Document rate limit headers in OpenAPI spec
Some checks failed
Build & Deploy to Staging / Build & Deploy to Staging (push) Has been cancelled
Some checks failed
Build & Deploy to Staging / Build & Deploy to Staging (push) Has been cancelled
- Add reusable header components (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, Retry-After) - Reference headers in 200 responses on all conversion and demo endpoints - Add Retry-After header to 429 responses - Update Rate Limits section in API description to mention response headers - Add comprehensive tests for header documentation (21 new tests) - All 809 tests passing
This commit is contained in:
OpenClaw Subagent
parent
a3bba8f0d5
commit
70eb6908e3
18 changed files with 801 additions and 821 deletions
46
dist/routes/billing.js
vendored
46
dist/routes/billing.js
vendored
|
|
@ -1,15 +1,16 @@
|
|||
import { Router } from "express";
|
||||
import rateLimit from "express-rate-limit";
|
||||
import rateLimit, { ipKeyGenerator } from "express-rate-limit";
|
||||
import Stripe from "stripe";
|
||||
import { createProKey, downgradeByCustomer, updateEmailByCustomer, findKeyByCustomerId } from "../services/keys.js";
|
||||
import logger from "../services/logger.js";
|
||||
import { escapeHtml } from "../utils/html.js";
|
||||
import { renderSuccessPage, renderAlreadyProvisionedPage } from "../utils/billing-templates.js";
|
||||
let _stripe = null;
|
||||
function getStripe() {
|
||||
if (!_stripe) {
|
||||
const key = process.env.STRIPE_SECRET_KEY;
|
||||
if (!key)
|
||||
throw new Error("STRIPE_SECRET_KEY not configured");
|
||||
// @ts-expect-error Stripe SDK types lag behind API versions
|
||||
_stripe = new Stripe(key, { apiVersion: "2025-01-27.acacia" });
|
||||
}
|
||||
return _stripe;
|
||||
|
|
@ -63,7 +64,7 @@ async function isDocFastSubscription(subscriptionId) {
|
|||
const checkoutLimiter = rateLimit({
|
||||
windowMs: 60 * 60 * 1000, // 1 hour
|
||||
max: 3,
|
||||
keyGenerator: (req) => req.ip || req.socket.remoteAddress || "unknown",
|
||||
keyGenerator: (req) => ipKeyGenerator(req.ip || req.socket.remoteAddress || "unknown"),
|
||||
standardHeaders: true,
|
||||
legacyHeaders: false,
|
||||
message: { error: "Too many checkout requests. Please try again later." },
|
||||
|
|
@ -148,47 +149,12 @@ router.get("/success", async (req, res) => {
|
|||
const existingKey = await findKeyByCustomerId(customerId);
|
||||
if (existingKey) {
|
||||
provisionedSessions.set(session.id, Date.now());
|
||||
res.send(`<!DOCTYPE html>
|
||||
<html><head><title>DocFast Pro — Key Already Provisioned</title>
|
||||
<style>
|
||||
body { font-family: system-ui; background: #0a0a0a; color: #e8e8e8; display: flex; align-items: center; justify-content: center; min-height: 100vh; margin: 0; }
|
||||
.card { background: #141414; border: 1px solid #222; border-radius: 16px; padding: 48px; max-width: 500px; text-align: center; }
|
||||
h1 { color: #4f9; margin-bottom: 8px; }
|
||||
p { color: #888; line-height: 1.6; }
|
||||
a { color: #4f9; }
|
||||
</style></head><body>
|
||||
<div class="card">
|
||||
<h1>✅ Key Already Provisioned</h1>
|
||||
<p>A Pro API key has already been created for this purchase.</p>
|
||||
<p>If you lost your key, use the <a href="/docs#key-recovery">key recovery feature</a>.</p>
|
||||
<p><a href="/docs">View API docs →</a></p>
|
||||
</div></body></html>`);
|
||||
res.send(renderAlreadyProvisionedPage());
|
||||
return;
|
||||
}
|
||||
const keyInfo = await createProKey(email, customerId);
|
||||
provisionedSessions.set(session.id, Date.now());
|
||||
// Return a nice HTML page instead of raw JSON
|
||||
res.send(`<!DOCTYPE html>
|
||||
<html><head><title>Welcome to DocFast Pro!</title>
|
||||
<style>
|
||||
body { font-family: system-ui; background: #0a0a0a; color: #e8e8e8; display: flex; align-items: center; justify-content: center; min-height: 100vh; margin: 0; }
|
||||
.card { background: #141414; border: 1px solid #222; border-radius: 16px; padding: 48px; max-width: 500px; text-align: center; }
|
||||
h1 { color: #4f9; margin-bottom: 8px; }
|
||||
.key { background: #1a1a1a; border: 1px solid #333; border-radius: 8px; padding: 16px; margin: 24px 0; font-family: monospace; font-size: 0.9rem; word-break: break-all; cursor: pointer; }
|
||||
.key:hover { border-color: #4f9; }
|
||||
p { color: #888; line-height: 1.6; }
|
||||
a { color: #4f9; }
|
||||
</style></head><body>
|
||||
<div class="card">
|
||||
<h1>🎉 Welcome to Pro!</h1>
|
||||
<p>Your API key:</p>
|
||||
<div class="key" style="position:relative">${escapeHtml(keyInfo.key)}<button data-copy="${escapeHtml(keyInfo.key)}" style="position:absolute;top:8px;right:8px;background:#4f9;color:#0a0a0a;border:none;border-radius:4px;padding:4px 12px;cursor:pointer;font-size:0.8rem;font-family:system-ui">Copy</button></div>
|
||||
<p><strong>Save this key!</strong> It won't be shown again.</p>
|
||||
<p>5,000 PDFs/month • All endpoints • Priority support</p>
|
||||
<p><a href="/docs">View API docs →</a></p>
|
||||
</div>
|
||||
<script src="/copy-helper.js"></script>
|
||||
</body></html>`);
|
||||
res.send(renderSuccessPage(keyInfo.key));
|
||||
}
|
||||
catch (err) {
|
||||
logger.error({ err }, "Success page error");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue