Brian Hatchet · Mark Harding · c710bdef · c710bdef · c710bdef · c710bdef
20 changed files
--- a/Controllers/api/api.php
+++ b/Controllers/api/api.php
 <?php 
 /** 
- * Minds API - pseudo router 
+ * Minds API - pseudo router. 
 * 
 * @version 1 
+ * 
 * @author Mark Harding 
 * 
 * @SWG\Swagger( 
@@ -37,48 +38,54 @@
 * ) 
 * @SWG\Info(title="Minds Public API", version="1.0") 
 */ 
+ 
 namespace Minds\Controllers\api; 
 
-use Minds\Core; 
 use Minds\Interfaces; 
 use Minds\Api\Factory; 
 
 class api implements Interfaces\Api 
 { 
- 
- /** @var Request $request **/ 
+ /** @var Request $request */ 
 private $request; 
 
- /** @var Response $response **/ 
+ /** @var Response $response */ 
 private $response; 
 
 public function setRequest($request) 
 { 
 $this->request = $request; 
+ 
 return $this; 
 } 
 
 public function setResponse($response) 
 { 
 $this->response = $response; 
+ 
 return $this; 
 } 
 
+ public function options($pages) 
+ { 
+ return Factory::build($pages, $this->request, $this->response); 
+ } 
+ 
 public function get($pages) 
 { 
 return Factory::build($pages, $this->request, $this->response); 
 } 
-  
+ 
 public function post($pages) 
 { 
 return Factory::build($pages, $this->request, $this->response); 
 } 
-  
+ 
 public function put($pages) 
 { 
 return Factory::build($pages, $this->request, $this->response); 
 } 
-  
+ 
 public function delete($pages) 
 { 
 return Factory::build($pages, $this->request, $this->response); 

--- a/Controllers/api/v2/sendwyre/accounts.php
+++ b/Controllers/api/v2/sendwyre/accounts.php
+<?php 
+ 
+namespace Minds\Controllers\api\v2\sendwyre; 
+ 
+use Minds\Core\Session; 
+use Minds\Core\SendWyre\SendWyreAccount; 
+use Minds\Core\SendWyre\Manager; 
+use Minds\Interfaces\Api; 
+use Minds\Core\Di\Di; 
+use Minds\Api\Factory; 
+ 
+class accounts implements Api 
+{ 
+ //GET /api/v2/sendwyre/accounts 
+ public function get($pages) 
+ { 
+ /** @var \Minds\Core\SendWyre\Manager $manager */ 
+ $manager = Di::_()->get('SendWyre\Manager'); 
+ 
+ $user = Session::getLoggedInUser(); 
+ 
+ try { 
+ $account = $manager->get($user->guid); 
+ if (!$account) { 
+ return Factory::response([]); 
+ } 
+ 
+ return Factory::response([ 
+ 'status' => 'success', 
+ 'account' => $account->export(), 
+ ]); 
+ } catch (\Exception $e) { 
+ return Factory::response([ 
+ 'status' => 'error', 
+ 'message' => $e->getMessage(), 
+ ]); 
+ } 
+ } 
+ 
+ public function options($pages) 
+ { 
+ return Factory::response([]); 
+ } 
+ 
+ public function post($pages) 
+ { 
+ return Factory::response([]); 
+ } 
+ 
+ //PUT /api/v2/sendwyre/accounts/:sendwyre_account_id 
+ public function put($pages) 
+ { 
+ if (!isset($pages[0])) { 
+ return Factory::response(['status' => 'error', 'message' => 'sendwyre_account_id must be provided']); 
+ } 
+ $user = Session::getLoggedInUser(); 
+ $accountId = $pages[0]; 
+ 
+ /** @var \Minds\Core\SendWyre\Manager $manager */ 
+ $manager = Di::_()->get('SendWyre\Manager'); 
+ try { 
+ $account = (new SendWyreAccount()) 
+ ->setUserGuid($user->guid) 
+ ->setSendWyreAccountId($accountId); 
+ 
+ $manager->save($account); 
+ 
+ return Factory::response([ 
+ 'status' => 'success', 
+ 'account' => $account->export(), 
+ ]); 
+ } catch (\Exception $e) { 
+ return Factory::response([ 
+ 'status' => 'error', 
+ 'message' => $e->getMessage(), 
+ ]); 
+ } 
+ } 
+ 
+ //DELETE /api/v2/sendwyre/accounts/:user_guid 
+ public function delete($pages) 
+ { 
+ if (!isset($pages[0])) { 
+ return Factory::response(['status' => 'error', 'message' => 'user_guid must be provided']); 
+ } 
+ 
+ $user = Session::getLoggedInUser(); 
+ $userGuid = $pages[0]; 
+ 
+ if (!Session::isAdmin() && $user->guid != $userGuid) { 
+ return Factory::response([ 
+ 'status' => 'error', 
+ 'message' => 'Insufficient permissions', 
+ ]); 
+ } 
+ /** @var \Minds\Core\SendWyre\Manager $manager */ 
+ $manager = Di::_()->get('SendWyre\Manager'); 
+ try { 
+ $account = (new SendWyreAccount()) 
+ ->setUserGuid($userGuid); 
+ 
+ $result = $manager->delete($account); 
+ 
+ return Factory::response([ 
+ 'status' => 'success', 
+ 'done' => true, 
+ ]); 
+ } catch (\Exception $e) { 
+ return Factory::response([ 
+ 'status' => 'error', 
+ 'message' => $e->getMessage(), 
+ ]); 
+ } 
+ } 
+}
--- a/Controllers/checkout.php
+++ b/Controllers/checkout.php
+<?php 
+ 
+namespace Minds\Controllers; 
+ 
+use Minds; 
+use Minds\Api\Factory; 
+use Minds\Interfaces; 
+use Minds\Core\Di\Di; 
+use Minds\Common\Cookie; 
+use Minds\Core; 
+ 
+class checkout implements Interfaces\Api 
+{ 
+ public function get($pages) 
+ { 
+ $checkoutKey = ['checkout_key' => base64_encode(openssl_random_pseudo_bytes(8)), 'usd' => $_GET['usd'] ?? 25]; 
+ $cookie = new Cookie(); 
+ $cookie 
+ ->setName('checkout_key') 
+ ->setValue($checkoutKey['checkout_key']) 
+ ->setExpire(time() + 300) 
+ ->setPath('/') 
+ ->setHttpOnly(true) 
+ ->create(); 
+ Core\page::forward(Di::_()->get('Config')->get('checkout_url').'authorize?'.http_build_query($checkoutKey)); 
+ } 
+ 
+ public function post($pages) 
+ { 
+ return Factory::response([]); 
+ } 
+ 
+ public function put($pages) 
+ { 
+ return Factory::response([]); 
+ } 
+ 
+ public function delete($pages) 
+ { 
+ return Factory::response([]); 
+ } 
+}
--- a/Controllers/oauth2/implicit.php
+++ b/Controllers/oauth2/implicit.php
+<?php 
+ 
+namespace Minds\Controllers\oauth2; 
+ 
+use Minds\Core; 
+use Minds\Interfaces; 
+use Minds\Core\Di\Di; 
+use Minds\Core\Session; 
+use Minds\Core\OAuth\Entities\UserEntity; 
+use Zend\Diactoros\ServerRequestFactory; 
+use Zend\Diactoros\Response\HtmlResponse; 
+use Zend\Diactoros\Response\SapiEmitter; 
+ 
+class Implicit extends core\page implements Interfaces\page 
+{ 
+ public function get($pages) 
+ { 
+ $request = ServerRequestFactory::fromGlobals(); 
+ $response = new HtmlResponse(''); 
+ $user = Session::getLoggedinUser(); 
+ if (!$_GET['checkout_key'] || $_GET['checkout_key'] != $_COOKIE['checkout_key'] || $user === null) { 
+ \forward('/'); 
+ } 
+ 
+ $server = Di::_()->get('OAuth\Server\Authorization'); 
+ try { 
+ $result = $server->validateAuthorizationRequest($request); 
+ 
+ $entity = new UserEntity(); 
+ $entity->setIdentifier($user->getGuid()); 
+ $result->setUser($entity); 
+ $result->setAuthorizationApproved(true); 
+ //return a redirect with a jwt token 
+ $response = $server->completeAuthorizationRequest($result, $response); 
+ } catch (OAuthServerException $exception) { 
+ $response = $exception->generateHttpResponse($response); 
+ } catch (\Exception $exception) { 
+ $body = [ 
+ 'status' => 'error', 
+ 'error' => $exception->getMessage(), 
+ 'message' => $exception->getMessage(), 
+ ]; 
+ $response = new HtmlResponse($exception->getMessage()); 
+ } 
+ 
+ $emitter = new SapiEmitter(); 
+ $emitter->emit($response); 
+ } 
+ 
+ public function post($pages) 
+ { 
+ } 
+ 
+ public function put($pages) 
+ { 
+ } 
+ 
+ public function delete($pages) 
+ { 
+ } 
+}
--- a/Core/Minds.php
+++ b/Core/Minds.php
@@ -20,6 +20,7 @@ class Minds extends base
 Helpdesk\Module::class, 
 Onboarding\Module::class, 
 Subscriptions\Module::class, 
+ SendWyre\Module::class, 
 Suggestions\Module::class, 
 Reports\Module::class, 
 VideoChat\Module::class, 

--- a/Core/OAuth/OAuthProvider.php
+++ b/Core/OAuth/OAuthProvider.php
 <?php 
 /** 
- * Minds OAuth Provider 
+ * Minds OAuth Provider. 
 */ 
+ 
 namespace Minds\Core\OAuth; 
 
-use Minds\Core; 
-use Minds\Core\Di\Di; 
 use Minds\Core\Di\Provider; 
- 
 use League\OAuth2\Server\ResourceServer; 
 use League\OAuth2\Server\AuthorizationServer; 
 use League\OAuth2\Server\Middleware\ResourceServerMiddleware; 
 use League\OAuth2\Server\Grant\PasswordGrant; 
 use League\OAuth2\Server\Grant\RefreshTokenGrant; 
+use League\OAuth2\Server\Grant\ImplicitGrant; 
 
 class OAuthProvider extends Provider 
 { 
- 
 public function register() 
 { 
 $this->di->bind('OAuth\Manager', function ($di) { 
- return new Manager; 
- }, ['useFactory'=>false]); 
+ return new Manager(); 
+ }, ['useFactory' => false]); 
 
