Fix some issues

Reviewed-on: #6

.env.exemple

@@ -0,0 +1,30 @@
+# Configuration OVH
+OVH_APP_KEY=
+OVH_APP_SECRET=
+OVH_CONSUMER_KEY=
+OVH_SMS_SERVICE_NAME=
+
+# Configuration SMS Factor
+SMS_FACTOR_TOKEN=
+
+#Configuration Mailchimp
+MAILCHIMP_API_KEY=
+MAILCHIMP_KEY=
+MAILCHIMP_LIST_ID=
+
+
+#Configuration Stripe
+STRIPE_SECRET_KEY=
+STRIPE_WEBHOOK_SECRET=
+STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=
+STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=
+STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=
+STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=
+
+#Cartes de test Stripe
+SUCCES= 4242 4242 4242 4242   #Paiement réussi
+DECLINED= 4000 0025 0000 3155   #Paiement refusé
+
+# Configuration serveur
+APP_HOST=
+PORT=

.github/workflows/main.yml

@@ -3,6 +3,9 @@ name: Build and Push to Registry
 on:
   push:
     branches: [ main ]
+  pull_request:
+    types: [closed]
+    branches: [ main ]
 
 env:
   REGISTRY: git.4nkweb.com
@@ -11,6 +14,7 @@ env:
 jobs:
   build-and-push:
     runs-on: ubuntu-latest
+    if: github.event.pull_request.merged == true || github.event_name == 'push'
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4

package.json

@@ -8,9 +8,14 @@
     "dev": "nodemon src/server.js"
   },
   "dependencies": {
+    "@mailchimp/mailchimp_transactional": "^1.0.59",
     "cors": "^2.8.5",
+    "dotenv": "^17.2.0",
     "express": "^4.18.2",
-    "node-fetch": "^2.6.7"
+    "node-fetch": "^2.6.7",
+    "ovh": "^2.0.3",
+    "stripe": "^18.3.0",
+    "uuid": "^11.1.0"
   },
   "devDependencies": {
     "nodemon": "^3.0.1"

src/server.js

@@ -1,6 +1,11 @@
 const express = require('express');
 const cors = require('cors');
 const fetch = require('node-fetch');
+const { v4: uuidv4 } = require('uuid');
+const ovh = require('ovh');
+const mailchimp = require('@mailchimp/mailchimp_transactional');
+const Stripe = require('stripe');
+require('dotenv').config();
 
 // Initialisation de l'application Express
 const app = express();
@@ -8,7 +13,7 @@ const PORT = process.env.PORT || 8080;
 
 // Configuration CORS
 const corsOptions = {
-  origin: ['http://local.lecoffreio.4nkweb:3000', 'http://localhost:3000'],
+  origin: ['http://local.lecoffreio.4nkweb:3000', 'http://localhost:3000', 'https://lecoffreio.4nkweb.com'],
   methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
   allowedHeaders: ['Content-Type', 'Authorization']
 };
@@ -16,52 +21,99 @@ const corsOptions = {
 app.use(cors(corsOptions));
 app.use(express.json());
 
