Assist_Design/apps/bff/src/modules/invoices/invoices.controller.ts

import {
  Controller,
  Get,
  Post,
  Param,
  Query,
  Request,
  ParseIntPipe,
  HttpCode,
  HttpStatus,
  BadRequestException,
  UsePipes,
} from "@nestjs/common";
import { InvoicesOrchestratorService } from "./services/invoices-orchestrator.service";
import { WhmcsService } from "@bff/integrations/whmcs/whmcs.service";
import { MappingsService } from "@bff/modules/id-mappings/mappings.service";
import { ZodValidationPipe } from "@bff/core/validation";

import type {
  Invoice,
  InvoiceList,
  InvoiceSsoLink,
  Subscription,
  PaymentMethodList,
  PaymentGatewayList,
  InvoicePaymentLink,
  InvoiceListQuery,
} from "@customer-portal/domain/billing";
import { invoiceListQuerySchema } from "@customer-portal/domain/billing";

interface AuthenticatedRequest {
  user: { id: string };
}

@Controller("invoices")
export class InvoicesController {
  constructor(
    private readonly invoicesService: InvoicesOrchestratorService,
    private readonly whmcsService: WhmcsService,
    private readonly mappingsService: MappingsService
  ) {}

  @Get()
  @UsePipes(new ZodValidationPipe(invoiceListQuerySchema))
  async getInvoices(
    @Request() req: AuthenticatedRequest,
    @Query() query: InvoiceListQuery
  ): Promise<InvoiceList> {
    return this.invoicesService.getInvoices(req.user.id, query);
  }

  @Get("payment-methods")
  async getPaymentMethods(@Request() req: AuthenticatedRequest): Promise<PaymentMethodList> {
    const mapping = await this.mappingsService.findByUserId(req.user.id);
    if (!mapping?.whmcsClientId) {
      throw new Error("WHMCS client mapping not found");
    }
    return this.whmcsService.getPaymentMethods(mapping.whmcsClientId, req.user.id);
  }

  @Get("payment-gateways")
  async getPaymentGateways(): Promise<PaymentGatewayList> {
    return this.whmcsService.getPaymentGateways();
  }

  @Post("payment-methods/refresh")
  @HttpCode(HttpStatus.OK)
  async refreshPaymentMethods(@Request() req: AuthenticatedRequest): Promise<PaymentMethodList> {
    // Invalidate cache first
    await this.whmcsService.invalidatePaymentMethodsCache(req.user.id);

    // Return fresh payment methods
    const mapping = await this.mappingsService.findByUserId(req.user.id);
    if (!mapping?.whmcsClientId) {
      throw new Error("WHMCS client mapping not found");
    }
    return this.whmcsService.getPaymentMethods(mapping.whmcsClientId, req.user.id);
  }

  @Get(":id")
  async getInvoiceById(
    @Request() req: AuthenticatedRequest,
    @Param("id", ParseIntPipe) invoiceId: number
  ): Promise<Invoice> {
    if (invoiceId <= 0) {
      throw new BadRequestException("Invoice ID must be a positive number");
    }

    return this.invoicesService.getInvoiceById(req.user.id, invoiceId);
  }

  @Get(":id/subscriptions")
  getInvoiceSubscriptions(
    @Request() req: AuthenticatedRequest,
    @Param("id", ParseIntPipe) invoiceId: number
  ): Subscription[] {
    if (invoiceId <= 0) {
      throw new BadRequestException("Invoice ID must be a positive number");
    }

    // This functionality has been moved to WHMCS directly
    // For now, return empty array as subscriptions are managed in WHMCS
    return [];
  }

  @Post(":id/sso-link")
  @HttpCode(HttpStatus.OK)
  async createSsoLink(
    @Request() req: AuthenticatedRequest,
    @Param("id", ParseIntPipe) invoiceId: number,
    @Query("target") target?: "view" | "download" | "pay"
  ): Promise<InvoiceSsoLink> {
    if (invoiceId <= 0) {
      throw new BadRequestException("Invoice ID must be a positive number");
    }

    // Validate target parameter
    if (target && !["view", "download", "pay"].includes(target)) {
      throw new BadRequestException('Target must be "view", "download", or "pay"');
    }

    const mapping = await this.mappingsService.findByUserId(req.user.id);
    if (!mapping?.whmcsClientId) {
      throw new Error("WHMCS client mapping not found");
    }

    const ssoUrl = await this.whmcsService.whmcsSsoForInvoice(
      mapping.whmcsClientId,
      invoiceId,
      target || "view"
    );

    return {
      url: ssoUrl,
      expiresAt: new Date(Date.now() + 60000).toISOString(), // 60 seconds per WHMCS spec
    };
  }

  @Post(":id/payment-link")
  @HttpCode(HttpStatus.OK)
  async createPaymentLink(
    @Request() req: AuthenticatedRequest,
    @Param("id", ParseIntPipe) invoiceId: number,
    @Query("paymentMethodId") paymentMethodId?: string,
    @Query("gatewayName") gatewayName?: string
  ): Promise<InvoicePaymentLink> {
    if (invoiceId <= 0) {
      throw new BadRequestException("Invoice ID must be a positive number");
    }

    const paymentMethodIdNum = paymentMethodId ? parseInt(paymentMethodId, 10) : undefined;
    if (paymentMethodId && (isNaN(paymentMethodIdNum!) || paymentMethodIdNum! <= 0)) {
      throw new BadRequestException("Payment method ID must be a positive number");
    }

    const mapping = await this.mappingsService.findByUserId(req.user.id);
    if (!mapping?.whmcsClientId) {
      throw new Error("WHMCS client mapping not found");
    }

    const ssoResult = await this.whmcsService.createPaymentSsoToken(
      mapping.whmcsClientId,
      invoiceId,
      paymentMethodIdNum,
      gatewayName || "stripe"
    );

    return {
      url: ssoResult.url,
      expiresAt: ssoResult.expiresAt,
      gatewayName: gatewayName || "stripe",
    };
  }
}