 // Authorization Server 
 $this->di->bind('OAuth\Server\Authorization', function ($di) { 
@@ -50,8 +48,14 @@ class OAuthProvider extends Provider
 new \DateInterval('PT72H') // expire access token after 72 hours 
 ); 
 
+ // Implicit grant 
+ $server->enableGrantType( 
+ $di->get('OAuth\Grants\Implicit'), 
+ new \DateInterval('PT1H') // expire access token after 1 hour 
+ ); 
+ 
 return $server; 
- }, ['useFactory'=>true]); 
+ }, ['useFactory' => true]); 
 
 // Resource Server 
 $this->di->bind('OAuth\Server\Resource', function ($di) { 
@@ -60,7 +64,7 @@ class OAuthProvider extends Provider
 
 // Path to authorization server's public key 
 $publicKeyPath = '/var/secure/oauth-pub.key'; 
-  
+ 
 // Setup the authorization server 
 $server = new ResourceServer( 
 $accessTokenRepository, 
@@ -68,12 +72,12 @@ class OAuthProvider extends Provider
 ); 
 
 return $server; 
- }, ['useFactory'=>true]); 
+ }, ['useFactory' => true]); 
 
 // Resource Server Middleware 
 $this->di->bind('OAuth\Server\Resource\Middleware', function ($di) { 
 return new ResourceServerMiddleware($di->get('OAuth\Server\Resource')); 
- }, ['useFactory'=>true]); 
+ }, ['useFactory' => true]); 
 
 // Password grant 
 $this->di->bind('OAuth\Grants\Password', function ($di) { 
@@ -84,39 +88,43 @@ class OAuthProvider extends Provider
 $grant->setRefreshTokenTTL(new \DateInterval('P1M')); // expire after 1 month 
 
 return $grant; 
- }, ['useFactory'=>false]); 
+ }, ['useFactory' => false]); 
 
 // Refresh Token grant 
 $this->di->bind('OAuth\Grants\RefreshToken', function ($di) { 
 $refreshTokenRepository = $di->get('OAuth\Repositories\RefreshToken'); 
-  
 $grant = new RefreshTokenGrant($refreshTokenRepository); 
 $grant->setRefreshTokenTTL(new \DateInterval('P1M')); // The refresh token will expire in 1 month 
-  
+ 
+ return $grant; 
+ }, ['useFactory' => false]); 
+ 
+ // Implicit grant 
+ $this->di->bind('OAuth\Grants\Implicit', function ($di) { 
+ $grant = new ImplicitGrant(new \DateInterval('PT1H'), '?'); 
+ 
 return $grant; 
- }, ['useFactory'=>false]); 
+ }, ['useFactory' => false]); 
 
 // Repositories 
 $this->di->bind('OAuth\Repositories\RefreshToken', function ($di) { 
- return new Repositories\RefreshTokenRepository; 
- }, ['useFactory'=>true]); 
+ return new Repositories\RefreshTokenRepository(); 
+ }, ['useFactory' => true]); 
 
 $this->di->bind('OAuth\Repositories\AccessToken', function ($di) { 
- return new Repositories\AccessTokenRepository; 
- }, ['useFactory'=>true]); 
+ return new Repositories\AccessTokenRepository(); 
+ }, ['useFactory' => true]); 
 
 $this->di->bind('OAuth\Repositories\User', function ($di) { 
- return new Repositories\UserRepository; 
- }, ['useFactory'=>true]); 
+ return new Repositories\UserRepository(); 
+ }, ['useFactory' => true]); 
 
 $this->di->bind('OAuth\Repositories\Client', function ($di) { 
- return new Repositories\ClientRepository; 
- }, ['useFactory'=>true]); 
+ return new Repositories\ClientRepository(); 
+ }, ['useFactory' => true]); 
 
 $this->di->bind('OAuth\Repositories\Scope', function ($di) { 
- return new Repositories\ScopeRepository; 
- }, ['useFactory'=>true]); 
- 
+ return new Repositories\ScopeRepository(); 
+ }, ['useFactory' => true]); 
 } 
- 
 }
--- a/Core/OAuth/Repositories/AccessTokenRepository.php
+++ b/Core/OAuth/Repositories/AccessTokenRepository.php
 <?php 
 /** 
- * Minds OAuth AccessTokenRepository 
+ * Minds OAuth AccessTokenRepository. 
 */ 
+ 
 namespace Minds\Core\OAuth\Repositories; 
 
