feat: add trigger-renewals testnet endpoint for subscription testing

Kenbak · Kenbak · commit 93ee70ec299d · 2026-04-10T16:49:46.000+02:00
Allows manually running process_renewals job to test past_due and
cancel-at-period-end logic without waiting for the hourly cron.
Testnet-only, requires authentication.
diff --git a/ROADMAP.md b/ROADMAP.md
@@ -98,7 +98,6 @@ Privacy-preserving Zcash payment gateway. Non-custodial, shielded-only.
 - [ ] **Embeddable widget** (JS snippet for any website)
   - `<script src="https://pay.cipherpay.app/widget.js">`
   - Drop-in payment button with modal checkout
-- [ ] Email notifications (payment confirmations, invoice reminders, subscription renewals — privacy-conscious: no PII in body)
 - [ ] **Blog** (`/blog`) — product updates, integration guides, campaign spotlights, privacy commentary. MDX-based, built into Next.js app.
 - [ ] **Developer changelog** (`/changelog`) — running log of features, fixes, and updates. Signals active development.
 - [ ] **Use cases page** (`/use-cases`) — e-commerce, donations, ticketing, AI agents, subscriptions. Conversion page for new visitors.
diff --git a/src/api/mod.rs b/src/api/mod.rs
@@ -115,6 +115,10 @@ pub fn configure(cfg: &mut web::ServiceConfig) {
                 "/subscriptions/{id}/simulate-period-end",
                 web::post().to(subscriptions::simulate_period_end),
             )
+            .route(
+                "/subscriptions/trigger-renewals",
+                web::post().to(subscriptions::trigger_renewals),
+            )
             // Payment links (merchant auth)
             .route("/payment-links", web::post().to(payment_links::create))
             .route("/payment-links", web::get().to(payment_links::list))
diff --git a/src/api/subscriptions.rs b/src/api/subscriptions.rs
@@ -210,3 +210,46 @@ pub async fn simulate_period_end(
         "hint": "Use with_payment: true to simulate a confirmed renewal payment"
     }))
 }
+
+/// Testnet-only: trigger the process_renewals job manually
+/// POST /api/subscriptions/trigger-renewals
+pub async fn trigger_renewals(
+    req: HttpRequest,
+    pool: web::Data<SqlitePool>,
+    config: web::Data<Config>,
+) -> HttpResponse {
+    if !config.is_testnet() {
+        return HttpResponse::Forbidden().json(serde_json::json!({
+            "error": "Simulation endpoints are only available on testnet"
+        }));
+    }
+
+    // Require authentication (any merchant)
+    if super::auth::require_merchant_or_session(&req, pool.get_ref()).await.is_err() {
+        return HttpResponse::Unauthorized().json(serde_json::json!({
+            "error": "Authentication required"
+        }));
+    }
+
+    let http = reqwest::Client::new();
+    // Empty UFVKs map — renewal invoice creation will skip address generation
+    // but past_due and cancel logic will still work for testing
+    let empty_ufvks = std::collections::HashMap::new();
+    match subscriptions::process_renewals(
+        pool.get_ref(),
+        &http,
+        &config.encryption_key,
+        &empty_ufvks,
+        None,
+    )
+    .await
+    {
+        Ok(actions) => HttpResponse::Ok().json(serde_json::json!({
+            "message": "process_renewals completed",
+            "actions": actions,
+        })),
+        Err(e) => HttpResponse::InternalServerError().json(serde_json::json!({
+            "error": e.to_string()
+        })),
+    }
+}
