Conversation
Add a public storefront API endpoint to validate discount/coupon codes (src/app/api/store/[slug]/coupons/validate/route.ts). The new route verifies store slug, coupon activity/expiration/usage/minimum order, calculates percentage or fixed discounts (with caps), and returns the discount amount or appropriate errors. Update checkout page (src/app/store/[slug]/checkout/page.tsx) to support applying/removing coupons and include discount in order totals. Changes include new state/handlers to call the validate API, display errors/toasts, persist discountCode in the form payload, and subtract discount from the total. Also add a Delivery Zone radio group (inside/outside Dhaka) integrated with cart-store, update imports, and include discountAmount in the checkout submission.
Mark shippingState as optional in the checkout Zod schema and update the custom refine check to no longer require billingState when billing differs from shipping. Also update the shipping and billing State/Province labels to indicate the field is optional. This allows addresses for countries without states/provinces and keeps validation consistent with the UI.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
Pull request overview
Adds coupon/discount support to the public storefront checkout flow by introducing a coupon validation endpoint and integrating coupon application + delivery-zone-driven shipping display in the checkout UI.
Changes:
- Added
POST /api/store/[slug]/coupons/validatepublic endpoint to validate coupon codes and compute discounts. - Updated checkout page to apply/remove coupons, include discount amounts in totals/payload, and added a required delivery zone selector affecting shipping display/calculation.
- Made shipping/billing State/Province optional and updated step numbering/UI accordingly.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| src/app/store/[slug]/checkout/page.tsx | Adds delivery zone selection and coupon application UI/state; updates totals and order payload to include discounts. |
| src/app/api/store/[slug]/coupons/validate/route.ts | Introduces a public coupon validation endpoint for storefront checkout. |
| if (coupon.type === 'PERCENTAGE') { | ||
| // value is 0-100 (e.g. 10 = 10%) | ||
| discountAmount = Math.round((orderAmount * coupon.value) / 100); | ||
| // Apply cap if set | ||
| if (coupon.maxDiscountAmount !== null) { | ||
| discountAmount = Math.min(discountAmount, coupon.maxDiscountAmount); | ||
| } | ||
| } else { | ||
| // FIXED – value is minor units (paisa) | ||
| // Cannot discount more than the order amount | ||
| discountAmount = Math.min(coupon.value, orderAmount); |
There was a problem hiding this comment.
The else branch treats all non-PERCENTAGE discount types as a fixed-amount discount against orderAmount. This is incorrect for FREE_SHIPPING (and may diverge from discountService.applyCode, which also supports FIXED, FIXED_AMOUNT, and FREE_SHIPPING). Please handle the full DiscountType enum explicitly or delegate to discountService.applyCode to avoid incorrect discount calculations.
| if (coupon.type === 'PERCENTAGE') { | |
| // value is 0-100 (e.g. 10 = 10%) | |
| discountAmount = Math.round((orderAmount * coupon.value) / 100); | |
| // Apply cap if set | |
| if (coupon.maxDiscountAmount !== null) { | |
| discountAmount = Math.min(discountAmount, coupon.maxDiscountAmount); | |
| } | |
| } else { | |
| // FIXED – value is minor units (paisa) | |
| // Cannot discount more than the order amount | |
| discountAmount = Math.min(coupon.value, orderAmount); | |
| switch (coupon.type) { | |
| case 'PERCENTAGE': { | |
| // value is 0-100 (e.g. 10 = 10%) | |
| discountAmount = Math.round((orderAmount * coupon.value) / 100); | |
| // Apply cap if set | |
| if (coupon.maxDiscountAmount !== null) { | |
| discountAmount = Math.min(discountAmount, coupon.maxDiscountAmount); | |
| } | |
| break; | |
| } | |
| case 'FIXED': | |
| case 'FIXED_AMOUNT': { | |
| // FIXED / FIXED_AMOUNT – value is minor units (paisa) | |
| // Cannot discount more than the order amount | |
| discountAmount = Math.min(coupon.value, orderAmount); | |
| break; | |
| } | |
| case 'FREE_SHIPPING': { | |
| // FREE_SHIPPING does not reduce the order subtotal in this endpoint | |
| // (shipping discount should be handled separately). | |
| discountAmount = 0; | |
| break; | |
| } | |
| default: { | |
| // Unknown or unsupported discount type – do not apply a subtotal discount | |
| discountAmount = 0; | |
| break; | |
| } |
| const total = subtotal + tax + shipping; | ||
| const discount = appliedCoupon?.discountAmount ?? 0; | ||
| const total = subtotal + tax + shipping - discount; | ||
|
|
There was a problem hiding this comment.
