Add comprehensive webhook validation and processing system with Polar.sh integration:
- Create built-in Standard Webhooks package following official specification
- Implement HMAC-SHA256 signature validation with base64 encoding
- Add webhook factory for multi-provider support (Polar, Stripe, generic)
- Replace custom Polar webhook validation with Standard Webhooks implementation
- Add proper exception handling with custom WebhookVerificationException
- Support sandbox mode bypass for development environments
- Update Polar provider to use database-driven configuration
- Enhance webhook test suite with proper Standard Webhooks format
- Add PaymentProvider model HasFactory trait for testing
- Implement timestamp tolerance checking (±5 minutes) for replay protection
- Support multiple signature versions and proper header validation
This provides a secure, reusable webhook validation system that can be extended
to other payment providers while maintaining full compliance with Standard
Webhooks specification.
BREAKING CHANGE: Polar webhook validation now uses Standard Webhooks format
with headers 'webhook-id', 'webhook-timestamp', 'webhook-signature' instead of
previous Polar-specific headers.
- Add Polar-specific date field mapping in PaymentOrchestrator (current_period_start, current_period_end, cancelled_at, trial_end)
- Handle both cancellation scenarios: cancel_at_period_end=true and existing cancelled_at timestamp
- Map customer_cancellation_reason and customer_cancellation_comment from Polar to database
- Update billing page to show correct renewal vs expiry dates based on cancellation status
- Restrict cancel button to activation_key provider only (Polar uses customer portal)
- Fix button spacing between "Manage in Polar" and "Sync" buttons
- Ensure both "Sync" and "Recheck Status" buttons use identical sync functionality
- Add provider_checkout_id column to separate checkout ID from subscription ID
- Update Polar provider to store checkout ID separately and set subscription ID to null initially
- Implement smart sync logic that queries Polar API when subscription ID is missing
- Add fetchPolarSubscriptionId method to find active subscriptions via customer ID
- Update webhook handlers to use provider_checkout_id for subscription lookup
- Make makeAuthenticatedRequest public to enable Subscription model API access
- Support plan metadata matching for accurate subscription identification
- Add fallback to most recent active subscription when no exact match found
This resolves sync button issues by properly tracking checkout vs subscription IDs
and enables automatic subscription ID recovery when webhooks fail.
- Add comprehensive billing page with current subscription display and transaction history
- Integrate Polar.sh customer portal for subscription management
- Fix Polar API endpoint from /customer-portal to /customer-sessions
- Use Polar's direct customer_portal_url response for seamless redirect
- Add responsive button layout with cursor-pointer styling
- Implement human-readable timestamps using diffForHumans()
- Add subscription sync functionality with 30-minute recheck window
- Include subscription cancellation with modal confirmation
- Support activation key provider with pending activation display
- Add proper error handling and user feedback messages
- Create PaymentCancelController with authentication and subscription detection
- Design responsive cancellation view with red/orange gradient theme
- Add session token logging and recent subscription lookup functionality
- Update payment cancel route to use new controller with auth middleware
- Include security assurances and proper navigation to checkout/dashboard
- Remove broken route references and ensure all buttons link to valid pages
- Add sanitizePolarErrorMessage() method to convert API errors to user-friendly messages
- Improve error logging with structured data instead of raw response bodies
- Add validation error handling with field-specific messages
- Remove sensitive information (emails, domains, UUIDs) from error messages
- Update checkout, subscription, customer, and product error handling
- Add status code-based error mapping for better user experience
- Add PaymentSuccessController with authentication and subscription selection logic
- Create PaymentConfirmation Livewire component with polling mechanism
- Implement real-time subscription status verification via Polar provider API
- Add confetti animation for successful payment confirmation
- Design responsive payment success page with dark mode support
- Fix Polar provider field mapping (updated_at -> modified_at)
- Add comprehensive error handling and logging
- Support multiple subscription status states (verifying, activated, pending, error)
- Implement automatic polling with 30-second intervals (max 5 attempts)
- Add fallback redirects and user-friendly status messages
- Build PolarProvider from scratch with proper HTTP API integration
- Add encrypted configuration loading from payment_providers table via model
- Implement sandbox/live environment switching with proper credential handling
- Fix product creation API structure for Polar.sh requirements
- Add comprehensive error handling and logging throughout checkout flow
- Fix PaymentController checkout URL handling to support Polar's checkout_url response
- Add debug logging for troubleshooting checkout session creation
- Support both regular and trial checkout flows for Polar payments
- Add PaymentProviderSeeder with initial provider data (Stripe, Lemon Squeezy, Polar, OxaPay, Crypto, Activation Key)
- Create migration to disable JSON constraints and change configuration column from JSON to TEXT
- Update PaymentProvider model cast from 'array' to 'encrypted:array' for secure configuration storage
- Replace hardcoded provider-specific buttons with dynamic database-driven approach
- Update getPlanProviders() to include display_name from payment_providers table
- Simplify plan-card.blade.php with single if/else logic for all providers
- Move trial button outside loop and comment for future implementation
- Use "Pay with {display_name}" pattern for consistent button text
- Maintain special handling for activation_key provider with disabled state
- Replace getAllowedProviders() method with direct database query
- Add filtering for enabled plan providers and active payment providers
- Include sort ordering for consistent provider display
- Improve performance by using direct database access instead of model method
Dynamic Provider Integration:
- Replace hardcoded provider arrays with database-driven payment_providers lookup
- Display provider status (Active/Inactive) in selection dropdowns
- Add provider_variant_id and provider_product_id input fields to plan configuration
- Update EditPlan and SubscriptionForm with dynamic provider selection
- Add empty state handling with helpful guidance when no providers exist
UI/UX Improvements:
- Format billing_cycle_days to readable text (Daily, Weekly, Monthly, Quarterly, Annually)
- Add color-coded badges for billing cycle frequency
- Fix plan_providers and plan_feature_limits count display with eager loading
- Implement intelligent color coding for count indicators
- Add visual status indicators for provider availability
Database Compatibility:
- Fix SQLite strftime() compatibility across all dashboard widgets
- Fix CAST AS REAL syntax in ChurnAnalysis widget
- Add database-agnostic date and cast expression methods
- Support MySQL, SQLite, PostgreSQL, and SQL Server
Bug Fixes:
- Fix null reference error in SubscriptionForm provider_data access
- Add null safety checks for new subscription creation
- Optimize queries with withCount() to prevent N+1 issues
Performance Optimizations:
- Add eager loading with withCount() for relationship counts
- Optimize plan provider and feature limit queries
- Prevent N+1 query issues in resource tables
BREAKING CHANGE: Plan provider configuration now uses dynamic provider options
from payment_providers table instead of hardcoded list.
Replace SQLite-specific functions with database-agnostic expressions to support
MySQL, SQLite, PostgreSQL, and SQL Server across all Filament dashboard widgets.
- Fix strftime() date formatting in SubscriptionMetrics, RevenueMetrics, and TrialPerformance
- Fix CAST AS REAL syntax in ChurnAnalysis widget
- Add getDateFormatExpression() method for date function compatibility
- Add getCastExpression() method for CAST syntax compatibility
- Support MySQL/MariaDB, SQLite, PostgreSQL, and SQL Server drivers
- Maintain identical functionality across all database types
Fixes multiple SQLSTATE[42000] syntax errors when using MySQL/MariaDB databases.
- Add comprehensive rate limiting (300 req/min) with automatic throttling
- Implement centralized API request method for consistent authentication
- Add support for Polar-specific webhook events (order.created, order.paid, subscription.active, customer.state_changed, benefit_grant.created)
- Update API endpoints to match Polar's official structure (remove /v1 prefix)
- Add external_id support for reliable customer-user mapping
- Implement sandbox mode with separate credentials configuration
- Add discount code support in checkout flow
- Add credential validation method for API connectivity testing
- Update webhook signature validation and event handling
- Enhance error handling and logging throughout provider
- Add proper metadata structure with user and plan information
- Update services configuration and environment variables for sandbox support
BREAKING CHANGE: Updated API endpoint structure and webhook event handling to comply with Polar.sh official API specification.
- Create 7 new models with full relationships and business logic:
* PlanFeature: Define available features with categories and types
* PlanFeatureLimit: Manage usage limits per plan with trial overrides
* PlanPermission: Granular permissions system for features
* PlanProvider: Multi-provider payment configuration
* PlanTier: Hierarchical plan structure with upgrade paths
* PlanUsage: Real-time usage tracking and analytics
* TrialConfiguration: Advanced trial settings per plan
- Enhance Plan model with 25+ new methods:
* Feature checking: hasFeature(), canUseFeature(), getRemainingUsage()
* Permission system: hasPermission() with trial support
* Payment providers: getAllowedProviders(), supportsProvider()
* Trial management: hasTrial(), getTrialConfig()
* Upgrade paths: isUpgradeFrom(), getUpgradePath()
* Utility methods: getBillingCycleDisplay(), metadata handling
- Completely redesign PlanResource with tabbed interface:
* Basic Info: Core plan configuration with dynamic billing cycles
* Features & Limits: Dynamic feature management with trial overrides
* Payment Providers: Multi-provider configuration (Stripe, Lemon Squeezy, etc.)
* Trial Settings: Advanced trial configuration with always-visible toggle
- Create new Filament resources:
* PlanFeatureResource: Manage available features by category
* PlanTierResource: Hierarchical tier management with parent-child relationships
- Implement comprehensive data migration:
* Migrate legacy plan data to new enhanced system
* Create default features (mailbox accounts, email forwarding, etc.)
* Preserve existing payment provider configurations
* Set up trial configurations (disabled for legacy plans)
* Handle duplicate data gracefully with rollback support
- Add proper database constraints and indexes:
* Unique constraints on plan-feature relationships
* Foreign key constraints with cascade deletes
* Performance indexes for common queries
* JSON metadata columns for flexible configuration
- Fix trial configuration form handling:
* Add required validation for numeric fields
* Implement proper null handling with defaults
* Add type casting for all numeric fields
* Ensure database constraint compliance
- Replace Laravel Cashier methods with new subscription system
- Remove session-based subscription checking in bulk components
- Update Dashboard.php to use PaymentOrchestrator for provider-agnostic sync
- Maintain backward compatibility with existing Stripe subscriptions
- Improve performance by eliminating session overhead
- Add automatic migration of legacy subscriptions to new system
BREAKING CHANGE: Subscription checking now uses unified payment system instead of Laravel Cashier methods
- Add unified payment provider architecture with contract-based design
- Implement 6 payment providers: Stripe, Lemon Squeezy, Polar, Oxapay, Crypto, Activation Keys
- Create subscription management with lifecycle handling (create, cancel, pause, resume, update)
- Add coupon system with usage tracking and trial extensions
- Build Filament admin resources for payment providers, subscriptions, coupons, and trials
- Implement payment orchestration service with provider registry and configuration management
- Add comprehensive payment logging and webhook handling for all providers
- Create customer analytics dashboard with revenue, churn, and lifetime value metrics
- Add subscription migration service for provider switching
- Include extensive test coverage for all payment functionality
- Remove unused Filament Settings.php page
- Change PlanResource navigation group for better organization
- Clean up obsolete settings page that is no longer needed
- Update PlanResource navigation icon to OutlinedInboxStack
- Improve navigation structure by relocating plan management
- Add base repository interfaces and abstract classes
- Implement separated read/write repositories for Domain and Username models
- Add intelligent query caching with automatic invalidation
- Include cache management service and CLI commands
- Add comprehensive configuration for cache TTL and monitoring
- Enhance performance through optimized data access patterns
- Upgrade Filament framework from v3 to v4
- Update all Filament resources and pages for v4 compatibility
- Fix test suite to maintain 100% pass rate (321 tests passing)
- Add visibility condition for ticket close action (only when not closed)
- Update dependencies and build assets for new Filament version
- Maintain backward compatibility while leveraging v4 improvements
- Add proper Tests\ namespace to all test classes in tests/Feature and tests/Unit
- Split RemainingModelsTest.php into separate files (PSR-4 compliance)
- Create missing factories: MetaFactory, RemoteEmailFactory
- Add HasFactory trait to RemoteEmail model
- Add missing ReflectionClass imports to test files
- Fix mass assignment issues in Meta and RemoteEmail models
- Override database connection for RemoteEmail in testing environment
- Fix DateTime comparison precision issues in tests
- Fix Laravel bootstrap issues in TestCase setup
- Add missing database factories (Setting, PremiumEmail, ActivationKey, etc.)
- Convert Pest tests to PHPUnit style for compatibility
- Fix model relationships and boolean casts
- Add missing Filament resource actions and filters
- Fix form validation and test data mismatches
- Resolve assertion parameter order issues
- Add proper configuration for test views
- Fix searchable columns and table sorting
- Simplify complex filter assertions for stability
