Feat: Implement clients paying from the public invoice page

package.json

@@ -29,6 +29,7 @@
     "@radix-ui/react-slot": "^1.2.3",
     "@radix-ui/react-tabs": "^1.1.13",
     "@radix-ui/react-tooltip": "^1.2.8",
+    "@stripe/stripe-js": "^8.1.0",
     "@tanstack/react-query": "^5.90.2",
     "bcryptjs": "^3.0.2",
     "class-variance-authority": "^0.7.1",
@@ -41,6 +42,7 @@
     "react-dom": "19.1.0",
     "react-hook-form": "^7.64.0",
     "sonner": "^2.0.7",
+    "stripe": "^19.1.0",
     "tailwind-merge": "^3.3.1",
     "zod": "^4.1.12"
   },

src/app/api/pay/route.ts

@@ -0,0 +1,63 @@
+import Stripe from "stripe"
+import { NextResponse } from "next/server"
+import { getErrorMessage } from "@/utils"
+import { getCurrentUser } from "@/lib/session"
+import { prisma } from "@/lib/prisma"
+
+const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!)
+
+export async function POST(req: Request) {
+    try {
+        const { invoiceId, amount, currency = "usd" } = await req.json()
+
+        const session = await stripe.checkout.sessions.create({
+            payment_method_types: ["card"],
+            line_items: [
+                {
+                    price_data: {
+                        currency,
+                        product_data: { name: `Invoice #${invoiceId}` },
+                        unit_amount: Math.round(amount * 100),
+                    },
+                    quantity: 1,
+                },
+            ],
+            mode: "payment",
+            success_url: `${process.env.NEXT_PUBLIC_APP_URL}/invoice/${invoiceId}?success=true&session_id={CHECKOUT_SESSION_ID}`,
+            cancel_url: `${process.env.NEXT_PUBLIC_APP_URL}/invoice/${invoiceId}?canceled=true`,
+            metadata: { invoiceId, amount },
+        })
+
+        return NextResponse.json({ url: session.url })
+    } catch (error) {
+        console.error(error)
+        return NextResponse.json({ error: "Failed to create checkout session" }, { status: 500 })
+    }
+}
+
+
+export async function GET() {
+    try {
+        const user = await getCurrentUser()
+        if (!user) {
+            return NextResponse.json({ error: "Unauthorized" }, { status: 401 })
+        }
+
+        const payments = await prisma.payment.findMany({
+            where: { userId: user.id },
+            include: {
+                invoice: {
+                    include: {
+                        client: true,
+                    }
+                },
+            }
+        })
+
+        return NextResponse.json({ data: payments }, { status: 200 })
+
+    } catch (err: unknown) {
+        const message = getErrorMessage(err)
+        return NextResponse.json({ error: message || "Failed to fetch payments" }, { status: 400 })
+    }
+}

src/app/api/pay/verify/route.ts

@@ -0,0 +1,75 @@
+import { NextResponse } from "next/server"
+import Stripe from "stripe"
+import { prisma } from "@/lib/prisma"
+
+const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!, {
+    apiVersion: "2025-09-30.clover",
+})
+
+export async function GET(req: Request) {
+    const { searchParams } = new URL(req.url)
+    const session_id = searchParams.get("session_id")
+
+    if (!session_id) {
+        return NextResponse.json({ success: false, message: "Missing session ID" }, { status: 400 })
+    }
+
+    try {
+        const session = await stripe.checkout.sessions.retrieve(session_id)
+        const invoiceId = session.metadata?.invoiceId
+        const amountPaid = (session.amount_total ?? 0) / 100
+
+        if (session.payment_status === "paid" && invoiceId) {
+            const invoice = await prisma.invoice.findUnique({
+                where: { id: invoiceId },
+            })
+            if (!invoice) throw new Error("Invoice not found")
+
+            const newPaid = (invoice.paidAmount ?? 0) + amountPaid
+            const due = Math.max(invoice.totalAmount - newPaid, 0)
+            const status = due === 0 ? "PAID" : "PARTIALLY_PAID"
+
+            await prisma.invoice.update({
+                where: { id: invoiceId },
+                data: {
+                    paidAmount: newPaid,
+                    dueAmount: due,
+                    status,
+                },
+            })
+
+            const payment = await prisma.payment.findUnique({
+                where: { invoiceId }
+            })
+
+            if (payment) {
+                await prisma.payment.update({
+                    where: { invoiceId },
+                    data: {
+                        amount: payment.amount + amountPaid,
+                        stripeSessionId: session.id,
+                        status: session.payment_status,
+                        createdAt: new Date(),
+                    },
+                })
+            } else {
+                await prisma.payment.create({
+                    data: {
+                        invoiceId,
+                        amount: amountPaid,
+                        stripeSessionId: session.id,
+                        status: session.payment_status,
+                        userId: invoice.userId,
+                    },
+                })
+            }
+
+            return NextResponse.json({ success: true })
+        }
+
+        return NextResponse.json({ success: false })
+    } catch (error) {
+        console.error(error)
+        return NextResponse.json({ success: false, message: "Verification failed" }, { status: 500 })
+    }
+}