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface; 
@@ -32,13 +33,13 @@ class AccessTokenRepository implements AccessTokenRepositoryInterface
 { 
 $scopes = new Set(Type::text()); 
 foreach ($accessTokenEntity->getScopes() as $scope) { 
- $scopes->add($scopes); 
+ $scopes->add($scope->getIdentifier()); 
 } 
- $prepared = new Prepared; 
- $prepared->query(" 
+ $prepared = new Prepared(); 
+ $prepared->query(' 
 INSERT INTO oauth_access_tokens (token_id, client_id, user_id, expires, last_active, scopes) 
 VALUES (?, ?, ?, ?, ?, ?) 
- ", [ 
+ ', [ 
 $accessTokenEntity->getIdentifier(), 
 $accessTokenEntity->getClient()->getIdentifier(), 
 new Varint($accessTokenEntity->getUserIdentifier()), 
@@ -46,6 +47,7 @@ class AccessTokenRepository implements AccessTokenRepositoryInterface
 new Timestamp(time()), //now 
 $scopes, 
 ]); 
+ 
 $this->client->request($prepared); 
 } 
 
@@ -54,9 +56,9 @@ class AccessTokenRepository implements AccessTokenRepositoryInterface
 */ 
 public function revokeAccessToken($tokenId) 
 { 
- $prepared = new Prepared; 
- $prepared->query("DELETE FROM oauth_access_tokens where token_id = ?", [ 
- $tokenId 
+ $prepared = new Prepared(); 
+ $prepared->query('DELETE FROM oauth_access_tokens where token_id = ?', [ 
+ $tokenId, 
 ]); 
 $this->client->request($prepared); 
 } 
@@ -66,9 +68,9 @@ class AccessTokenRepository implements AccessTokenRepositoryInterface
 */ 
 public function isAccessTokenRevoked($tokenId) 
 { 
- $prepared = new Prepared; 
- $prepared->query("SELECT * FROM oauth_access_tokens where token_id = ?", [ 
- $tokenId 
+ $prepared = new Prepared(); 
+ $prepared->query('SELECT * FROM oauth_access_tokens where token_id = ?', [ 
+ $tokenId, 
 ]); 
 $this->client->request($prepared); 
 $response = $this->client->request($prepared); 

--- a/Core/OAuth/Repositories/ClientRepository.php
+++ b/Core/OAuth/Repositories/ClientRepository.php
 <?php 
 /** 
- * Minds OAuth ClientRepository 
+ * Minds OAuth ClientRepository. 
 */ 
+ 
 namespace Minds\Core\OAuth\Repositories; 
 
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface; 
 use Minds\Core\OAuth\Entities\ClientEntity; 
 use Minds\Core\Di\Di; 
-use Minds\Core\Security\XSRF; 
 
 class ClientRepository implements ClientRepositoryInterface 
 { 
- 
 /** @var Client $client */ 
 private $client; 
 
@@ -26,17 +25,20 @@ class ClientRepository implements ClientRepositoryInterface
 
 /** 
 * {@inheritdoc} 
- * TODO: Implement clients for 3rd party apps 
+ * TODO: Implement clients for 3rd party apps. 
 */ 
 public function getClientEntity($clientIdentifier, $grantType = null, $clientSecret = null, $mustValidateSecret = true) 
 { 
 $clients = [ 
 'mobile' => [ 
- 'secret'  => $this->config->get('oauth')['clients']['mobile']['secret'], 
- 'name'  => 'Mobile', 
- 'redirect_uri'  => '', 
+ 'secret' => $this->config->get('oauth')['clients']['mobile']['secret'], 
+ 'name' => 'Mobile', 
+ 'redirect_uri' => '', 
 'is_confidential' => $grantType === 'password' || $grantType === 'refresh_token' ? false : true, 
 ], 
+ 'checkout' => [ 
+ 'redirect_uri' => $this->config->get('checkout_url'), 
+ ], 
 ]; 
 
 // Check if client is registered 
@@ -59,5 +61,4 @@ class ClientRepository implements ClientRepositoryInterface
 
 return $client; 
 } 
- 
 }
--- a/Core/OAuth/Repositories/ScopeRepository.php
+++ b/Core/OAuth/Repositories/ScopeRepository.php
 <?php 
 /** 
- * Minds OAuth ScopeRepository 
+ * Minds OAuth ScopeRepository. 
 */ 
+ 
 namespace Minds\Core\OAuth\Repositories; 
 
 use League\OAuth2\Server\Entities\ClientEntityInterface; 
@@ -22,6 +23,9 @@ class ScopeRepository implements ScopeRepositoryInterface
 'email' => [ 
 'description' => 'Your email address', 
 ], 
+ 'checkout' => [ 
+ 'description' => 'Wyre transactions', 
+ ], 
 ]; 
 
 if (array_key_exists($scopeIdentifier, $scopes) === false) { 
@@ -45,4 +49,4 @@ class ScopeRepository implements ScopeRepositoryInterface
 ) { 
 return $scopes; 
 } 
-}
\ No newline at end of file
+}
--- a/Core/Provisioner/Installer.php
+++ b/Core/Provisioner/Installer.php
 <?php 
+ 
 namespace Minds\Core\Provisioner; 
 
 use Minds\Core; 
@@ -48,6 +49,7 @@ class Installer
 'site-name' => 'Minds', 
 'no-https' => false, 
 'sns-secret' => '', 
+ 'checkout_domain' => 'localhost:8081', 
 ]; 
 
 usleep(mt_rand(1, 9999)); 
@@ -60,12 +62,14 @@ class Installer
 public function setApp($app) 
 { 
 $this->app = $app; 
+ 
 return $this; 
 } 
 
 public function setOptions(array $options = []) 
 { 
 $this->options = array_merge($this->defaults, $options); 
+ 
 return $this; 
 } 
 
