/fix-stripe
Fix the highest priority Stripe integration issue.
What This Does
-
Invoke /check-stripe to audit Stripe integration
-
Identify highest priority issue
-
Fix that one issue
-
Verify the fix
-
Report what was done
This is a fixer. It fixes one issue at a time. Run again for next issue. Use /stripe for full lifecycle.
Process
- Run Primitive
Invoke /check-stripe skill to get prioritized findings.
- Fix Priority Order
Fix in this order:
-
P0: Missing webhook secret, hardcoded keys
-
P1: Webhook verification, customer portal, subscription checks
-
P2: Idempotency, error handling
-
P3: Advanced features
- Execute Fix
Missing webhook secret (P0): Add to .env.local :
STRIPE_WEBHOOK_SECRET=whsec_...
Get from Stripe Dashboard or CLI:
stripe listen --print-secret
Hardcoded keys (P0): Replace hardcoded keys with environment variables:
// Before const stripe = new Stripe('sk_test_...', { apiVersion: '2024-12-18.acacia' });
// After const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!, { apiVersion: '2024-12-18.acacia' });
Webhook verification missing (P1): Update webhook handler:
export async function POST(req: Request) { const body = await req.text(); const signature = req.headers.get('stripe-signature')!;
let event: Stripe.Event; try { event = stripe.webhooks.constructEvent( body, signature, process.env.STRIPE_WEBHOOK_SECRET! ); } catch (err) { return new Response('Webhook signature verification failed', { status: 400 }); }
// Handle event... }
No customer portal (P1): Add billing portal endpoint:
// app/api/stripe/portal/route.ts export async function POST(req: Request) { const { customerId } = await req.json();
const session = await stripe.billingPortal.sessions.create({
customer: customerId,
return_url: ${process.env.NEXT_PUBLIC_APP_URL}/settings,
});
return Response.json({ url: session.url }); }
Subscription status not checked (P1): Add subscription check middleware:
async function requireActiveSubscription(userId: string) { const subscription = await getSubscription(userId); if (!subscription || subscription.status !== 'active') { throw new Error('Active subscription required'); } }
- Verify
After fix:
Test webhook verification
stripe trigger checkout.session.completed
Check portal works
curl -X POST http://localhost:3000/api/stripe/portal
-H "Content-Type: application/json"
-d '{"customerId": "cus_test"}'
- Report
Fixed: [P0] Webhook signature not verified
Updated: app/api/webhooks/stripe/route.ts
- Added signature verification with constructEvent()
- Added error handling for invalid signatures
Verified: stripe trigger checkout.session.completed → verified
Next highest priority: [P1] No customer portal Run /fix-stripe again to continue.
Branching
Before making changes:
git checkout -b fix/stripe-$(date +%Y%m%d)
Single-Issue Focus
Payment integrations are critical. Fix one thing at a time:
-
Test each change thoroughly
-
Easy to rollback specific fixes
-
Clear audit trail for PCI
Run /fix-stripe repeatedly to work through the backlog.
Related
-
/check-stripe
-
The primitive (audit only)
-
/log-stripe-issues
-
Create issues without fixing
-
/stripe
-
Full Stripe lifecycle
-
/stripe-health
-
Webhook diagnostics