/** * StripeKeysForm Component * Manages Stripe API key configuration with encryption */ "use client"; import { useState, useEffect } from "react"; import { CreditCard, Key, Eye, EyeOff, CheckCircle, AlertCircle, Trash2, Save, ExternalLink, Shield, } from "lucide-react"; interface ExistingKeys { hasKeys: boolean; mode: "test" | "live" | null; configuredAt: string | null; maskedSecretKey: string | null; maskedWebhookSecret: string | null; publishableKey: string | null; } interface ValidationResult { valid: boolean; mode: "test" | "live" | null; message: string; accountName?: string; accountEmail?: string; } export default function StripeKeysForm() { // Input values const [secretKey, setSecretKey] = useState(""); const [publishableKey, setPublishableKey] = useState(""); const [webhookSecret, setWebhookSecret] = useState(""); // Visibility toggles const [showSecretKey, setShowSecretKey] = useState(false); const [showWebhookSecret, setShowWebhookSecret] = useState(false); // State const [existingKeys, setExistingKeys] = useState(null); const [validationResult, setValidationResult] = useState(null); const [loading, setLoading] = useState(true); const [validating, setValidating] = useState(false); const [saving, setSaving] = useState(false); const [error, setError] = useState(null); // Track if keys are validated const [isValidated, setIsValidated] = useState(false); // Fetch existing keys on mount useEffect(() => { fetchExistingKeys(); }, []); const fetchExistingKeys = async () => { try { setLoading(true); setError(null); const response = await fetch("/api/staff/settings/stripe-keys"); if (response.ok) { const data = await response.json(); setExistingKeys(data); // If keys exist, populate publishable key if (data.hasKeys && data.publishableKey) { setPublishableKey(data.publishableKey); } } else { const errorData = await response.json(); setError(errorData.error || "Failed to fetch existing keys"); } } catch (err) { console.error("Failed to fetch existing keys:", err); setError("Failed to fetch existing keys"); } finally { setLoading(false); } }; const handleValidate = async () => { // Reset previous validation setValidationResult(null); setError(null); setIsValidated(false); // Validation if (!secretKey.trim() || !publishableKey.trim()) { setError("Secret key and publishable key are required"); return; } // Check key format if (!secretKey.startsWith("sk_")) { setError('Invalid secret key format. Must start with "sk_"'); return; } if (!publishableKey.startsWith("pk_")) { setError('Invalid publishable key format. Must start with "pk_"'); return; } try { setValidating(true); const response = await fetch("/api/staff/settings/stripe-keys/validate", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ secretKey: secretKey.trim(), publishableKey: publishableKey.trim(), webhookSecret: webhookSecret.trim() || undefined, }), }); const data = await response.json(); if (response.ok) { setValidationResult(data); setIsValidated(data.valid); if (!data.valid) { setError(data.message || "Keys validation failed"); } } else { setError(data.error || "Validation request failed"); setValidationResult({ valid: false, mode: null, message: data.error || "Validation failed", }); } } catch (err: any) { console.error("Validation error:", err); setError(err.message || "Failed to validate keys"); setValidationResult({ valid: false, mode: null, message: "Network error during validation", }); } finally { setValidating(false); } }; const handleSave = async () => { if (!isValidated) { setError("Please validate keys before saving"); return; } if (!validationResult?.valid) { setError("Cannot save invalid keys"); return; } try { setSaving(true); setError(null); const response = await fetch("/api/staff/settings/stripe-keys", { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ secretKey: secretKey.trim(), publishableKey: publishableKey.trim(), webhookSecret: webhookSecret.trim() || undefined, mode: validationResult.mode, }), }); const data = await response.json(); if (response.ok) { // Success - refresh existing keys alert("Stripe keys saved successfully!"); setSecretKey(""); setWebhookSecret(""); setValidationResult(null); setIsValidated(false); await fetchExistingKeys(); } else { setError(data.error || "Failed to save keys"); } } catch (err: any) { console.error("Save error:", err); setError(err.message || "Failed to save keys"); } finally { setSaving(false); } }; const handleDelete = async () => { if ( !confirm( "Are you sure you want to remove Stripe keys? This will disable payment processing.", ) ) { return; } try { setSaving(true); setError(null); const response = await fetch("/api/staff/settings/stripe-keys", { method: "DELETE", }); if (response.ok) { alert("Stripe keys removed successfully"); setSecretKey(""); setPublishableKey(""); setWebhookSecret(""); setValidationResult(null); setIsValidated(false); await fetchExistingKeys(); } else { const data = await response.json(); setError(data.error || "Failed to remove keys"); } } catch (err: any) { console.error("Delete error:", err); setError(err.message || "Failed to remove keys"); } finally { setSaving(false); } }; if (loading) { return (
Loading...
); } return (
{/* Info Banner */}

Secure Encryption

All API keys are encrypted using AES-256-GCM encryption before storage. Only authorized administrators can configure Stripe settings.

{/* Existing Keys Display */} {existingKeys?.hasKeys && (

Current Configuration

Active Stripe API keys

{existingKeys.mode === "live" ? "🔴 Live Mode" : "🟡 Test Mode"}

{existingKeys.configuredAt ? new Date(existingKeys.configuredAt).toLocaleDateString() : "Unknown"}

{existingKeys.maskedSecretKey || "••••••••"}
{existingKeys.publishableKey || "••••••••"}
{existingKeys.maskedWebhookSecret && (
{existingKeys.maskedWebhookSecret}
)}
)} {/* Configuration Form */}

{existingKeys?.hasKeys ? "Update" : "Configure"} Stripe Keys

Enter your Stripe API credentials to enable payment processing

{/* Secret Key */}
{ setSecretKey(e.target.value); setValidationResult(null); setIsValidated(false); }} placeholder="sk_test_... or sk_live_..." className="w-full px-4 py-2 pr-12 border-2 border-gray-200 rounded-lg focus:ring-2 focus:ring-brand-green focus:border-brand-green" />

Starts with sk_test_ (test mode) or sk_live_ (live mode)

{/* Publishable Key */}
{ setPublishableKey(e.target.value); setValidationResult(null); setIsValidated(false); }} placeholder="pk_test_... or pk_live_..." className="w-full px-4 py-2 border-2 border-gray-200 rounded-lg focus:ring-2 focus:ring-brand-green focus:border-brand-green" />

Starts with pk_test_ (test mode) or pk_live_ (live mode)

{/* Webhook Secret */}
{ setWebhookSecret(e.target.value); setValidationResult(null); setIsValidated(false); }} placeholder="whsec_..." className="w-full px-4 py-2 pr-12 border-2 border-gray-200 rounded-lg focus:ring-2 focus:ring-brand-green focus:border-brand-green" />

Required for webhook verification. Starts with whsec_

{/* Validation Result */} {validationResult && (
{validationResult.valid ? ( ) : ( )}

{validationResult.valid ? "Keys Valid" : "Validation Failed"}

{validationResult.message}

{validationResult.valid && validationResult.accountName && (

Account: {validationResult.accountName}

{validationResult.accountEmail && (

Email:{" "} {validationResult.accountEmail}

)}

Mode:{" "} {validationResult.mode === "live" ? "Live" : "Test"}

)}
)} {/* Error Display */} {error && (
{error}
)} {/* Action Buttons */}
{existingKeys?.hasKeys && ( )}
{/* Help Section */}

How to Get Your Stripe API Keys

  1. Log in to your Stripe Dashboard
  2. Click on "Developers" in the top menu
  3. Select "API keys" from the sidebar
  4. Copy the "Secret key" and "Publishable key"
  5. For webhooks, go to "Webhooks" and copy the "Signing secret"
Open Stripe Dashboard
); }