ghostguild-org/server/api/helcim/customer.post.js

// Create a Helcim customer
import jwt from 'jsonwebtoken'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
import { createHelcimCustomer } from '../../utils/helcim.js'

export default defineEventHandler(async (event) => {
  try {
    await connectDB()
    const config = useRuntimeConfig(event)
    const body = await validateBody(event, helcimCustomerSchema)

    // Check if member already exists
    const existingMember = await Member.findOne({ email: body.email })
    if (existingMember) {
      throw createError({
        statusCode: 409,
        statusMessage: 'A member with this email already exists'
      })
    }

    // Create customer in Helcim
    const customerData = await createHelcimCustomer({
      customerType: 'PERSON',
      contactName: body.name,
      email: body.email
    })

    // Create member in database
    const member = await Member.create({
      email: body.email,
      name: body.name,
      circle: body.circle,
      contributionTier: body.contributionTier,
      helcimCustomerId: customerData.id,
      status: 'pending_payment'
    })

    // Generate JWT token for the session
    const token = jwt.sign(
      {
        memberId: member._id,
        email: body.email,
        helcimCustomerId: customerData.id
      },
      config.jwtSecret,
      { expiresIn: '7d' }
    )

    // Set the session cookie server-side
    setCookie(event, 'auth-token', token, {
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'lax',
      maxAge: 60 * 60 * 24 * 7, // 7 days (matches verify.get.js and refresh.post.js)
      path: '/',
      domain: undefined // Let browser set domain automatically
    })
    return {
      success: true,
      customerId: customerData.id,
      customerCode: customerData.customerCode,
      token,
      member: {
        id: member._id,
        email: member.email,
        name: member.name,
        circle: member.circle,
        contributionTier: member.contributionTier,
        status: member.status
      }
    }
  } catch (error) {
    if (error.statusCode) throw error
    console.error('Error creating Helcim customer:', error)
    throw createError({
      statusCode: 500,
      statusMessage: 'An unexpected error occurred'
    })
  }
})