fotospiel-app/docs/changes/2025-10-05-checkout-refactor-todo.md

Checkout Refactor TODOs (2025-10-05)

Scope

• Marketing checkout only; guest and admin PWAs stay untouched.
• Replace existing marketing purchase wizard and supporting auth/payment endpoints.

Action Items

Wizard Foundations

• Rebuild the package step with a side panel for comparable packages and reset payment state when the selected package changes (see resources/js/pages/marketing/checkout/steps/PackageStep.tsx).
• Redesign the payment step: Stripe and Paddle happy path, failure, retry; add subscription handling for reseller plans. (Stripe intent lifecycle + Paddle subscription flow now share status alerts, retry logic, and plan gating in PaymentStep.tsx.)
• Update the confirmation step and surface the admin link inside resources/js/pages/Profile/Index.tsx. (Handled via ConfirmationStep.tsx + wizard callbacks redirecting to /settings/profile and /event-admin.)

Authentication & Profile Data

• Refactor resources/js/pages/auth/LoginForm.tsx and RegisterForm.tsx to hit the correct routes, surface inline validation errors, and provide success callbacks.
• Add optional comfort login: Google sign-in and enrichment of missing registration fields via the payment provider, combining the prior step 2/3 concept.

Backend Alignment

• Implement a dedicated CheckoutController plus marketing API routes, migrating any remaining checkout logic out of the marketing controller. (Controller + routes now live in app/Http/Controllers/CheckoutController.php / routes/web.php.)
• Audit existing marketing payment flows (resources/js/pages/marketing/PurchaseWizard.tsx, PaymentForm.tsx) and plan removals or migration. (Legacy components removed; new wizard replaces them.)

Quality & Rollout

• Expand automated coverage: Playwright end-to-end scenarios for auth, payment success/failure, Google login; PHPUnit and webhook tests for new checkout endpoints. (Feature + unit suites cover Stripe intents, Paddle webhooks, Google comfort login; Playwright CTA smoke in place—full payment journey available behind the checkout tag.)
• Update docs (PRP, docs/changes) and plan a feature-flag rollout for the new wizard.

Notes

• Wizard auth now uses /checkout/login and /checkout/register JSON endpoints handled by CheckoutController.
• Ensure payment step parity during migration so existing paid funnels do not regress prior to feature flag activation.
• 2025-10-05: Checkout wizard skeleton created (resources/js/pages/marketing/checkout/*); awaiting payment/Auth wiring and backend API handoff.
• 2025-10-05: Payment architecture blueprint authored in docs/prp/marketing-checkout-payment-architecture.md.
• 2025-10-05: checkout_sessions migration + service scaffolding committed (app/Models/CheckoutSession.php, app/Services/Checkout/*, config/checkout.php).

Payment Integration Plan

• Define provider-agnostic payment state machine (intent creation, approval, capture, failure). See docs/prp/marketing-checkout-payment-architecture.md.
• Scaffold checkout_sessions migration + service layer per docs/prp/marketing-checkout-payment-architecture.md.
• Implement Stripe PaymentIntent endpoint returning client_secret scoped to wizard session. (Covered by CheckoutController::createPaymentIntent.)
• Implement Paddle order creation/capture endpoints with metadata for tenant/package. (Routes now exposed in routes/web.php; controller derives tenant context for authenticated users.)
• Add webhook handling matrix for Stripe invoice/payment events and Paddle subscription lifecycle.
• Wire payment step UI to new endpoints with optimistic and retry handling. (See PaymentStep.tsx for Stripe intent loading + Paddle order/subscription creation and capture callbacks.)