feat: some updates

Author: emdevelopa

backend/src/routes/merchants.js

@@ -3,6 +3,7 @@ import rateLimit from "express-rate-limit";
 import { randomBytes } from "crypto";
 import { supabase } from "../lib/supabase.js";
 import { requireApiKeyAuth, requireSessionAuth, hashPassword } from "../lib/auth.js";
+import { generateSessionToken } from "../lib/sep10-auth.js";
 import { getMerchantApiUsage } from "../lib/api-usage.js";
 import { z } from "zod";
 import { validateRequest } from "../lib/validation.js";
@@ -169,8 +170,11 @@ function createMerchantsRouter({
       throw insertError;
     }
 
+        const token = generateSessionToken(merchant.id, merchant.email);
+
         res.status(201).json({
           message: "Merchant registered successfully",
+          token,
           merchant: {
             id: merchant.id,
             email: merchant.email,
@@ -226,13 +230,6 @@ function createMerchantsRouter({
         throw error;
       }
 
-    // Check if merchant already exists
-    const { data: existing } = await supabase
-      .from("merchants")
-      .select("id")
-      .eq("email", email)
-      .is("deleted_at", null)
-      .maybeSingle();
       res.json({ api_key: newApiKey });
     } catch (err) {
       next(err);

frontend/content/docs/api-guide.md

@@ -61,8 +61,8 @@ Save:
 
 ### 2. Add checkout route in your backend
 
-`server/routes/checkout.js`
-
+<FrameworkTabs>
+  <FrameworkTab label="Express (Node)">
 ```js
 import "dotenv/config";
 import express from "express";
@@ -99,8 +99,170 @@ router.post("/checkout", async (req, res) => {
 
 export default router;
 ```
+  </FrameworkTab>
+  <FrameworkTab label="Next.js (App Router)">
+```typescript
+import { NextResponse } from 'next/server';
+
+export async function POST(req: Request) {
+  try {
+    const body = await req.json();
+    const API_URL = process.env.PLUTO_API_URL || "https://pluto-api.up.railway.app";
+
+    const payload = {
+      amount: body.amount,
+      asset: "USDC",
+      asset_issuer: process.env.USDC_ISSUER,
+      recipient: process.env.MERCHANT_STELLAR_RECIPIENT,
+      metadata: { cart_id: body.cartId },
+    };
+
+    const r = await fetch(`${API_URL}/api/create-payment`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "x-api-key": process.env.PLUTO_API_KEY!,
+      },
+      body: JSON.stringify(payload),
+    });
+
+    const data = await r.json();
+    return NextResponse.json(data, { status: r.status });
+  } catch (err: any) {
+    return NextResponse.json({ error: err.message }, { status: 500 });
+  }
+}
+```
+  </FrameworkTab>
+  <FrameworkTab label="Python (Django)">
+```python
+import os
+import requests
+import json
+from django.http import JsonResponse
+from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.http import require_POST
+
+@csrf_exempt
+@require_POST
+def create_checkout(request):
+    try:
+        body = json.loads(request.body)
+        
+        payload = {
+            "amount": body.get("amount"),
+            "asset": "USDC",
+            # Optional: Standard issuer is used if USDC_ISSUER is missing
+            "asset_issuer": os.getenv("USDC_ISSUER"),
+            "recipient": os.getenv("MERCHANT_STELLAR_RECIPIENT"),
+            "metadata": {"cart_id": body.get("cartId")}
+        }
+        
+        headers = {
+            "Content-Type": "application/json",
+            "x-api-key": os.getenv("PLUTO_API_KEY")
+        }
+        
+        url = f"{os.getenv('PLUTO_API_URL')}/api/create-payment"
+        response = requests.post(url, json=payload, headers=headers)
+        
+        return JsonResponse(response.json(), status=response.status_code)
+    except Exception as e:
+        return JsonResponse({"error": str(e)}, status=500)
+```
+  </FrameworkTab>
+</FrameworkTabs>
+
+### 3. Call your backend from the frontend
+
+Once your backend route is ready, trigger it seamlessly from your frontend customer checkout page:
+
+<FrameworkTabs>
+  <FrameworkTab label="React">
+```tsx
+import { useState } from 'react';
+
+export default function CheckoutButton({ amount, cartId }) {
+  const [loading, setLoading] = useState(false);
+
+  const handleCheckout = async () => {
+    setLoading(true);
+    try {
+      const response = await fetch('/api/checkout', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ amount, cartId })
+      });
+      
+      const session = await response.json();
+      
+      if (session.payment_link) {
+        // Redirect standard browser to PLUTO UI
+        window.location.href = session.payment_link;
+      }
+    } catch (err) {
+      console.error("Checkout error:", err);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <button onClick={handleCheckout} disabled={loading}>
+      {loading ? 'Processing...' : `Pay $${amount} with Crypto`}
+    </button>
+  );
+}
+```
+  </FrameworkTab>
+  <FrameworkTab label="Vue 3 (Composition API)">
+```vue
+<script setup>
+import { ref } from 'vue';
+
+const props = defineProps({
+  amount: Number,
+  cartId: String
+});
+
+const loading = ref(false);
+
+const handleCheckout = async () => {
+  loading.value = true;
+  try {
+    const response = await fetch('/api/checkout', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ 
+        amount: props.amount, 
+        cartId: props.cartId 
+      })
+    });
+    
+    const session = await response.json();
+    
+    if (session.payment_link) {
+      // Redirect standard browser to PLUTO UI
+      window.location.href = session.payment_link;
+    }
+  } catch (err) {
+    console.error("Checkout error:", err);
+  } finally {
+    loading.value = false;
+  }
+};
+</script>
+
+<template>
+  <button @click="handleCheckout" :disabled="loading">
+    {{ loading ? 'Processing...' : `Pay $${amount} with Crypto` }}
+  </button>
+</template>
+```
+  </FrameworkTab>
+</FrameworkTabs>
 
-### 3. Redirect customer to returned `payment_link`
+### 4. Redirect customer to returned `payment_link`
 
 Example response:
 
@@ -112,7 +274,7 @@ Example response:
 }
 ```
 
-### 4. Track result in your app
+### 5. Track result in your app
 
 Use one or both: