Replace Stripe with Razorpay: subscriptions, webhooks, checkout modal, INR pricing

web/.env.example

@@ -4,19 +4,17 @@ NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY=eyJ...
 SUPABASE_SERVICE_ROLE_KEY=eyJ...
 SUPABASE_JWT_SECRET=your-jwt-secret
 
-# Stripe (v22 — no apiVersion needed)
-STRIPE_SECRET_KEY=sk_live_...
-STRIPE_WEBHOOK_SECRET=whsec_...
-STRIPE_PRO_PRICE_ID=price_...
-STRIPE_TEAM_PRICE_ID=price_...
+# Razorpay
+RAZORPAY_KEY_ID=rzp_test_...
+RAZORPAY_KEY_SECRET=...
+RAZORPAY_WEBHOOK_SECRET=...
+NEXT_PUBLIC_RAZORPAY_KEY_ID=rzp_test_...
+RAZORPAY_PRO_PLAN_ID=plan_...
+RAZORPAY_TEAM_PLAN_ID=plan_...
 
 # Resend
 RESEND_API_KEY=re_...
 
 # App
-NEXT_PUBLIC_SITE_URL=https://clauseguard.com
-CLAUSEGUARD_API_URL=http://localhost:8000
-
-# ML (optional — for SaulLM explain feature)
-HF_API_TOKEN=hf_...
-SAULLM_ENDPOINT=https://your-endpoint.endpoints.huggingface.cloud
+NEXT_PUBLIC_SITE_URL=http://localhost:3000
+CLAUSEGUARD_API_URL=https://gaurv007-clauseguard-api.hf.space

web/app/api/stripe/checkout/route.ts

@@ -1,59 +0,0 @@
-import { NextRequest, NextResponse } from "next/server";
-import { getStripe, PLANS } from "@/lib/stripe";
-import { createClient } from "@/lib/supabase/server";
-
-export async function POST(req: NextRequest) {
-  try {
-    const supabase = await createClient();
-    const { data: { user } } = await supabase.auth.getUser();
-
-    if (!user) {
-      return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
-    }
-
-    const { plan } = await req.json();
-
-    if (plan !== "pro" && plan !== "team") {
-      return NextResponse.json({ error: "Invalid plan" }, { status: 400 });
-    }
-
-    const priceId = PLANS[plan].price_id;
-    if (!priceId) {
-      return NextResponse.json({ error: "Price not configured" }, { status: 500 });
-    }
-
-    const stripe = getStripe();
-
-    const { data: profile } = await supabase
-      .from("profiles")
-      .select("stripe_customer_id")
-      .eq("id", user.id)
-      .single();
-
-    let customerId = profile?.stripe_customer_id;
-
-    if (!customerId) {
-      const customer = await stripe.customers.create({
-        email: user.email,
-        metadata: { supabase_user_id: user.id },
-      });
-      customerId = customer.id;
-      await supabase.from("profiles").update({ stripe_customer_id: customerId }).eq("id", user.id);
-    }
-
-    const session = await stripe.checkout.sessions.create({
-      customer: customerId,
-      mode: "subscription",
-      payment_method_types: ["card"],
-      line_items: [{ price: priceId, quantity: 1 }],
-      success_url: `${process.env.NEXT_PUBLIC_SITE_URL}/dashboard-pages/dashboard?session_id={CHECKOUT_SESSION_ID}`,
-      cancel_url: `${process.env.NEXT_PUBLIC_SITE_URL}/pricing`,
-      subscription_data: { metadata: { supabase_user_id: user.id, plan } },
-    });
-
-    return NextResponse.json({ url: session.url });
-  } catch (error) {
-    console.error("Checkout error:", error);
-    return NextResponse.json({ error: "Checkout failed" }, { status: 500 });
-  }
-}