+const authTokens = [];
+
+const ECivility = {
+  MALE: 'MALE',
+  FEMALE: 'FEMALE',
+  OTHERS: 'OTHERS'
+};
+
+const EOfficeStatus = {
+  ACTIVATED: 'ACTIVATED',
+  DESACTIVATED: 'DESACTIVATED'
+};
+
+const EIdnotRole = {
+  DIRECTEUR: "Directeur général du CSN",
+  NOTAIRE_TITULAIRE: "Notaire titulaire",
+  NOTAIRE_ASSOCIE: "Notaire associé",
+  NOTAIRE_SALARIE: "Notaire salarié",
+  COLLABORATEUR: "Collaborateur",
+  SECRETAIRE_GENERAL: "Secrétaire général",
+  SUPPLEANT: "Suppléant",
+  ADMINISTRATEUR: "Administrateur",
+  RESPONSABLE: "Responsable",
+  CURATEUR: "Curateur",
+}
+
 function getOfficeStatus(statusName) {
   switch (statusName) {
-    case 'Pourvu':
-      return 'ACTIVATED';
-    case 'Pourvu mais décédé':
-      return 'ACTIVATED';
-    case 'Sans titulaire':
-      return 'ACTIVATED';
-    case 'Vacance':
-      return 'ACTIVATED';
-    case 'En activité':
-      return 'ACTIVATED';
+    case "Pourvu":
+      return EOfficeStatus.ACTIVATED;
+    case "Pourvu mais décédé":
+      return EOfficeStatus.ACTIVATED;
+    case "Sans titulaire":
+      return EOfficeStatus.ACTIVATED;
+    case "Vacance":
+      return EOfficeStatus.ACTIVATED;
+    case "En activité":
+      return EOfficeStatus.ACTIVATED;
     default:
-      return 'DESACTIVATED';
+      return EOfficeStatus.DESACTIVATED;
+  }
+}
+
+function getOfficeRole(roleName) {
+  switch (roleName) {
+    case EIdnotRole.NOTAIRE_TITULAIRE:
+      return { name: 'Notaire' };
+    case EIdnotRole.NOTAIRE_ASSOCIE:
+      return { name: 'Notaire' };
+    case EIdnotRole.NOTAIRE_SALARIE:
+      return { name: 'Notaire' };
+    case EIdnotRole.COLLABORATEUR:
+      return { name: 'Collaborateur' };
+    case EIdnotRole.SUPPLEANT:
+      return { name: 'Collaborateur' };
+    case EIdnotRole.ADMINISTRATEUR:
+      return { name: 'Collaborateur' };
+    case EIdnotRole.CURATEUR:
+      return { name: 'Collaborateur' };
+    default:
+      return null;
   }
 }
 
 function getRole(roleName) {
   switch (roleName) {
-    case 'Notaire titulaire':
-      return { name: 'admin', label: 'Administrateur' };
-    case 'Notaire associé':
-      return { name: 'admin', label: 'Administrateur' };
-    case 'Notaire salarié':
-      return { name: 'notary', label: 'Notaire' };
-    case 'Collaborateur':
-      return { name: 'notary', label: 'Notaire' };
-    case 'Suppléant':
-      return { name: 'notary', label: 'Notaire' };
-    case 'Administrateur':
-      return { name: 'admin', label: 'Administrateur' };
-    case 'Curateur':
-      return { name: 'notary', label: 'Notaire' };
+    case EIdnotRole.NOTAIRE_TITULAIRE:
+      return { name: 'admin' };
+    case EIdnotRole.NOTAIRE_ASSOCIE:
+      return { name: 'admin' };
+    case EIdnotRole.NOTAIRE_SALARIE:
+      return { name: 'notary' };
+    case EIdnotRole.COLLABORATEUR:
+      return { name: 'notary' };
+    case EIdnotRole.SUPPLEANT:
+      return { name: 'notary' };
+    case EIdnotRole.ADMINISTRATEUR:
+      return { name: 'admin' };
+    case EIdnotRole.CURATEUR:
+      return { name: 'notary' };
     default:
-      return { name: 'default', label: 'Défaut' };
+      return { name: 'default' };
   }
 }
 
 function getCivility(civility) {
   switch (civility) {
     case 'Monsieur':
-      return 'MALE';
+      return ECivility.MALE;
     case 'Madame':
-      return 'FEMALE';
+      return ECivility.FEMALE;
     default:
-      return 'OTHERS';
+      return ECivility.OTHERS;
   }
 }
 
@@ -135,7 +187,7 @@ app.post('/api/v1/idnot/user/:code', async (req, res) => {
       return null;
     }
 
-    const idnotUser = {
+    const idNotUser = {
       idNot: payload.sub,
       office: {
         idNot: payload.entity_idn,
@@ -157,15 +209,19 @@ app.post('/api/v1/idnot/user/:code', async (req, res) => {
         phone_number: userData.numeroTelephone,
         cell_phone_number: userData.numeroMobile ?? userData.numeroTelephone,
         civility: getCivility(userData.personne.civilite)
-      }
+      },
+      office_role: getOfficeRole(userData.typeLien.name)
     };
 
-    if (!idnotUser.contact.email) {
-      console.error("User pro email empty");
+    if (!idNotUser.contact.email) {
+      console.error('User pro email empty');
       return null;
     }
 
-    res.json(idnotUser);
+    const authToken = uuidv4();
+    authTokens.push({ idNot: idNotUser.idNot, authToken });
+
+    res.json({ idNotUser, authToken });
   } catch (error) {
     res.status(500).json({
       error: 'Internal Server Error',
@@ -174,6 +230,711 @@ app.post('/api/v1/idnot/user/:code', async (req, res) => {
   }
 });
 
+//------------------------------------ SMS Section -----------------------------------------
+
+const configSms = {
+  // OVH config
+  OVH_APP_KEY: process.env.OVH_APP_KEY,
+  OVH_APP_SECRET: process.env.OVH_APP_SECRET,
+  OVH_CONSUMER_KEY: process.env.OVH_CONSUMER_KEY,
+  OVH_SMS_SERVICE_NAME: process.env.OVH_SMS_SERVICE_NAME,
+
+  // SMS Factor config
+  SMS_FACTOR_TOKEN: process.env.SMS_FACTOR_TOKEN,
+
+  PORT: process.env.PORT || 8080
+};
+
+// Codes storage
+const verificationCodes = new Map();
+
+// Service SMS
+class SmsService {
+  static generateCode() {
+    return Math.floor(100000 + Math.random() * 900000);
+  }
+
+  // OVH Service
+  static sendSmsWithOvh(phoneNumber, message) {
+    return new Promise((resolve, reject) => {
+      const ovhClient = ovh({
+        appKey: configSms.OVH_APP_KEY,
+        appSecret: configSms.OVH_APP_SECRET,
+        consumerKey: configSms.OVH_CONSUMER_KEY
+      });
+
+      ovhClient.request('POST', `/sms/${configSms.OVH_SMS_SERVICE_NAME}/jobs`, {
+        message: message,
+        receivers: [phoneNumber],
+        senderForResponse: false,
+        sender: 'not.IT Fact',
+        noStopClause: true
+      }, (error, result) => {
+        if (error) {
+          console.error('Erreur OVH SMS:', error);
+          resolve({ success: false, error: 'Échec de l\'envoi du SMS via OVH' });
+        } else {
+          resolve({ success: true });
+        }
+      });
+    });
+  }
+
+  // SMS Factor Service
+  static async sendSmsWithSmsFactor(phoneNumber, message) {
+    try {
+      const url = new URL('https://api.smsfactor.com/send/simulate');
+      url.searchParams.append('to', phoneNumber);
+      url.searchParams.append('text', message);
+      url.searchParams.append('sender', 'LeCoffre');
+      url.searchParams.append('token', configSms.SMS_FACTOR_TOKEN);
+
+      const response = await fetch(url.toString());
+
+      if (!response.ok) {
+        throw new Error(`HTTP error! status: ${response.status}`);
+      }
+
+      return { success: true };
+    } catch (error) {
+      console.error('Erreur SMS Factor:', error);
+      return { success: false, error: 'Échec de l\'envoi du SMS via SMS Factor' };
+    }
+  }
+
+  // Main method
+  static async sendSms(phoneNumber, message) {
+    // Try first with OVH
+    const ovhResult = await this.sendSmsWithOvh(phoneNumber, message);
+
+    if (ovhResult.success) {
+      return ovhResult;
+    }
+
+    // If OVH fails, try with SMS Factor
+    console.log('OVH SMS failed, trying SMS Factor...');
+    return await this.sendSmsWithSmsFactor(phoneNumber, message);
+  }
+}
+
+// Phone number validation middleware
+const validatePhoneNumber = (req, res, next) => {
+  const { phoneNumber } = req.body;
+
+  if (!phoneNumber) {
+    return res.status(400).json({
+      success: false,
+      message: 'Le numéro de téléphone est requis'
+    });
+  }
+
+  // Validation basique du format
+  const phoneRegex = /^\+?[1-9]\d{1,14}$/;
+  if (!phoneRegex.test(phoneNumber)) {
+    return res.status(400).json({
+      success: false,
+      message: 'Format de numéro de téléphone invalide'
+    });
+  }
+
+  next();
+};
+
+// Routes
+app.post('/api/send-code', validatePhoneNumber, async (req, res) => {
+  const { phoneNumber } = req.body;
+
+  try {
+    // Check if a code already exists and is not expired
+    const existingVerification = verificationCodes.get(phoneNumber);
+    if (existingVerification) {
+      const timeSinceLastSend = Date.now() - existingVerification.timestamp;
+      if (timeSinceLastSend < 30000) { // 30 secondes
+        return res.status(429).json({
+          success: false,
+          message: 'Veuillez attendre 30 secondes avant de demander un nouveau code'
+        });
+      }
+    }
+
+    // Generate a new code
+    const code = SmsService.generateCode();
+
+    // Store the code
+    verificationCodes.set(phoneNumber, {
+      code,
+      timestamp: Date.now(),
+      attempts: 0
+    });
+
+    // Send the SMS
+    const message = `Votre code de vérification LeCoffre est : ${code}`;
+    const result = await SmsService.sendSms(phoneNumber, message);
+
+    if (result.success) {
+      res.json({
+        success: true,
+        message: 'Code envoyé avec succès',
+      });
+    } else {
+      res.status(500).json({
+        success: false,
+        message: 'Échec de l\'envoi du SMS via les deux fournisseurs'
+      });
+    }
+  } catch (error) {
+    console.error('Erreur:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Erreur serveur lors de l\'envoi du code'
+    });
+  }
+});
+
+app.post('/api/verify-code', validatePhoneNumber, (req, res) => {
+  const { phoneNumber, code } = req.body;
+
+  if (!code) {
+    return res.status(400).json({
+      success: false,
+      message: 'Le code est requis'
+    });
+  }
+
+  const verification = verificationCodes.get(phoneNumber);
+
+  if (!verification) {
+    return res.status(400).json({
+      success: false,
+      message: 'Aucun code n\'a été envoyé à ce numéro'
+    });
+  }
+
+  // Check if the code has not expired (5 minutes)
+  if (Date.now() - verification.timestamp > 5 * 60 * 1000) {
+    verificationCodes.delete(phoneNumber);
+    return res.status(400).json({
+      success: false,
+      message: 'Le code a expiré'
+    });
+  }
+
+  // Check if the code is correct
+  if (verification.code.toString() === code.toString()) {
+    verificationCodes.delete(phoneNumber);
+    res.json({
+      success: true,
+      message: 'Code vérifié avec succès'
+    });
+  } else {
+    verification.attempts += 1;
+
+    if (verification.attempts >= 3) {
+      verificationCodes.delete(phoneNumber);
+      res.status(400).json({
+        success: false,
+        message: 'Trop de tentatives. Veuillez demander un nouveau code'
+      });
+    } else {
+      res.status(400).json({
+        success: false,
+        message: 'Code incorrect'
+      });
+    }
+  }
+});
+
+//------------------------------------ End of SMS Section ------------------------------------
+
+//------------------------------------ Email Section -----------------------------------------
+
+
+const configEmail = {
+  MAILCHIMP_API_KEY: process.env.MAILCHIMP_API_KEY,
+  MAILCHIMP_KEY: process.env.MAILCHIMP_KEY,
+  MAILCHIMP_LIST_ID: process.env.MAILCHIMP_LIST_ID,
+  PORT: process.env.PORT || 8080,
+  FROM_EMAIL: 'no-reply@lecoffre.io',
+  FROM_NAME: 'LeCoffre.io'
+};
+
+// Email storage
+const pendingEmails = new Map();
+
+// Email service
+class EmailService {
+  static async sendTransactionalEmail(to, templateName, subject, templateVariables) {
+    try {
+      const mailchimpClient = mailchimp(configEmail.MAILCHIMP_API_KEY);
+
+      const message = {
+        template_name: templateName,
+        template_content: [],
+        message: {
+          global_merge_vars: this.buildVariables(templateVariables),
+          from_email: configEmail.FROM_EMAIL,
+          from_name: configEmail.FROM_NAME,
+          subject: subject,
+          to: [
+            {
+              email: to,
+              type: 'to'
+            }
+          ]
+        }
+      };
+
+      const result = await mailchimpClient.messages.sendTemplate(message);
+      return { success: true, result };
+    } catch (error) {
+      console.error('Erreur envoi email:', error);
+      return { success: false, error: 'Échec de l\'envoi de l\'email' };
+    }
+  }
+
+  static buildVariables(templateVariables) {
+    return Object.keys(templateVariables).map(key => ({
+      name: key,
+      content: templateVariables[key]
+    }));
+  }
+
+  // Add to Mailchimp diffusion list
+  static async addToMailchimpList(email) {
+    try {
+      const url = `https://us17.api.mailchimp.com/3.0/lists/${configEmail.MAILCHIMP_LIST_ID}/members`;
+
+      const response = await fetch(url, {
+        method: 'POST',
