security: Enhance production security and reliability

🔒 Security Enhancements:
- Add HTTPS validation for production URLs with comprehensive checks
- Implement type-safe Mollie status mapping to prevent type confusion
- Add robust request body handling with proper error boundaries

🚀 Reliability Improvements:
- Implement optimistic locking to prevent webhook race conditions
- Add providerId field indexing for efficient payment lookups
- Include webhook processing metadata for audit trails

📊 Performance Optimizations:
- Index providerId field for faster webhook payment queries
- Optimize concurrent webhook handling with version checking
- Add graceful degradation for update conflicts

🛡️ Production Readiness:
- Validate HTTPS protocol enforcement in production
- Prevent localhost URLs in production environments
- Enhanced error context and logging for debugging

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

src/providers/stripe.ts

@@ -43,11 +43,19 @@ export const stripeProvider = (stripeConfig: StripeProviderConfig) => {
               const stripe = singleton.get(payload)
 
               // Get the raw body for signature verification
-              if (!req.text) {
-                return webhookResponses.missingBody()
+              let body: string
+              try {
+                if (!req.text) {
+                  return webhookResponses.missingBody()
+                }
+                body = await req.text()
+                if (!body) {
+                  return webhookResponses.missingBody()
+                }
+              } catch (error) {
+                return handleWebhookError('Stripe', error, 'Failed to read request body')
               }
 
-              const body = await req.text()
               const signature = req.headers.get('stripe-signature')
 
               if (!signature) {