEstimate();
@@ -113,6 +118,7 @@ export function TipModal({
     setTxHash(null);
     setIsConfirmationOpen(false);
     setStructuredError(null);
+    setIsInsufficientBalance(false);
   };
 
   const handlePresetClick = (presetAmount: number) => {
@@ -188,6 +194,7 @@ export function TipModal({
         setError(
           "Insufficient balance. Please ensure you have enough XLM to cover the tip and transaction fee."
         );
+        setIsInsufficientBalance(true);
         setTransactionState("error");
         if (onError) {
           onError("Insufficient balance");
@@ -491,6 +498,19 @@ export function TipModal({
               </div>
             </div>
           )}
+
+          {/* Add Funds nudge — shown when balance is too low */}
+          {isInsufficientBalance && transactionState === "error" && !isConfirmationOpen && (
+            <div className="flex items-center justify-between gap-3 p-3 bg-highlight/10 border border-highlight/20 rounded-lg">
+              <p className="text-xs text-muted-foreground leading-relaxed">
+                Need more XLM? Top up your wallet instantly with fiat.
+              </p>
+              <AddFundsButton
+                walletAddress={senderPublicKey}
+                isPrivyUser={isPrivyUser}
+              />
+            </div>
+          )}
         </div>
 
         <DialogFooter>