+        headers: {
+          'Authorization': `apikey ${configEmail.MAILCHIMP_KEY}`,
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          email_address: email,
+          status: 'subscribed'
+        })
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error! status: ${response.status}`);
+      }
+
+      const data = await response.json();
+      return { success: true, data };
+    } catch (error) {
+      console.error('Erreur ajout à la liste:', error);
+      return { success: false, error: 'Échec de l\'ajout à la liste Mailchimp' };
+    }
+  }
+
+  static async retryFailedEmails() {
+    for (const [emailId, emailData] of pendingEmails) {
+      if (emailData.attempts >= 10) {
+        pendingEmails.delete(emailId);
+        continue;
+      }
+
+      const nextRetryDate = new Date(emailData.lastAttempt);
+      nextRetryDate.setMinutes(nextRetryDate.getMinutes() + Math.pow(emailData.attempts, 2));
+
+      if (Date.now() >= nextRetryDate) {
+        try {
+          const result = await this.sendTransactionalEmail(
+            emailData.to,
+            emailData.templateName,
+            emailData.subject,
+            emailData.templateVariables
+          );
+
+          if (result.success) {
+            pendingEmails.delete(emailId);
+          } else {
+            emailData.attempts += 1;
+            emailData.lastAttempt = Date.now();
+          }
+        } catch (error) {
+          emailData.attempts += 1;
+          emailData.lastAttempt = Date.now();
+        }
+      }
+    }
+  }
+}
+
+// Email validation middleware
+const validateEmail = (req, res, next) => {
+  const { email } = req.body;
+
+  if (!email) {
+    return res.status(400).json({
+      success: false,
+      message: 'L\'adresse email est requise'
+    });
+  }
+
+  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+  if (!emailRegex.test(email)) {
+    return res.status(400).json({
+      success: false,
+      message: 'Format d\'email invalide'
+    });
+  }
+
+  next();
+};
+
+// Email templates
+const ETemplates = {
+  DOCUMENT_ASKED: "DOCUMENT_ASKED",
+  DOCUMENT_REFUSED: "DOCUMENT_REFUSED",
+  DOCUMENT_RECAP: "DOCUMENT_RECAP",
+  SUBSCRIPTION_INVITATION: "SUBSCRIPTION_INVITATION",
+  DOCUMENT_REMINDER: "DOCUMENT_REMINDER",
+  DOCUMENT_SEND: "DOCUMENT_SEND",
+};
+
+// Routes
+app.post('/api/send-email', validateEmail, async (req, res) => {
+  const { email, firstName, lastName, officeName, template } = req.body;
+
+  try {
+    const templateVariables = {
+      first_name: firstName || '',
+      last_name: lastName || '',
+      office_name: officeName || '',
+      link: `${process.env.APP_HOST}`
+    };
+
+    const result = await EmailService.sendTransactionalEmail(
+      email,
+      ETemplates[template],
+      'Votre notaire vous envoie un message',
+      templateVariables
+    );
+
+    if (!result.success) {
+      // Add to pending emails to retry later
+      const emailId = `${email}-${Date.now()}`;
+      pendingEmails.set(emailId, {
+        to: email,
+        templateName: ETemplates[template],
+        subject: 'Votre notaire vous envoie un message',
+        templateVariables,
+        attempts: 1,
+        lastAttempt: Date.now()
+      });
+    }
+
+    res.json({
+      success: true,
+      message: 'Email envoyé avec succès'
+    });
+  } catch (error) {
+    console.error('Erreur:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Erreur serveur lors de l\'envoi de l\'email'
+    });
+  }
+});
+
+app.post('/api/subscribe-to-list', validateEmail, async (req, res) => {
+  const { email } = req.body;
+
+  try {
+    const result = await EmailService.addToMailchimpList(email);
+
+    if (result.success) {
+      res.json({
+        success: true,
+        message: 'Inscription à la liste réussie'
+      });
+    } else {
+      res.status(500).json({
+        success: false,
+        message: 'Échec de l\'inscription à la liste'
+      });
+    }
+  } catch (error) {
+    console.error('Erreur:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Erreur serveur lors de l\'inscription'
+    });
+  }
+});
+
+app.post('/api/send_reminder', async (req, res) => {
+  const { office, customer } = req.body;
+
+  try {
+    const to = customer.contact.email;
+
+    const templateVariables = {
+      office_name: office.name,
+      last_name: customer.contact.last_name || '',
+      first_name: customer.contact.first_name || '',
+      link: `${process.env.APP_HOST}`
+    };
+
+    await EmailService.sendTransactionalEmail(
+      to,
+      ETemplates.DOCUMENT_REMINDER,
+      'Vous avez des documents à déposer pour votre dossier.',
+      templateVariables
+    );
+
+    res.json({
+      success: true,
+      message: 'Email envoyé avec succès'
+    });
+  } catch (error) {
+    console.error(error);
+    return;
+  }
+});
+
+// Automatic retry system
+setInterval(() => {
+  EmailService.retryFailedEmails();
+}, 60000); // Check every minute
+
+//------------------------------------ End of Email Section ------------------------------------
+
+//------------------------------------ Stripe Section ------------------------------------------
+
+const configStripe = {
+  STRIPE_SECRET_KEY: process.env.STRIPE_SECRET_KEY,
+  STRIPE_WEBHOOK_SECRET: process.env.STRIPE_WEBHOOK_SECRET,
+  APP_HOST: process.env.APP_HOST || 'http://localhost:3000',
+};
+
+// Stripe service
+class StripeService {
+  constructor() {
+    this.client = new Stripe(configStripe.STRIPE_SECRET_KEY);
+    this.prices = {
+      STANDARD: {
+        monthly: process.env.STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID,
+        yearly: process.env.STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID
+      },
+      UNLIMITED: {
+        monthly: process.env.STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID,
+        yearly: process.env.STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID
+      }
+    };
+  }
+
+  // Only for test
+  async createTestSubscription() {
+    try {
+      const customer = await this.client.customers.create({
+        email: 'test@example.com',
+        description: 'Client test',
+        source: 'tok_visa'
+      });
+
+      const priceId = this.prices.STANDARD.monthly;
+      const price = await this.client.prices.retrieve(priceId);
+
+      const subscription = await this.client.subscriptions.create({
+        customer: customer.id,
+        items: [{ price: price.id }],
+        payment_behavior: 'default_incomplete',
+        expand: ['latest_invoice.payment_intent']
+      });
+
+      return {
+        subscriptionId: subscription.id,
+        customerId: customer.id,
+        status: subscription.status,
+        priceId: price.id
+      };
+
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  async createCheckoutSession(subscription, frequency) {
+    const priceId = this.getPriceId(subscription.type, frequency);
+
+    return await this.client.checkout.sessions.create({
+      mode: 'subscription',
+      payment_method_types: ['card', 'sepa_debit'],
+      billing_address_collection: 'auto',
+      line_items: [{
+        price: priceId,
+        quantity: subscription.type === 'STANDARD' ? subscription.seats : 1,
+      }],
+      success_url: `${configStripe.APP_HOST}/subscription/success`, // Success page (frontend)
+      cancel_url: `${configStripe.APP_HOST}/subscription/error`, // Error page (frontend)
+      metadata: {
+        subscription: JSON.stringify(subscription),
+      },
+      allow_promotion_codes: true,
+      automatic_tax: { enabled: true }
+    });
+  }
+
+  getPriceId(type, frequency) {
+    return this.prices[type][frequency];
+  }
+
+  async getSubscription(subscriptionId) {
+    return await this.client.subscriptions.retrieve(subscriptionId);
+  }
+
+  async createPortalSession(subscriptionId) {
+    const subscription = await this.getSubscription(subscriptionId);
+    return await this.client.billingPortal.sessions.create({
+      customer: subscription.customer,
+      return_url: `${configStripe.APP_HOST}/subscription/manage`
+    });
+  }
+}
+
+const stripeService = new StripeService();
+
+// Validation middleware
+const validateSubscription = (req, res, next) => {