web/app/api/stripe/webhook/route.ts

@@ -1,81 +0,0 @@
-import { NextRequest, NextResponse } from "next/server";
-import { getStripe } from "@/lib/stripe";
-import { createClient } from "@supabase/supabase-js";
-import { Resend } from "resend";
-
-const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL!,
-  process.env.SUPABASE_SERVICE_ROLE_KEY!
-);
-
-const resend = process.env.RESEND_API_KEY ? new Resend(process.env.RESEND_API_KEY) : null;
-
-export async function POST(req: NextRequest) {
-  const body = await req.text();
-  const sig = req.headers.get("stripe-signature")!;
-  const stripe = getStripe();
-
-  let event;
-  try {
-    event = stripe.webhooks.constructEvent(body, sig, process.env.STRIPE_WEBHOOK_SECRET!);
-  } catch {
-    return NextResponse.json({ error: "Invalid signature" }, { status: 400 });
-  }
-
-  switch (event.type) {
-    case "customer.subscription.created":
-    case "customer.subscription.updated": {
-      const sub = event.data.object as any;
-      const plan = sub.metadata?.plan || "pro";
-
-      if (sub.status === "active" || sub.status === "trialing") {
-        const { data } = await supabase
-          .from("profiles")
-          .update({ plan, stripe_subscription_id: sub.id, updated_at: new Date().toISOString() })
-          .eq("stripe_customer_id", sub.customer)
-          .select("email")
-          .single();
-
-        if (data?.email && resend && event.type === "customer.subscription.created") {
-          await resend.emails.send({
-            from: "ClauseGuard <noreply@clauseguard.com>",
-            to: [data.email],
-            subject: `Welcome to ClauseGuard ${plan.charAt(0).toUpperCase() + plan.slice(1)}`,
-            html: `<p>Your ${plan} subscription is active. You now have unlimited scans.</p><p><a href="https://clauseguard.com/dashboard-pages/dashboard">Go to dashboard</a></p>`,
-          });
-        }
-      }
-      break;
-    }
-
-    case "customer.subscription.deleted": {
-      const sub = event.data.object as any;
-      await supabase
-        .from("profiles")
-        .update({ plan: "free", stripe_subscription_id: null, updated_at: new Date().toISOString() })
-        .eq("stripe_customer_id", sub.customer);
-      break;
-    }
-
-    case "invoice.payment_failed": {
-      const invoice = event.data.object as any;
-      const { data } = await supabase
-        .from("profiles")
-        .select("email")
-        .eq("stripe_customer_id", invoice.customer)
-        .single();
-
-      if (data?.email && resend) {
-        await resend.emails.send({
-          from: "ClauseGuard <noreply@clauseguard.com>",
-          to: [data.email],
-          subject: "Payment failed — action needed",
-          html: "<p>Your latest payment failed. Please update your payment method to keep your subscription active.</p>",
-        });
-      }
-      break;
-    }
-  }
-
-  return NextResponse.json({ received: true });
-}

web/app/api/subscribe/cancel/route.ts

@@ -0,0 +1,36 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getRazorpay } from "@/lib/razorpay";
+import { createClient } from "@/lib/supabase/server";
+
+export async function POST(req: NextRequest) {
+  try {
+    const supabase = await createClient();
+    const { data: { user } } = await supabase.auth.getUser();
+    if (!user) return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
+
+    const { data: profile } = await supabase
+      .from("profiles")
+      .select("razorpay_subscription_id")
+      .eq("id", user.id)
+      .single();
+
+    if (!profile?.razorpay_subscription_id) {
+      return NextResponse.json({ error: "No active subscription" }, { status: 400 });
+    }
+
+    const razorpay = getRazorpay();
+
+    // Cancel at end of billing cycle (like Stripe's cancel_at_period_end)
+    await razorpay.subscriptions.cancel(profile.razorpay_subscription_id, true);
+
+    await supabase
+      .from("profiles")
+      .update({ updated_at: new Date().toISOString() })
+      .eq("id", user.id);
+
+    return NextResponse.json({ success: true, message: "Subscription will cancel at end of current period." });
+  } catch (error: any) {
+    console.error("Cancel error:", error);
+    return NextResponse.json({ error: error.message || "Cancel failed" }, { status: 500 });
+  }
+}

