SkynetLabs · ro-tex · May 30, 2022 · May 25, 2022 · May 25, 2022
@@ -77,7 +77,7 @@ func (api *API) buildHTTPRoutes() {
 	api.staticRouter.POST("/user/recover/request", api.WithDBSession(api.noAuth(api.userRecoverRequestPOST)))
 	api.staticRouter.POST("/user/recover", api.WithDBSession(api.noAuth(api.userRecoverPOST)))
 
-	api.staticRouter.POST("/stripe/billing", api.WithDBSession(api.withAuth(api.stripeBillingPOST, false)))
+	api.staticRouter.GET("/stripe/billing", api.WithDBSession(api.withAuth(api.stripeBillingGET, false)))
 	api.staticRouter.POST("/stripe/checkout", api.WithDBSession(api.withAuth(api.stripeCheckoutPOST, false)))
 	api.staticRouter.GET("/stripe/prices", api.noAuth(api.stripePricesGET))
 	api.staticRouter.POST("/stripe/webhook", api.WithDBSession(api.noAuth(api.stripeWebhookPOST)))

@@ -152,10 +152,10 @@ func (api *API) processStripeSub(ctx context.Context, s *stripe.Subscription) er
 	return err
 }
 
-// stripeBillingPOST creates a new billing session for the user and redirects
+// stripeBillingGET creates a new billing session for the user and redirects
 // them to it. If the user does not yet have a Stripe customer, one is
 // registered for them.
-func (api *API) stripeBillingPOST(u *database.User, w http.ResponseWriter, req *http.Request, _ httprouter.Params) {
+func (api *API) stripeBillingGET(u *database.User, w http.ResponseWriter, req *http.Request, _ httprouter.Params) {
 	if u.StripeID == "" {
 		id, err := api.stripeCreateCustomer(req.Context(), u)
 		if err != nil {

@@ -35,7 +35,7 @@ func TestStripe(t *testing.T) {
 	api.StripeTestMode = true
 
 	tests := map[string]func(t *testing.T, at *test.AccountsTester){
-		"post billing":  testStripeBillingPOST,
+		"post billing":  testStripeBillingGET,
 		"get prices":    testStripePricesGET,
 		"post checkout": testStripeCheckoutPOST,
 	}
@@ -52,8 +52,8 @@ func TestStripe(t *testing.T) {
 	}
 }
 
-// testStripeBillingPOST ensures that we can create a new billing session.
-func testStripeBillingPOST(t *testing.T, at *test.AccountsTester) {
+// testStripeBillingGET ensures that we can create a new billing session.
+func testStripeBillingGET(t *testing.T, at *test.AccountsTester) {
 	name := test.DBNameForTest(t.Name())
 	r, _, err := at.UserPOST(name+"@siasky.net", name+"pass")
 	if err != nil {
@@ -65,15 +65,15 @@ func testStripeBillingPOST(t *testing.T, at *test.AccountsTester) {
 
 	// Try to start a billing session without valid user auth.
 	at.ClearCredentials()
-	_, s, err := at.StripeBillingPOST()
+	_, s, err := at.StripeBillingGET()
 	if err == nil || s != http.StatusUnauthorized {
 		t.Fatalf("Expected 401 Unauthorized, got %d %s", s, err)
 	}
 	// Try with a valid user. Expect a temporary redirect error. This is not a
 	// fail case, we expect that to happen. In production we'll follow that
 	// redirect.
 	at.SetCookie(c)
-	h, s, err := at.StripeBillingPOST()
+	h, s, err := at.StripeBillingGET()
 	if err != nil || s != http.StatusTemporaryRedirect {
 		t.Fatalf("Expected %d and no error, got %d '%s'", http.StatusTemporaryRedirect, s, err)
 	}

@@ -265,7 +265,7 @@ func TestUserConfirmEmail(t *testing.T) {
 		t.Fatal("Failed to generate a token.")
 	}
 	// Set the expiration of the token in the past.
-	u.EmailConfirmationTokenExpiration = time.Now().UTC().Add(-time.Minute)
+	u.EmailConfirmationTokenExpiration = time.Now().UTC().Add(-time.Minute).Truncate(time.Millisecond)
 	err = db.UserSave(ctx, u)
 	if err != nil {
 		t.Fatal("Failed to save the user:", err)

@@ -668,9 +668,9 @@ func (at *AccountsTester) UploadInfo(sl string) ([]api.UploadInfo, int, error) {
 
 /*** Stripe helpers ***/
 
-// StripeBillingPOST performs a `POST /stripe/billing`
-func (at *AccountsTester) StripeBillingPOST() (http.Header, int, error) {
-	r, err := at.Request(http.MethodPost, "/stripe/billing", nil, nil, nil, nil)
+// StripeBillingGET performs a `GET /stripe/billing`
+func (at *AccountsTester) StripeBillingGET() (http.Header, int, error) {
+	r, err := at.Request(http.MethodGet, "/stripe/billing", nil, nil, nil, nil)
 	// We ignore the temporary redirect error because it's the expected
 	// behaviour of this endpoint.
 	if err != nil && !strings.Contains(err.Error(), "307 Temporary Redirect") {