+  const { type, seats, frequency } = req.body;
+
+  if (!type || !['STANDARD', 'UNLIMITED'].includes(type)) {
+    return res.status(400).json({
+      success: false,
+      message: 'Type d\'abonnement invalide'
+    });
+  }
+
+  if (type === 'STANDARD' && (!seats || seats < 1)) {
+    return res.status(400).json({
+      success: false,
+      message: 'Nombre de sièges invalide'
+    });
+  }
+
+  if (!frequency || !['monthly', 'yearly'].includes(frequency)) {
+    return res.status(400).json({
+      success: false,
+      message: 'Fréquence invalide'
+    });
+  }
+
+  next();
+};
+
+// Routes
+
+// Only for test
+app.post('/api/test/create-subscription', async (req, res) => {
+  try {
+    const result = await stripeService.createTestSubscription();
+    res.json({
+      success: true,
+      data: result
+    });
+  } catch (error) {
+    res.status(500).json({
+      success: false,
+      message: 'Erreur lors de la création de l\'abonnement de test',
+      error: {
+        message: error.message,
+        type: error.type,
+        code: error.code
+      }
+    });
+  }
+});
+
+app.post('/api/subscriptions/checkout', validateSubscription, async (req, res) => {
+  try {
+    const session = await stripeService.createCheckoutSession(req.body, req.body.frequency);
+    res.json({ success: true, sessionId: session.id });
+  } catch (error) {
+    console.error('Erreur création checkout:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Erreur lors de la création de la session de paiement'
+    });
+  }
+});
+
+app.get('/api/subscriptions/:id', async (req, res) => {
+  try {
+    const subscription = await stripeService.getSubscription(req.params.id);
+    res.json({ success: true, subscription });
+  } catch (error) {
+    res.status(500).json({
+      success: false,
+      message: 'Erreur lors de la récupération de l\'abonnement'
+    });
+  }
+});
+
+app.post('/api/subscriptions/:id/portal', async (req, res) => {
+  try {
+    const session = await stripeService.createPortalSession(req.params.id);
+    res.json({ success: true, url: session.url });
+  } catch (error) {
+    res.status(500).json({
+      success: false,
+      message: 'Erreur lors de la création de la session du portail'
+    });
+  }
+});
+
+// Webhook Stripe
+app.post('/api/webhooks/stripe', express.raw({ type: 'application/json' }), async (req, res) => {
+  const sig = req.headers['stripe-signature'];
+  let event;
+
+  try {
+    event = Stripe.webhooks.constructEvent(req.body, sig, configStripe.STRIPE_WEBHOOK_SECRET);
+  } catch (err) {
+    return res.status(400).send(`Webhook Error: ${err.message}`);
+  }
+
+  try {
+    switch (event.type) {
+      case 'checkout.session.completed':
+        const session = event.data.object;
+        if (session.status === 'complete') {
+          const subscription = JSON.parse(session.metadata.subscription);
+          // Stock subscription (create process)
+          console.log('Nouvel abonnement:', subscription);
+        }
+        break;
+
+      case 'invoice.payment_succeeded':
+        const invoice = event.data.object;
+        if (['subscription_update', 'subscription_cycle'].includes(invoice.billing_reason)) {
+          const subscription = await stripeService.getSubscription(invoice.subscription);
+          // Update subscription (update process)
+          console.log('Mise à jour abonnement:', subscription);
+        }
+        break;
+
+      case 'customer.subscription.deleted':
+        const deletedSubscription = event.data.object;
+        // Delete subscription (update process to delete)
+        console.log('Suppression abonnement:', deletedSubscription.id);
+        break;
+    }
+
+    res.json({ received: true });
+  } catch (error) {
+    console.error('Erreur webhook:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Erreur lors du traitement du webhook'
+    });
+  }
+});
+
+//------------------------------------ End of Stripe Section -----------------------------------
+
 app.listen(PORT, () => {
   console.log(`Server is running on port ${PORT}`);
 });