web/app/api/subscribe/create/route.ts

@@ -0,0 +1,50 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getRazorpay, PLANS } from "@/lib/razorpay";
+import { createClient } from "@/lib/supabase/server";
+
+export async function POST(req: NextRequest) {
+  try {
+    const supabase = await createClient();
+    const { data: { user } } = await supabase.auth.getUser();
+    if (!user) return NextResponse.json({ error: "Not authenticated" }, { status: 401 });
+
+    const { plan } = await req.json();
+    if (plan !== "pro" && plan !== "team") {
+      return NextResponse.json({ error: "Invalid plan" }, { status: 400 });
+    }
+
+    const planId = PLANS[plan].razorpay_plan_id;
+    if (!planId) return NextResponse.json({ error: "Plan not configured" }, { status: 500 });
+
+    const razorpay = getRazorpay();
+
+    const subscription = await razorpay.subscriptions.create({
+      plan_id: planId,
+      total_count: 120,
+      quantity: 1,
+      customer_notify: 1,
+      notes: {
+        user_id: user.id,
+        email: user.email || "",
+        plan: plan,
+      },
+    });
+
+    // Save subscription ID to profile
+    await supabase
+      .from("profiles")
+      .update({
+        razorpay_subscription_id: subscription.id,
+        updated_at: new Date().toISOString(),
+      })
+      .eq("id", user.id);
+
+    return NextResponse.json({
+      subscription_id: subscription.id,
+      short_url: subscription.short_url,
+    });
+  } catch (error: any) {
+    console.error("Subscription create error:", error);
+    return NextResponse.json({ error: error.message || "Failed" }, { status: 500 });
+  }
+}

web/app/api/subscribe/verify/route.ts

@@ -0,0 +1,52 @@
+import { NextRequest, NextResponse } from "next/server";
+import { validatePaymentVerification } from "razorpay/dist/utils/razorpay-utils";
+import { createClient } from "@/lib/supabase/server";
+
+export async function POST(req: NextRequest) {
+  try {
+    const { razorpay_payment_id, razorpay_subscription_id, razorpay_signature } = await req.json();
+
+    const isValid = validatePaymentVerification(
+      { payment_id: razorpay_payment_id, subscription_id: razorpay_subscription_id },
+      razorpay_signature,
+      process.env.RAZORPAY_KEY_SECRET!
+    );
+
+    if (!isValid) {
+      return NextResponse.json({ error: "Invalid payment signature" }, { status: 400 });
+    }
+
+    // Activate the plan
+    const supabase = await createClient();
+    const { data: { user } } = await supabase.auth.getUser();
+
+    if (user) {
+      // Get plan from profile's stored subscription
+      const { data: profile } = await supabase
+        .from("profiles")
+        .select("razorpay_subscription_id")
+        .eq("id", user.id)
+        .single();
+
+      // Fetch subscription to get plan details from notes
+      const { getRazorpay } = await import("@/lib/razorpay");
+      const rp = getRazorpay();
+      const sub = await rp.subscriptions.fetch(razorpay_subscription_id);
+      const plan = (sub.notes as any)?.plan || "pro";
+
+      await supabase
+        .from("profiles")
+        .update({
+          plan,
+          razorpay_subscription_id,
+          updated_at: new Date().toISOString(),
+        })
+        .eq("id", user.id);
+    }
+
+    return NextResponse.json({ success: true });
+  } catch (error: any) {
+    console.error("Verification error:", error);
+    return NextResponse.json({ error: error.message || "Verification failed" }, { status: 500 });
+  }
+}

web/app/api/webhooks/razorpay/route.ts

@@ -0,0 +1,115 @@
+import { NextRequest, NextResponse } from "next/server";
+import Razorpay from "razorpay";
+import { createClient } from "@supabase/supabase-js";
+
+const supabase = createClient(
+  process.env.NEXT_PUBLIC_SUPABASE_URL!,
+  process.env.SUPABASE_SERVICE_ROLE_KEY!
+);
+
+let resend: any = null;
+if (process.env.RESEND_API_KEY) {
+  import("resend").then(({ Resend }) => { resend = new Resend(process.env.RESEND_API_KEY); });
+}
+
+export async function POST(req: NextRequest) {
+  const rawBody = await req.text();
+  const signature = req.headers.get("x-razorpay-signature") || "";
+  const webhookSecret = process.env.RAZORPAY_WEBHOOK_SECRET!;
+
+  // Verify signature
+  const isValid = Razorpay.validateWebhookSignature(rawBody, signature, webhookSecret);
+  if (!isValid) {
+    return NextResponse.json({ error: "Invalid signature" }, { status: 400 });
+  }
+
+  const event = JSON.parse(rawBody);
+  const eventType: string = event.event;
+
+  switch (eventType) {
+    case "subscription.activated": {
+      const sub = event.payload.subscription.entity;
+      const plan = sub.notes?.plan || "pro";
+      const userId = sub.notes?.user_id;
+
+      if (userId) {
+        const { data } = await supabase
+          .from("profiles")
+          .update({
+            plan,
+            razorpay_subscription_id: sub.id,
+            updated_at: new Date().toISOString(),
+          })
+          .eq("id", userId)
+          .select("email")
+          .single();
+
+        // Send welcome email
+        if (data?.email && resend) {
+          await resend.emails.send({
+            from: "ClauseGuard <noreply@clauseguard.com>",
+            to: [data.email],
+            subject: `Welcome to ClauseGuard ${plan.charAt(0).toUpperCase() + plan.slice(1)}`,
+            html: `<p>Your ${plan} subscription is active. You now have unlimited scans.</p><p><a href="https://clauseguard.com/dashboard-pages/dashboard">Go to dashboard</a></p>`,
+          });
+        }
+      }
+      break;
+    }
+
+    case "subscription.charged": {
+      // Recurring payment succeeded — nothing to update, plan already active
+      break;
+    }
+
+    case "subscription.cancelled":
+    case "subscription.completed": {
+      const sub = event.payload.subscription.entity;
+      const userId = sub.notes?.user_id;
+
+      if (userId) {
+        await supabase
+          .from("profiles")
+          .update({
+            plan: "free",
+            razorpay_subscription_id: null,
+            updated_at: new Date().toISOString(),
+          })
+          .eq("id", userId);
+      }
+      break;
+    }
+
+    case "subscription.halted": {
+      const sub = event.payload.subscription.entity;
+      const userId = sub.notes?.user_id;
+
+      if (userId) {
+        const { data } = await supabase
+          .from("profiles")
+          .select("email")
+          .eq("id", userId)
+          .single();
+
+        if (data?.email && resend) {
+          await resend.emails.send({
+            from: "ClauseGuard <noreply@clauseguard.com>",
+            to: [data.email],
+            subject: "Payment failed — subscription paused",
+            html: "<p>Your payment failed and your subscription has been paused. Please update your payment method to continue.</p>",
+          });
+        }
+      }
+      break;
+    }
+
+    case "payment.failed": {
+      // Razorpay auto-retries for subscriptions — log for monitoring
+      const payment = event.payload.payment.entity;
+      console.warn("Payment failed:", payment.id, payment.error_description);
+      break;
+    }
+  }
+
+  return NextResponse.json({ status: "ok" });
+}

web/app/dashboard-pages/settings/page.tsx

@@ -1,23 +1,23 @@
 import { createClient } from "@/lib/supabase/server";
-import { getStripe } from "@/lib/stripe";
 import { redirect } from "next/navigation";
 import Link from "next/link";
+import { ArrowLeft, User, CreditCard, LogOut, CircleAlert } from "lucide-react";
 
-async function createBillingPortal(formData: FormData) {
+async function handleCancel() {
   "use server";
   const supabase = await createClient();
   const { data: { user } } = await supabase.auth.getUser();
   if (!user) redirect("/auth/login");
 
-  const { data: profile } = await supabase.from("profiles").select("stripe_customer_id").eq("id", user.id).single();
-  if (!profile?.stripe_customer_id) redirect("/pricing");
+  const { data: profile } = await supabase.from("profiles").select("razorpay_subscription_id").eq("id", user.id).single();
+  if (!profile?.razorpay_subscription_id) return;
 
-  const stripe = getStripe();
-  const { url } = await stripe.billingPortal.sessions.create({
-    customer: profile.stripe_customer_id,
-    return_url: `${process.env.NEXT_PUBLIC_SITE_URL}/dashboard-pages/settings`,
-  });
-  redirect(url!);
+  const { getRazorpay } = await import("@/lib/razorpay");
+  const rp = getRazorpay();
+  await rp.subscriptions.cancel(profile.razorpay_subscription_id, true);
+
+  await supabase.from("profiles").update({ updated_at: new Date().toISOString() }).eq("id", user.id);
+  redirect("/dashboard-pages/settings?cancelled=true");
 }
 
 async function handleSignOut() {
@@ -39,76 +39,70 @@ export default async function SettingsPage() {
 
   const plan = profile?.plan || "free";
   const used = profile?.analyses_this_month || 0;
-  const limit = plan === "free" ? 10 : "Unlimited";
+  const limit = plan === "free" ? "10" : "Unlimited";
+  const hasSub = !!profile?.razorpay_subscription_id;
 
   return (
     <div className="min-h-screen bg-white">
-      <div className="max-w-2xl mx-auto px-6 py-12">
+      <div className="max-w-2xl mx-auto px-5 py-12">
         <div className="mb-8">
-          <Link href="/dashboard-pages/dashboard" className="text-sm text-zinc-400 hover:text-zinc-600">← Dashboard</Link>
-          <h1 className="mt-4 text-2xl font-semibold">Settings</h1>
+          <Link href="/dashboard-pages/dashboard" className="inline-flex items-center gap-1.5 text-sm text-zinc-400 hover:text-zinc-600">
+            <ArrowLeft className="w-3.5 h-3.5" /> Dashboard
+          </Link>
+          <h1 className="mt-4 text-2xl font-semibold tracking-tight">Settings</h1>
         </div>
 
         {/* Account */}
-        <section className="mb-10">
-          <h2 className="text-sm font-medium text-zinc-500 uppercase tracking-wide mb-4">Account</h2>
-          <div className="border border-zinc-200 rounded-lg divide-y divide-zinc-100">
-            <div className="px-5 py-4 flex justify-between items-center">
-              <div>
-                <p className="text-sm font-medium">Email</p>
-                <p className="text-sm text-zinc-500">{user?.email}</p>
-              </div>
-            </div>
+        <section className="mb-8">
+          <div className="flex items-center gap-2 mb-3">
+            <User className="w-4 h-4 text-zinc-400" />
+            <h2 className="text-sm font-medium text-zinc-500 uppercase tracking-wider">Account</h2>
+          </div>
+          <div className="border border-zinc-200 rounded-xl divide-y divide-zinc-100">
             <div className="px-5 py-4 flex justify-between items-center">
-              <div>
-                <p className="text-sm font-medium">Name</p>
-                <p className="text-sm text-zinc-500">{profile?.full_name || "Not set"}</p>
-              </div>
+              <div><p className="text-sm font-medium">Email</p><p className="text-sm text-zinc-500">{user?.email}</p></div>
             </div>
             <div className="px-5 py-4 flex justify-between items-center">
-              <div>
-                <p className="text-sm font-medium">User ID</p>
-                <p className="text-sm text-zinc-400 font-mono text-xs">{user?.id}</p>
-              </div>
+              <div><p className="text-sm font-medium">Name</p><p className="text-sm text-zinc-500">{profile?.full_name || "Not set"}</p></div>
             </div>
           </div>
         </section>
 
