diff --git a/server.js b/server.js index 03e504c9..3937b2e9 100644 --- a/server.js +++ b/server.js @@ -105,7 +105,13 @@ async function createSessionJWT(userId) { `INSERT INTO auth_sessions (id, user_id, token_hash, expires_at) VALUES ($1, $2, $3, $4)`, [sessionId, userId, tokenHash, expiresAt] ); - return jwt.sign({ userId, sid: sessionId }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS }); + // plan を JWT に含める(各アプリがプレミアム判定できるよう) + let plan = 'free'; + try { + const r = await pool.query(`SELECT plan FROM users WHERE user_id = $1`, [userId]); + plan = r.rows[0]?.plan || 'free'; + } catch (_) {} + return jwt.sign({ userId, sid: sessionId, plan }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS }); } const app = express(); @@ -866,19 +872,20 @@ function buildRouter() { } }); - // GET /api/auth/session/verify — check current JWT + purchase status + // GET /api/auth/session/verify — check current JWT + plan r.get('/auth/session/verify', authMiddleware, async (req, res) => { if (req.authType === 'apikey') { - return res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: true }); + return res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'premium', purchased: true }); } try { const result = await pool.query( - `SELECT purchased_at FROM users WHERE user_id = $1`, [req.userId] + `SELECT plan, purchased_at FROM users WHERE user_id = $1`, [req.userId] ); - const purchased = !!(result.rows[0]?.purchased_at); - res.json({ ok: true, userId: req.userId, authType: req.authType, purchased }); + const plan = result.rows[0]?.plan || 'free'; + const purchased = plan === 'premium'; + res.json({ ok: true, userId: req.userId, authType: req.authType, plan, purchased }); } catch (e) { - res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: false }); + res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'free', purchased: false }); } });