@@ -74,8 +78,9 @@ class Installer
 public function checkOptions() 
 { 
 $isInstallOnly = isset($this->options['only']); 
- if (!$isInstallOnly || $this->options['only'] === "site"){ 
+ if (!$isInstallOnly || $this->options['only'] === 'site') { 
 $this->checkSiteOptions(); 
+ 
 return; 
 } 
 // TODO: Check all database parameters. 
@@ -155,11 +160,11 @@ class Installer
 public function buildConfig(array $flags = []) 
 { 
 $flags = array_merge([ 
- 'returnResult' => false 
+ 'returnResult' => false, 
 ], $flags); 
 
- $source = $this->app->root . DIRECTORY_SEPARATOR . 'settings.example.php'; 
- $target = $this->app->root . DIRECTORY_SEPARATOR . 'settings.php'; 
+ $source = $this->app->root.DIRECTORY_SEPARATOR.'settings.example.php'; 
+ $target = $this->app->root.DIRECTORY_SEPARATOR.'settings.php'; 
 
 if (is_file($target) && !isset($this->options['overwrite-settings'])) { 
 throw new ProvisionException('Minds is already installed'); 
@@ -169,7 +174,7 @@ class Installer
 
 // Build options 
 if (!isset($this->options['path'])) { 
- $this->options['path'] = dirname($this->app->root) . DIRECTORY_SEPARATOR; 
+ $this->options['path'] = dirname($this->app->root).DIRECTORY_SEPARATOR; 
 } 
 
 if (!isset($this->options['jwt-domain'])) { 
@@ -180,11 +185,11 @@ class Installer
 if (!isset($this->options['socket-server-uri'])) { 
 $domain = $this->options['domain']; 
 $domainParts = parse_url($domain); 
- $this->options['socket-server-uri'] = $domainParts['scheme'] . $domainParts['host'] . ':8010'; 
+ $this->options['socket-server-uri'] = $domainParts['scheme'].$domainParts['host'].':8010'; 
 } 
 
 if (!isset($this->options['site-name'])) { 
- $this->options['site-name'] = "Minds"; 
+ $this->options['site-name'] = 'Minds'; 
 } 
 
 if (!isset($this->options['site-email'])) { 
@@ -215,7 +220,7 @@ class Installer
 
 public function checkSettingsFile() 
 { 
- $target = $this->app->root . DIRECTORY_SEPARATOR . 'settings.php'; 
+ $target = $this->app->root.DIRECTORY_SEPARATOR.'settings.php'; 
 
 if (!is_file($target)) { 
 throw new ProvisionException('Minds settings file is missing'); 
@@ -231,13 +236,15 @@ class Installer
 } 
 
 public function provisionCassandra(Provisioners\ProvisionerInterface $cassandraStorage = null, 
- $cleanData = false) { 
+ $cleanData = false) 
+ { 
 $cassandraStorage = $cassandraStorage ?: new Provisioners\CassandraProvisioner(); 
 $cassandraStorage->provision($cleanData); 
 } 
 
 public function provisionCockroach(Provisioners\ProvisionerInterface $cockroachProvisioner = null, 
- $cleanData = false) { 
+ $cleanData = false) 
+ { 
 $cockroachProvisioner = $cockroachProvisioner ?: new Provisioners\CockroachProvisioner(); 
 $cockroachProvisioner->provision($cleanData); 
 } 
@@ -302,7 +309,7 @@ class Installer
 $siteUrl = $config->get('site_url'); 
 } else { 
 $siteUrl = $this->options['no-https'] ? 'http' : 'https'; 
- $siteUrl .= '://' . $this->options['domain'] . '/'; 
+ $siteUrl .= '://'.$this->options['domain'].'/'; 
 } 
 
 return $siteUrl; 

--- a/Core/Provisioner/Provisioners/cassandra-provision.cql
+++ b/Core/Provisioner/Provisioners/cassandra-provision.cql
@@ -1365,3 +1365,9 @@ CREATE TABLE minds.video_chat_leases (
 last_refreshed timestamp, 
 secret text 
 ); 
+ 
+CREATE TABLE minds.sendwyre_accounts ( 
+ user_guid varint, 
+ sendwyre_account_id text, 
+ PRIMARY KEY (user_guid) 
+);
\ No newline at end of file
--- a/Core/Router.php
+++ b/Core/Router.php
@@ -20,7 +20,7 @@ class Router
 '/api/v1/archive/thumbnails' => 'Minds\\Controllers\\api\\v1\\media\\thumbnails', 
 
