feat(platform): Implement Auto-Top-Up credits capability

[majdyz]

Changes 🏗️

Added auto-top-up credits capability:

• Added autoTopUpConfig column on user
• Added autoTopUp form UI
• Added payment charge logic for top_up_credits
• Added auto-top-up logic on spend_credits

Checklist 📋

For code changes:

• I have clearly listed my changes in the PR description
• I have made a test plan
• I have tested my changes according to the test plan:
  • ...

Example test plan

• Create from scratch and execute an agent with at least 3 blocks
• Import an agent from file upload, and confirm it executes correctly
• Upload agent to marketplace
• Import an agent from marketplace and confirm it executes correctly
• Edit an agent from monitor, and confirm it executes correctly

For configuration changes:

• .env.example is updated or already compatible with my changes
• docker-compose.yml is updated or already compatible with my changes
• I have included a list of my configuration changes in the PR description (under Changes)

Examples of configuration changes

• Changing ports
• Adding new services that need to communicate with each other
• Secrets or environment variable changes
• New or infrastructure changes such as databases

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The payment intent metadata stored in the transaction record may contain sensitive payment method details that should be filtered before storage.

⚡ Recommended focus areas for review Race Condition The auto top-up logic in spend_credits() checks balance after transaction is committed, which could lead to multiple concurrent top-ups if balance drops below threshold simultaneously. # Auto top-up if balance just went below threshold due to this transaction. auto_top_up = await get_auto_top_up(user_id) if balance < auto_top_up.threshold <= balance - cost: try: await self.top_up_credits(user_id=user_id, amount=auto_top_up.amount) except Exception as e: # Failed top-up is not critical, we can move on. logger.error( f"Auto top-up failed for user {user_id}, balance: {balance}, amount: {auto_top_up.amount}, error: {e}" ) Error Handling The top_up_credits() method attempts payment with all available payment methods but doesn't properly handle individual payment failures or distinguish between different error types. for payment_method in payment_methods: if amount == 0: setup_intent = stripe.SetupIntent.create( customer=customer_id, usage="off_session", confirm=True, payment_method=payment_method.id, automatic_payment_methods={ "enabled": True, "allow_redirects": "never", }, ) if setup_intent.status == "succeeded": return else: payment_intent = stripe.PaymentIntent.create( amount=amount, currency="usd", description="AutoGPT Platform Credits", customer=customer_id, off_session=True, confirm=True, payment_method=payment_method.id, automatic_payment_methods={ "enabled": True, "allow_redirects": "never", }, ) if payment_intent.status == "succeeded": await self._add_transaction( user_id=user_id, amount=amount, transaction_type=CreditTransactionType.TOP_UP, transaction_key=payment_intent.id, metadata=Json({"payment_intent": payment_intent}), is_active=True, ) return Input Validation The auto top-up form lacks client-side validation to ensure amount is greater than threshold before submission. const submitAutoTopUpConfig = (e: React.FormEvent<HTMLFormElement>) => { e.preventDefault(); const form = e.currentTarget; const formData = new FormData(form); const amount = parseInt(formData.get("topUpAmount") as string); const threshold = parseInt(formData.get("threshold") as string); toastOnFail("update auto top-up config", () => updateAutoTopUpConfig(amount, threshold).then(() => { toast({ title: "Auto top-up config updated! 🎉" }); }), ); };