fix: Address critical webhook and optimistic locking issues

🔒 Critical Fixes: - Implement proper optimistic locking with conflict detection and verification - Only register webhook endpoints when providers are properly configured - Move provider validation to initialization for early error detection - Fix TypeScript query structure for payment conflict checking 🛡️ Security Improvements: - Stripe webhooks only registered when webhookSecret is provided - Mollie validation ensures API key is present at startup - Prevent exposure of unconfigured webhook endpoints 🚀 Reliability Enhancements: - Payment update conflicts are properly detected and logged - Invoice updates only proceed when payment updates succeed - Enhanced error handling with graceful degradation - Return boolean success indicators for better error tracking 🐛 Bug Fixes: - Fix PayloadCMS query structure for optimistic locking - Proper webhook endpoint conditional registration - Early validation prevents runtime configuration errors 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-10 02:43:24 +00:00 · 2025-09-17 19:06:09 +02:00
parent 50f1267941
commit 031350ec6b
3 changed files with 71 additions and 31 deletions
--- a/src/providers/utils.ts
+++ b/src/providers/utils.ts
@@ -43,7 +43,7 @@ export async function findPaymentByProviderId(
 }

 /**
- * Update payment status and provider data with optimistic locking
+ * Update payment status and provider data with proper optimistic locking
 */
 export async function updatePaymentStatus(
  payload: Payload,
@@ -51,10 +51,10 @@ export async function updatePaymentStatus(
  status: Payment['status'],
  providerData: any,
  pluginConfig: BillingPluginConfig
-): Promise<void> {
+): Promise<boolean> {
  const paymentsCollection = extractSlug(pluginConfig.collections?.payments || defaults.paymentsCollection)

-  // Get current payment to check updatedAt for optimistic locking
+  // Get current payment to check for concurrent modifications
  const currentPayment = await payload.findByID({
    collection: paymentsCollection,
    id: paymentId
@@ -62,8 +62,23 @@ export async function updatePaymentStatus(

  const now = new Date().toISOString()

+  // First, try to find payments that match both ID and current updatedAt
+  const conflictCheck = await payload.find({
+    collection: paymentsCollection,
+    where: {
+      id: { equals: paymentId },
+      updatedAt: { equals: currentPayment.updatedAt }
+    }
+  })
+
+  // If no matching payment found, it means it was modified concurrently
+  if (conflictCheck.docs.length === 0) {
+    console.warn(`[Payment Update] Concurrent modification detected for payment ${paymentId}, skipping update`)
+    return false
+  }
+
  try {
-    await payload.update({
+    const result = await payload.update({
      collection: paymentsCollection,
      id: paymentId,
      data: {
@@ -73,18 +88,19 @@ export async function updatePaymentStatus(
          webhookProcessedAt: now,
          previousStatus: currentPayment.status
        }
-      },
-      // Only update if the payment hasn't been modified since we read it
-      where: {
-        updatedAt: {
-          equals: currentPayment.updatedAt
-        }
      }
    })
+
+    // Verify the update actually happened by checking if updatedAt changed
+    if (result.updatedAt === currentPayment.updatedAt) {
+      console.warn(`[Payment Update] Update may have failed for payment ${paymentId} - updatedAt unchanged`)
+      return false
+    }
+
+    return true
  } catch (error) {
-    // If update failed due to concurrent modification, log and continue
-    // The webhook will be retried by the provider if needed
-    console.warn(`[Payment Update] Potential race condition detected for payment ${paymentId}:`, error)
+    console.error(`[Payment Update] Failed to update payment ${paymentId}:`, error)
+    return false
  }
 }