 '/oauth2/token' => 'Minds\\Controllers\\oauth2\\token', 
- 
+ '/oauth2/implicit' => 'Minds\\Controllers\\oauth2\\implicit', 
 '/icon' => 'Minds\\Controllers\\icon', 
 '//icon' => 'Minds\\Controllers\\icon', 
 '/api' => 'Minds\\Controllers\\api\\api', 
@@ -31,9 +31,9 @@ class Router
 // "/app" => "minds\\pages\\app", 
 '/emails/unsubscribe' => 'Minds\\Controllers\\emails\\unsubscribe', 
 '/sitemap' => 'Minds\\Controllers\\sitemap', 
- 
 '/apple-app-site-association' => '\\Minds\\Controllers\\deeplinks', 
 '/sitemaps' => '\\Minds\\Controllers\\sitemaps', 
+ '/checkout' => '\\Minds\\Controllers\\checkout', 
 ); 
 
 /** 
@@ -70,6 +70,16 @@ class Router
 $request = ServerRequestFactory::fromGlobals(); 
 $response = new JsonResponse([]); 
 
+ if ($request->getMethod() === 'OPTIONS') { 
+ header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}"); 
+ header('Access-Control-Allow-Credentials: true'); 
+ header('Access-Control-Max-Age: 86400'); 
+ header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); 
+ header('Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,X-No-Cache'); 
+ 
+ return null; 
+ } 
+ 
 // Sessions 
 // TODO: Support middleware 
 $session = Di::_()->get('Sessions\Manager'); 
@@ -102,7 +112,6 @@ class Router
 if (isset($_GET['referrer'])) { 
 Helpers\Campaigns\Referrals::register($_GET['referrer']); 
 } 
- 
 $loop = count($segments); 
 while ($loop >= 0) { 
 $offset = $loop - 1; 

--- a/Core/SendWyre/Manager.php
+++ b/Core/SendWyre/Manager.php
+<?php 
+ 
+namespace Minds\Core\SendWyre; 
+ 
+use Minds\Core\Di\Di; 
+ 
+class Manager 
+{ 
+ /** @var Repository */ 
+ protected $repository; 
+ 
+ public function __construct($repository = null) 
+ { 
+ $this->repository = $repository ?: Di::_()->get('SendWyre\Repository'); 
+ } 
+ 
+ public function get($userGuid) 
+ { 
+ return $this->repository->get($userGuid); 
+ } 
+ 
+ public function save($sendWyreAccount) 
+ { 
+ return $this->repository->save($sendWyreAccount); 
+ } 
+ 
+ public function delete($sendWyreAccount) 
+ { 
+ return $this->repository->delete($sendWyreAccount); 
+ } 
+}
--- a/Core/SendWyre/Module.php
+++ b/Core/SendWyre/Module.php
+<?php 
+/** 
+ * SendWyre module. 
+ */ 
+ 
+namespace Minds\Core\SendWyre; 
+ 
+use Minds\Interfaces\ModuleInterface; 
+ 
+class Module implements ModuleInterface 
+{ 
+ /** 
+ * OnInit. 
+ */ 
+ public function onInit() 
+ { 
+ $provider = new Provider(); 
+ $provider->register(); 
+ } 
+}
--- a/Core/SendWyre/Provider.php
+++ b/Core/SendWyre/Provider.php
+<?php 
+/** 
+ * SendWyre Provider. 
+ */ 
+ 
+namespace Minds\Core\SendWyre; 
+ 
+use Minds\Core\Di\Provider as DiProvider; 
+ 
+class Provider extends DiProvider 
+{ 
+ public function register() 
+ { 
+ $this->di->bind('SendWyre\Repository', function ($di) { 
+ return new Repository(); 
+ }, ['useFactory' => true]); 
+ 
+ $this->di->bind('SendWyre\Manager', function ($di) { 
+ return new Manager(); 
+ }, ['useFactory' => true]); 
+ } 
+}
--- a/Core/SendWyre/Repository.php
+++ b/Core/SendWyre/Repository.php
+<?php 
+ 
+ 
+/* 
+* SendWyre Integration repositories 
+* 
+*/ 
+ 
+namespace Minds\Core\SendWyre; 
+ 
+use Cassandra\Varint; 
+use Minds\Core\Data\Cassandra\Client; 
+use Minds\Core\Data\Cassandra\Prepared\Custom; 
+use Minds\Core\Di\Di; 
+ 
+class Repository 
+{ 
+ /** 
+ * @var Client 
+ */ 
+ protected $db; 
+ 
+ /** 
+ * Repository constructor. 
+ * 
+ * @param null $db 
+ */ 
+ public function __construct($db = null) 
+ { 
+ $this->db = $db ?: Di::_()->get('Database\Cassandra\Cql'); 
+ } 
+ 
+ /** 
+ * @param varint $userGuid 
+ * 
+ * @return SendWyreAccount 
+ */ 
+ public function get($userGuid) 
+ { 
+ $template = 'SELECT * FROM sendwyre_accounts WHERE user_guid = ?'; 
+ $values = [new VarInt($userGuid)]; 
+ 
+ $query = new Custom(); 
+ $query->query($template, $values); 
+ 
+ try { 
+ $result = $this->db->request($query); 
+ } catch (\Exception $e) { 
+ error_log($e); 
+ } 
+ 
+ if ($result && $result->count() > 0) { 
+ $row = $result->current(); 
+ 
+ $account = (new SendWyreAccount()) 
+ ->setUserGuid($row['user_guid']) 
+ ->setSendWyreAccountId($row['sendwyre_account_id']); 
+ 
+ return $account; 
+ } 
+ } 
+ 
+ /** 
+ * @param SendWyreAccount 
+ * 
+ * @return bool 
+ * 
+ * @throws \Exception 
+ */ 
+ public function save($sendWyreAccount) 
+ { 
+ if (!$sendWyreAccount->getUserGuid()) { 
+ throw new \Exception('user_guid is required'); 
+ } 
+ if (!$sendWyreAccount->getSendWyreAccountId()) { 
+ throw new \Exception('sendwyre_account_id is required'); 
+ } 
+ 
+ $template = 'INSERT INTO sendwyre_accounts (user_guid, sendwyre_account_id) VALUES (?, ?)'; 
+ 
+ $values = [ 
+ new Varint($sendWyreAccount->getUserGuid()), 
+ (string) $sendWyreAccount->getSendWyreAccountId(), 
+ ]; 
+ 
+ $query = new Custom(); 
+ $query->query($template, $values); 
+ 
+ return $this->db->request($query); 
+ } 
+ 
+ /** 
+ * @param SendWyreAccount $sendWyreAccount 
+ * 
+ * @return bool 
+ * 
+ * @throws \Exception 
+ */ 
+ public function delete($sendWyreAccount) 
+ { 
+ if (!$sendWyreAccount->getUserGuid()) { 
+ throw new \Exception('user_guid is required'); 
+ } 
+ 
+ $template = 'DELETE FROM sendwyre_accounts WHERE user_guid = ?'; 
+ 
+ $values = [ 
+ new Varint($sendWyreAccount->getUserGuid()), 
+ ]; 
+ 
+ $query = new Custom(); 
+ $query->query($template, $values); 
+ 
+ return $this->db->request($query); 
+ } 
+}
--- a/Core/SendWyre/SendWyreAccount.php
+++ b/Core/SendWyre/SendWyreAccount.php
+<?php 
+ 
+namespace Minds\Core\SendWyre; 
+ 
+use Minds\Traits\MagicAttributes; 
+ 
+class SendWyreAccount 
+{ 
+ use MagicAttributes; 
+ 
+ /** @var string $userGuid */ 
+ protected $userGuid; 
+ 
+ /** @var string sendWyreAccountId */ 
+ protected $sendWyreAccountId; 
+ 
+ public function export() 
+ { 
+ $export = []; 
+ $export['user_guid'] = intval($this->getUserGuid()); 
+ $export['sendWyreAccountId'] = $this->getSendWyreAccountId(); 
+ 
+ return $export; 
+ } 
+}
--- a/Spec/Core/OAuth/Repositories/ClientRepositorySpec.php
+++ b/Spec/Core/OAuth/Repositories/ClientRepositorySpec.php
@@ -4,32 +4,33 @@ namespace Spec\Minds\Core\OAuth\Repositories;
 
 use Minds\Core\OAuth\Repositories\ClientRepository; 
 use PhpSpec\ObjectBehavior; 
-use Prophecy\Argument; 
- 
 use Minds\Core\Config; 
 
 class ClientRepositorySpec extends ObjectBehavior 
 { 
- 
- function it_is_initializable() 
+ public function it_is_initializable() 
 { 
 $this->shouldHaveType(ClientRepository::class); 
 } 
 
- function it_should_return_a_client_with_secret( 
+ public function it_should_return_a_client_with_secret( 
 Config $config 
- ) 
- { 
+ ) { 
 $this->beConstructedWith(null, $config); 
 
+ $config->get('checkout_url')->willReturn('checkout_url'); 
+ 
 $config->get('oauth') 
 ->willReturn([ 
 'clients' => [ 
 'browser' => [ 
- 'secret' => 'testsecret' 
+ 'secret' => 'testsecret', 
 ], 
 'mobile' => [ 
- 'secret' => 'testsecret' 
+ 'secret' => 'testsecret', 
+ ], 
+ 'checkout' => [ 
+ 'secret' => 'testsecret', 
 ], 
 ], 
 ]); 
@@ -45,20 +46,21 @@ class ClientRepositorySpec extends ObjectBehavior
 ->shouldReturn('mobile'); 
 } 
 
- function it_should_not_return_a_client_with_wrong_secret( 
+ public function it_should_not_return_a_client_with_wrong_secret( 
 Config $config 
- ) 
- { 
+ ) { 
 $this->beConstructedWith(null, $config); 
 
+ $config->get('checkout_url')->willReturn('checkout_url'); 
+ 
 $config->get('oauth') 
 ->willReturn([ 
 'clients' => [ 
 'browser' => [ 
- 'secret' => 'testsecret' 
+ 'secret' => 'testsecret', 
 ], 
 'mobile' => [ 
- 'secret' => 'testsecret' 
+ 'secret' => 'testsecret', 
 ], 
 ], 
 ]); 
@@ -73,7 +75,7 @@ class ClientRepositorySpec extends ObjectBehavior
 $client->shouldReturn(null); 
 } 
 