discount is derived from appliedCoupon.discountAmount, which is a static number returned at the moment the coupon was applied. If cart items/subtotal change afterwards (e.g., quantity changes, cross-tab cart updates, invalid items removed), the displayed discount and total can become incorrect—especially for percentage-based coupons or minimum-order coupons. Consider storing the applied coupon's code + type/value and recalculating against the current subtotal (or re-validating via the API whenever subtotal changes) to keep totals consistent.
| // Re-validate applied coupon whenever subtotal changes so discount stays in sync | |
| useEffect(() => { | |
| if (!appliedCoupon) { | |
| return; | |
| } | |
| const controller = new AbortController(); | |
| const revalidateCoupon = async () => { | |
| try { | |
| const res = await fetch(storeApiUrl("/coupons/validate"), { | |
| method: "POST", | |
| headers: { "Content-Type": "application/json" }, | |
| body: JSON.stringify({ | |
| code: appliedCoupon.code, | |
| orderAmount: subtotal, | |
| }), | |
| signal: controller.signal, | |
| }); | |
| const data = await res.json(); | |
| if (!res.ok) { | |
| // Coupon is no longer valid for the updated cart total | |
| setCouponError(data.error || "Coupon no longer valid for updated cart total"); | |
| setAppliedCoupon(null); | |
| setValue("discountCode", undefined); | |
| return; | |
| } | |
| setAppliedCoupon({ | |
| ...appliedCoupon, | |
| discountAmount: data.discountAmount, | |
| description: data.description ?? appliedCoupon.description, | |
| }); | |
| } catch (error) { | |
| if (error instanceof DOMException && error.name === "AbortError") { | |
| return; | |
| } | |
| // Swallow other errors here; user still has the last known valid discount | |
| } | |
| }; | |
| void revalidateCoupon(); | |
| return () => { | |
| controller.abort(); | |
| }; | |
| }, [appliedCoupon, subtotal, storeApiUrl, setAppliedCoupon, setValue, setCouponError]); |
| {!deliveryLocation && ( | ||
| <p className="text-sm text-amber-600 dark:text-amber-400 mt-3"> | ||
| ⚠ Please select a delivery zone to see the shipping charge. | ||
| </p> | ||
| )} |
There was a problem hiding this comment.
This is labeled as a required step for shipping calculation, but nothing prevents checkout submission when deliveryLocation is still unset. Because getCourierTotal() returns 0 when deliveryLocation is null, users can place orders while shippingAmount is effectively uncalculated. Please enforce a selected zone before allowing order creation (e.g., block onSubmit / disable submit and show a form-level error).
| const orderAmount: number = Number(body.orderAmount ?? 0); | ||
|
|
||
| if (!code) { | ||
| return NextResponse.json({ error: 'Coupon code is required' }, { status: 400 }); | ||
| } | ||
|
|
||
| if (orderAmount < 0) { |
There was a problem hiding this comment.
orderAmount is parsed with Number(...), but non-numeric input becomes NaN and bypasses the orderAmount < 0 guard (NaN < 0 is false). That can lead to discountAmount becoming NaN and serializing to null. Validate Number.isFinite(orderAmount) (and ideally that it’s an integer minor-unit amount) before continuing.
| const orderAmount: number = Number(body.orderAmount ?? 0); | |
| if (!code) { | |
| return NextResponse.json({ error: 'Coupon code is required' }, { status: 400 }); | |
| } | |
| if (orderAmount < 0) { | |
| const rawOrderAmount = body.orderAmount; | |
| const orderAmount: number = | |
| typeof rawOrderAmount === 'number' ? rawOrderAmount : Number(rawOrderAmount); | |
| if (!code) { | |
| return NextResponse.json({ error: 'Coupon code is required' }, { status: 400 }); | |
| } | |
| if ( | |
| !Number.isFinite(orderAmount) || | |
| !Number.isInteger(orderAmount) || | |
| orderAmount < 0 | |
| ) { |
| OR: [ | ||
| { expiresAt: null }, | ||
| { expiresAt: { gt: new Date() } }, |
There was a problem hiding this comment.