         {/* Subscription */}
-        <section className="mb-10">
-          <h2 className="text-sm font-medium text-zinc-500 uppercase tracking-wide mb-4">Subscription</h2>
-          <div className="border border-zinc-200 rounded-lg divide-y divide-zinc-100">
+        <section className="mb-8">
+          <div className="flex items-center gap-2 mb-3">
+            <CreditCard className="w-4 h-4 text-zinc-400" />
+            <h2 className="text-sm font-medium text-zinc-500 uppercase tracking-wider">Subscription</h2>
+          </div>
+          <div className="border border-zinc-200 rounded-xl divide-y divide-zinc-100">
             <div className="px-5 py-4 flex justify-between items-center">
-              <div>
-                <p className="text-sm font-medium">Plan</p>
-                <p className="text-sm text-zinc-500 capitalize">{plan}</p>
-              </div>
+              <div><p className="text-sm font-medium">Plan</p><p className="text-sm text-zinc-500 capitalize">{plan}</p></div>
               {plan === "free" ? (
-                <Link href="/#pricing" className="text-sm text-zinc-900 font-medium border border-zinc-200 px-3 py-1.5 rounded-md hover:bg-zinc-50">
-                  Upgrade
-                </Link>
-              ) : (
-                <form action={createBillingPortal}>
-                  <button type="submit" className="text-sm text-zinc-900 font-medium border border-zinc-200 px-3 py-1.5 rounded-md hover:bg-zinc-50">
-                    Manage billing
-                  </button>
-                </form>
-              )}
+                <Link href="/#pricing" className="text-sm font-medium border border-zinc-200 px-3 py-1.5 rounded-lg hover:bg-zinc-50 transition-colors">Upgrade</Link>
+              ) : null}
             </div>
             <div className="px-5 py-4 flex justify-between items-center">
-              <div>
-                <p className="text-sm font-medium">Usage this month</p>
-                <p className="text-sm text-zinc-500">{used} / {limit} scans</p>
-              </div>
+              <div><p className="text-sm font-medium">Usage this month</p><p className="text-sm text-zinc-500">{used} / {limit} scans</p></div>
             </div>
+            {hasSub && plan !== "free" && (
+              <div className="px-5 py-4">
+                <form action={handleCancel}>
+                  <button type="submit" className="flex items-center gap-2 text-sm text-red-600 font-medium border border-red-200 px-3 py-1.5 rounded-lg hover:bg-red-50 transition-colors">
+                    <CircleAlert className="w-3.5 h-3.5" />
+                    Cancel subscription
+                  </button>
+                </form>
+                <p className="mt-1.5 text-xs text-zinc-400">Access continues until end of current billing period.</p>
+              </div>
+            )}
           </div>
         </section>
 
-        {/* Danger zone */}
+        {/* Sign out */}
         <section>
-          <h2 className="text-sm font-medium text-zinc-500 uppercase tracking-wide mb-4">Session</h2>
           <form action={handleSignOut}>
-            <button type="submit" className="text-sm text-red-600 font-medium border border-red-200 px-4 py-2 rounded-md hover:bg-red-50">
+            <button type="submit" className="flex items-center gap-2 text-sm text-zinc-500 font-medium border border-zinc-200 px-4 py-2 rounded-lg hover:bg-zinc-50 transition-colors">
+              <LogOut className="w-4 h-4" />
               Sign out
             </button>
           </form>

web/components/checkout-button.tsx

@@ -0,0 +1,103 @@
+"use client";
+
+import { useState } from "react";
+import { CreditCard, Loader2 } from "lucide-react";
+
+// Razorpay checkout script loader
+function loadRazorpayScript(): Promise<boolean> {
+  return new Promise((resolve) => {
+    if (typeof window !== "undefined" && (window as any).Razorpay) {
+      resolve(true);
+      return;
+    }
+    const script = document.createElement("script");
+    script.src = "https://checkout.razorpay.com/v1/checkout.js";
+    script.onload = () => resolve(true);
+    script.onerror = () => resolve(false);
+    document.body.appendChild(script);
+  });
+}
+
+interface Props {
+  plan: "pro" | "team";
+  label?: string;
+  className?: string;
+  userName?: string;
+  userEmail?: string;
+}
+
+export function CheckoutButton({ plan, label, className, userName, userEmail }: Props) {
+  const [loading, setLoading] = useState(false);
+
+  async function handleCheckout() {
+    setLoading(true);
+
+    try {
+      // Load Razorpay script
+      const loaded = await loadRazorpayScript();
+      if (!loaded) throw new Error("Failed to load Razorpay");
+
+      // Create subscription server-side
+      const res = await fetch("/api/subscribe/create", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ plan }),
+      });
+
+      if (!res.ok) {
+        const err = await res.json();
+        throw new Error(err.error || "Subscription failed");
+      }
+
+      const { subscription_id } = await res.json();
+
+      // Open Razorpay checkout
+      const rzp = new (window as any).Razorpay({
+        key: process.env.NEXT_PUBLIC_RAZORPAY_KEY_ID,
+        subscription_id,
+        name: "ClauseGuard",
+        description: plan === "pro" ? "Pro — ₹999/mo" : "Team — ₹3,999/mo",
+        handler: async (response: any) => {
+          // Verify payment server-side
+          const verifyRes = await fetch("/api/subscribe/verify", {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify(response),
+          });
+
+          if (verifyRes.ok) {
+            window.location.href = "/dashboard-pages/dashboard?subscribed=true";
+          }
+        },
+        prefill: {
+          name: userName || "",
+          email: userEmail || "",
+        },
+        theme: { color: "#18181b" },
+        modal: {
+          ondismiss: () => setLoading(false),
+        },
+      });
+
+      rzp.on("payment.failed", () => setLoading(false));
+      rzp.open();
+    } catch (error) {
+      console.error("Checkout error:", error);
+      setLoading(false);
+    }
+  }
+
+  return (
+    <button
+      onClick={handleCheckout}
+      disabled={loading}
+      className={className || "w-full flex items-center justify-center gap-2 bg-zinc-900 text-white py-2.5 rounded-lg text-sm font-medium hover:bg-zinc-800 disabled:opacity-40 transition-colors"}
+    >
+      {loading ? (
+        <><Loader2 className="w-4 h-4 animate-spin" /> Processing...</>
+      ) : (
+        <><CreditCard className="w-4 h-4" /> {label || `Subscribe to ${plan}`}</>
+      )}
+    </button>
+  );
+}

web/lib/{stripe.ts → razorpay.ts}

@@ -1,31 +1,37 @@
-import Stripe from "stripe";
+import Razorpay from "razorpay";
 
-let _stripe: Stripe | null = null;
+let _razorpay: Razorpay | null = null;
 
-export function getStripe(): Stripe {
-  if (!_stripe) {
-    _stripe = new Stripe(process.env.STRIPE_SECRET_KEY!);
+export function getRazorpay(): Razorpay {
+  if (!_razorpay) {
+    _razorpay = new Razorpay({
+      key_id: process.env.RAZORPAY_KEY_ID!,
+      key_secret: process.env.RAZORPAY_KEY_SECRET!,
+    });
   }
-  return _stripe;
+  return _razorpay;
 }
 
 export const PLANS = {
   free: {
     name: "Free",
     scans: 10,
-    price_id: null,
+    razorpay_plan_id: null,
+    price_label: "₹0",
     features: ["10 scans per month", "All 8 clause categories", "Risk score and grade"],
   },
   pro: {
     name: "Pro",
     scans: Infinity,
-    price_id: process.env.STRIPE_PRO_PRICE_ID!,
+    razorpay_plan_id: process.env.RAZORPAY_PRO_PLAN_ID!,
+    price_label: "₹999/mo",
     features: ["Unlimited scans", "Contract uploads", "Clause explanations", "PDF exports"],
   },
   team: {
     name: "Team",
     scans: Infinity,
-    price_id: process.env.STRIPE_TEAM_PRICE_ID!,
+    razorpay_plan_id: process.env.RAZORPAY_TEAM_PLAN_ID!,
+    price_label: "₹3,999/mo",
     features: ["Everything in Pro", "5 team seats", "10K API calls", "Priority support"],
   },
 } as const;

web/lib/supabase/schema.sql

@@ -1,14 +1,12 @@
--- ClauseGuard — Supabase Database Schema
--- Run this in Supabase SQL Editor to set up the database
+-- ClauseGuard — Supabase Database Schema (Razorpay)
 
--- ─── Profiles (extends auth.users) ───
+-- Profiles
 CREATE TABLE IF NOT EXISTS public.profiles (
   id UUID REFERENCES auth.users ON DELETE CASCADE PRIMARY KEY,
   email TEXT,
   full_name TEXT,
   avatar_url TEXT,
-  stripe_customer_id TEXT UNIQUE,
-  stripe_subscription_id TEXT,
+  razorpay_subscription_id TEXT,
   plan TEXT DEFAULT 'free' CHECK (plan IN ('free', 'pro', 'team')),
   analyses_this_month INT DEFAULT 0,
   monthly_reset_at TIMESTAMPTZ DEFAULT date_trunc('month', NOW()),
@@ -16,7 +14,7 @@ CREATE TABLE IF NOT EXISTS public.profiles (
   updated_at TIMESTAMPTZ DEFAULT NOW()
 );
 
--- ─── Analyses (scan history) ───
+-- Analyses
 CREATE TABLE IF NOT EXISTS public.analyses (
   id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
   user_id UUID REFERENCES public.profiles ON DELETE CASCADE NOT NULL,
@@ -30,45 +28,27 @@ CREATE TABLE IF NOT EXISTS public.analyses (
   created_at TIMESTAMPTZ DEFAULT NOW()
 );
 
--- ─── Indexes ───
+-- Indexes
 CREATE INDEX IF NOT EXISTS idx_analyses_user_id ON public.analyses(user_id);
 CREATE INDEX IF NOT EXISTS idx_analyses_created_at ON public.analyses(created_at DESC);
-CREATE INDEX IF NOT EXISTS idx_profiles_stripe_customer ON public.profiles(stripe_customer_id);
 
--- ─── Row Level Security ───
+-- Row Level Security
 ALTER TABLE public.profiles ENABLE ROW LEVEL SECURITY;
 ALTER TABLE public.analyses ENABLE ROW LEVEL SECURITY;
 
--- Profiles: users can only see/edit their own profile
-CREATE POLICY "Users can view own profile"
-  ON public.profiles FOR SELECT
-  USING (auth.uid() = id);
+CREATE POLICY "Users can view own profile" ON public.profiles FOR SELECT USING (auth.uid() = id);
+CREATE POLICY "Users can update own profile" ON public.profiles FOR UPDATE USING (auth.uid() = id);
+CREATE POLICY "Users can view own analyses" ON public.analyses FOR SELECT USING (auth.uid() = user_id);
+CREATE POLICY "Users can insert own analyses" ON public.analyses FOR INSERT WITH CHECK (auth.uid() = user_id);
+CREATE POLICY "Users can delete own analyses" ON public.analyses FOR DELETE USING (auth.uid() = user_id);
 
-CREATE POLICY "Users can update own profile"
-  ON public.profiles FOR UPDATE
-  USING (auth.uid() = id);
-
--- Analyses: users can only see their own scans
-CREATE POLICY "Users can view own analyses"
-  ON public.analyses FOR SELECT
-  USING (auth.uid() = user_id);
-
-CREATE POLICY "Users can insert own analyses"
-  ON public.analyses FOR INSERT
-  WITH CHECK (auth.uid() = user_id);
-
-CREATE POLICY "Users can delete own analyses"
-  ON public.analyses FOR DELETE
-  USING (auth.uid() = user_id);
-
--- ─── Auto-create profile on signup ───
+-- Auto-create profile on signup
 CREATE OR REPLACE FUNCTION public.handle_new_user()
 RETURNS TRIGGER AS $$
 BEGIN
   INSERT INTO public.profiles (id, email, full_name, avatar_url)
   VALUES (
-    NEW.id,
-    NEW.email,
+    NEW.id, NEW.email,
     COALESCE(NEW.raw_user_meta_data ->> 'full_name', NEW.raw_user_meta_data ->> 'name', ''),
     COALESCE(NEW.raw_user_meta_data ->> 'avatar_url', NEW.raw_user_meta_data ->> 'picture', '')
   );
@@ -80,13 +60,12 @@ CREATE OR REPLACE TRIGGER on_auth_user_created
   AFTER INSERT ON auth.users
   FOR EACH ROW EXECUTE FUNCTION public.handle_new_user();
 
--- ─── Monthly usage reset function ───
+-- Monthly usage reset
 CREATE OR REPLACE FUNCTION public.reset_monthly_usage()
 RETURNS void AS $$
 BEGIN
   UPDATE public.profiles
-  SET analyses_this_month = 0,
-      monthly_reset_at = date_trunc('month', NOW())
+  SET analyses_this_month = 0, monthly_reset_at = date_trunc('month', NOW())
   WHERE monthly_reset_at < date_trunc('month', NOW());
 END;
 $$ LANGUAGE plpgsql SECURITY DEFINER;

web/package.json

@@ -14,7 +14,7 @@
     "react-dom": "19.2.5",
     "@supabase/supabase-js": "2.104.0",
     "@supabase/ssr": "0.10.2",
-    "stripe": "22.0.2",
+    "razorpay": "2.9.6",
     "resend": "6.12.2",
     "@react-pdf/renderer": "4.5.1",
     "jose": "6.2.2",