- function it_should_not_return_an_invalid_client() 
+ public function it_should_not_return_an_invalid_client() 
 { 
 $client = $this->getClientEntity( 
 'invalid', 
@@ -84,5 +86,4 @@ class ClientRepositorySpec extends ObjectBehavior
 
 $client->shouldReturn(null); 
 } 
- 
 }
--- a/Spec/Core/SendWyre/RepositorySpec.php
+++ b/Spec/Core/SendWyre/RepositorySpec.php
+<?php 
+ 
+namespace Spec\Minds\Core\SendWyre; 
+ 
+use Cassandra\Varint; 
+use Minds\Core\Data\Cassandra\Client; 
+use Minds\Core\SendWyre\SendWyreAccount; 
+use Minds\Core\SendWyre\Repository; 
+use PhpSpec\ObjectBehavior; 
+use Prophecy\Argument; 
+use Spec\Minds\Mocks\Cassandra\Rows; 
+ 
+class RepositorySpec extends ObjectBehavior 
+{ 
+ protected $db; 
+ 
+ public function let(Client $db) 
+ { 
+ $this->db = $db; 
+ $this->beConstructedWith($db); 
+ } 
+ 
+ public function it_is_initializable() 
+ { 
+ $this->shouldHaveType(Repository::class); 
+ } 
+ 
+ public function it_should_get_an_account() 
+ { 
+ $userGuid = new VarInt(123); 
+ $testSendWyreAccount = (new SendWyreAccount()) 
+ ->setUserGuid($userGuid) 
+ ->setSendWyreAccountId('sendwyre'); 
+ $this->db->request(Argument::that(function ($query) { 
+ $built = $query->build(); 
+ 
+ return $built['string'] === 'SELECT * FROM sendwyre_accounts WHERE user_guid = ?'; 
+ })) 
+ ->shouldBeCalled() 
+ ->willReturn(new Rows([ 
+ [ 
+ 'user_guid' => new Varint(123), 
+ 'sendwyre_account_id' => 'sendwyre', 
+ ], 
+ ], '')); 
+ 
+ $this->get($userGuid)->shouldBeLike($testSendWyreAccount); 
+ } 
+ 
+ public function it_should_throw_if_calling_add_without_user_guid() 
+ { 
+ $this->shouldThrow(new \Exception('user_guid is required'))->duringSave(new SendWyreAccount()); 
+ } 
+ 
+ public function it_should_throw_if_calling_add_without_an_account_id() 
+ { 
+ $model = new SendWyreAccount(); 
+ $model->setUserGuid(123); 
+ 
+ $this->shouldThrow(new \Exception('sendwyre_account_id is required'))->duringSave($model); 
+ } 
+ 
+ public function it_should_save_a_new_sendwyre_account() 
+ { 
+ $model = new SendWyreAccount(); 
+ $model->setUserGuid(123) 
+ ->setSendWyreAccountId('123'); 
+ 
+ $this->db->request(Argument::that(function ($query) { 
+ $built = $query->build(); 
+ 
+ return $built['string'] === 'INSERT INTO sendwyre_accounts (user_guid, sendwyre_account_id) VALUES (?, ?)'; 
+ })) 
+ ->shouldBeCalled() 
+ ->willReturn(true); 
+ 
+ $this->save($model)->shouldReturn(true); 
+ } 
+ 
+ public function it_should_delete_a_sendwyre_account() 
+ { 
+ $model = (new SendWyreAccount()) 
+ ->setUserGuid(123); 
+ 
+ $this->db->request(Argument::that(function ($query) { 
+ $built = $query->build(); 
+ var_dump($built['string']); 
+ 
+ return $built['string'] === 'DELETE FROM sendwyre_accounts WHERE user_guid = ?'; 
+ })) 
+ ->shouldBeCalled() 
+ ->willReturn(true); 
+ 
+ $this->delete($model)->shouldReturn(true); 
+ } 
+ 
+ public function it_should_throw_if_calling_delete_without_user_guid() 
+ { 
+ $this->shouldThrow(new \Exception('user_guid is required'))->duringDelete(new SendWyreAccount()); 
+ } 
+}
--- a/settings.example.php
+++ b/settings.example.php
@@ -44,7 +44,7 @@ $CONFIG->set('oauth', [
 ], 
 ], 
 'encryption_key' => '{{ jwt-secret }}', 
-]); 
+ ]); 
 
 $CONFIG->set('report_reasons', 
 [ 
@@ -148,6 +148,7 @@ $CONFIG->site_url = 'http://{{domain}}/';
 $CONFIG->cdn_url = 'http://{{domain}}/en/'; 
 $CONFIG->cdn_assets_url = 'http://{{domain}}/en/'; 
 $CONFIG->zmq_server = 'localhost'; 
+$CONFIG->checkout_url = 'http://{{checkout_domain}}/'; 
 
 /** 
 * Overrides default system cache path from inside data root to custom location. 
@@ -288,7 +289,7 @@ $CONFIG->set('payouts', [
 'retentionDays' => 40, 
 'minimumAmount' => 100, 
 'userPercentage' => 0.8 
-]); 
+ ]); 
 
 $CONFIG->set('payments', [ 
 'stripe' => [