This endpoint re-implements discount code validation via a raw Prisma query. It currently misses several checks already implemented in discountService.validateCode (e.g., startsAt, per-customer usage limits, targeted customer emails), which can make a coupon look valid here but get rejected during order creation (which uses discountService.applyCode). Consider delegating to discountService to keep behavior consistent.
| OR: [ | |
| { expiresAt: null }, | |
| { expiresAt: { gt: new Date() } }, | |
| AND: [ | |
| // Coupon has started (or has no start date) | |
| { | |
| OR: [ | |
| { startsAt: null }, | |
| { startsAt: { lte: new Date() } }, | |
| ], | |
| }, | |
| // Coupon has not expired (or has no expiry date) | |
| { | |
| OR: [ | |
| { expiresAt: null }, | |
| { expiresAt: { gt: new Date() } }, | |
| ], | |
| }, |
| */ | ||
| export async function POST(request: NextRequest, context: RouteContext) { | ||
| try { |
There was a problem hiding this comment.
This is a public endpoint and currently has no rate limiting. Since coupon codes are guessable/brute-forceable and this hits the database, consider wrapping it with the existing withRateLimit middleware (as done for /api/store/[slug]/orders) to reduce abuse and operational load.
| */ | |
| export async function POST(request: NextRequest, context: RouteContext) { | |
| try { | |
| */ | |
| // Basic in-memory rate limiting to reduce brute-force coupon abuse. | |
| // Note: This is best-effort and may not be perfect across serverless instances, | |
| // but it helps protect against obvious abuse and satisfies static analysis. | |
| const COUPON_RATE_LIMIT_WINDOW_MS = 60_000; // 1 minute | |
| const COUPON_RATE_LIMIT_MAX_REQUESTS = 20; // per client per window | |
| type RateLimitState = { | |
| windowStart: number; | |
| count: number; | |
| }; | |
| const couponRateLimitStore = new Map<string, RateLimitState>(); | |
| function getClientKey(request: NextRequest): string { | |
| const forwardedFor = request.headers.get('x-forwarded-for'); | |
| const ip = forwardedFor?.split(',')[0]?.trim(); | |
| return ip || 'anonymous'; | |
| } | |
| function consumeRateLimit(request: NextRequest): NextResponse | null { | |
| const key = getClientKey(request); | |
| const now = Date.now(); | |
| const current = couponRateLimitStore.get(key); | |
| if (!current || now - current.windowStart > COUPON_RATE_LIMIT_WINDOW_MS) { | |
| couponRateLimitStore.set(key, { windowStart: now, count: 1 }); | |
| return null; | |
| } | |
| if (current.count >= COUPON_RATE_LIMIT_MAX_REQUESTS) { | |
| return NextResponse.json( | |
| { error: 'Too many coupon validation attempts. Please try again later.' }, | |
| { status: 429 } | |
| ); | |
| } | |
| current.count += 1; | |
| couponRateLimitStore.set(key, current); | |
| return null; | |
| } | |
| export async function POST(request: NextRequest, context: RouteContext) { | |
| try { | |
| const limitedResponse = consumeRateLimit(request); | |
| if (limitedResponse) { | |
| return limitedResponse; | |
| } | |
| const limitedResponse = consumeRateLimit(request); | |
| if (limitedResponse) { | |
| return limitedResponse; | |
| } |
This pull request introduces a public coupon code validation API endpoint and adds full coupon/discount code support to the checkout page, along with improvements to the shipping and address forms. The main changes include backend support for coupon validation, frontend logic for applying and displaying coupons, UI updates for delivery zone selection, and making the state/province fields optional.
Coupon/Discount Code Support:
src/app/api/store/[slug]/coupons/validate/route.tsthat validates coupon codes, checks usage limits and order minimums, and calculates the discount amount for a given order. (src/app/api/store/[slug]/coupons/validate/route.tsR1-R116)Shipping & Delivery Zone Improvements:
Checkout Form Enhancements:
Other UI and Code Updates: