payfrit-api/api/stripe/onboard.php

<?php
require_once __DIR__ . '/../helpers.php';
require_once __DIR__ . '/../config/stripe.php';
runAuth();

try {
    $data = readJsonBody();
    $businessID = (int) ($data['BusinessID'] ?? 0);

    if ($businessID === 0) apiAbort(['OK' => false, 'ERROR' => 'BusinessID is required']);

    $config = getStripeConfig();
    if (empty($config['secretKey'])) apiAbort(['OK' => false, 'ERROR' => 'Stripe is not configured']);

    $qBusiness = queryOne("SELECT StripeAccountID, Name FROM Businesses WHERE ID = ?", [$businessID]);
    if (!$qBusiness) apiAbort(['OK' => false, 'ERROR' => 'Business not found']);

    $stripeAccountID = $qBusiness['StripeAccountID'] ?? '';

    // Create new connected account if none exists
    if (empty($stripeAccountID)) {
        $accountData = stripeRequest('POST', 'https://api.stripe.com/v1/accounts', [
            'type' => 'express',
            'country' => 'US',
            'capabilities[card_payments][requested]' => 'true',
            'capabilities[transfers][requested]' => 'true',
            'business_profile[name]' => $qBusiness['Name'],
        ]);

        if (isset($accountData['error'])) {
            apiAbort(['OK' => false, 'ERROR' => $accountData['error']['message']]);
        }

        $stripeAccountID = $accountData['id'];

        queryTimed("UPDATE Businesses SET StripeAccountID = ?, StripeOnboardingStarted = NOW() WHERE ID = ?",
            [$stripeAccountID, $businessID]);
    }

    // Create account link for onboarding
    $base = baseUrl();
    $linkData = stripeRequest('POST', 'https://api.stripe.com/v1/account_links', [
        'account' => $stripeAccountID,
        'refresh_url' => $base . '/portal/index.html?stripe=retry',
        'return_url' => $base . '/portal/index.html?stripe=complete',
        'type' => 'account_onboarding',
    ]);

    if (isset($linkData['error'])) {
        apiAbort(['OK' => false, 'ERROR' => $linkData['error']['message']]);
    }

    jsonResponse([
        'OK' => true,
        'ONBOARDING_URL' => $linkData['url'],
        'STRIPE_ACCOUNT_ID' => $stripeAccountID,
    ]);

} catch (Exception $e) {
    jsonResponse(['OK' => false, 'ERROR' => $e->getMessage()]);
}