mai
/
posimai-root
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: include plan in JWT, update session/verify to use plan column

This commit is contained in:
posimai 2026-04-05 15:03:04 +09:00
parent 8fdcb65f4b
commit 2e326605cb
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
server.js
View File

@ -105,7 +105,13 @@ async function createSessionJWT(userId) {
`INSERT INTO auth_sessions (id, user_id, token_hash, expires_at) VALUES ($1, $2, $3, $4)`, `INSERT INTO auth_sessions (id, user_id, token_hash, expires_at) VALUES ($1, $2, $3, $4)`,
[sessionId, userId, tokenHash, expiresAt] [sessionId, userId, tokenHash, expiresAt]
); );
return jwt.sign({ userId, sid: sessionId }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS }); // plan を JWT に含める(各アプリがプレミアム判定できるよう)
let plan = 'free';
try {
const r = await pool.query(`SELECT plan FROM users WHERE user_id = $1`, [userId]);
plan = r.rows[0]?.plan || 'free';
} catch (_) {}
return jwt.sign({ userId, sid: sessionId, plan }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS });
} }
const app = express(); const app = express();
@ -866,19 +872,20 @@ function buildRouter() {
} }
}); });
// GET /api/auth/session/verify — check current JWT + purchase status // GET /api/auth/session/verify — check current JWT + plan
r.get('/auth/session/verify', authMiddleware, async (req, res) => { r.get('/auth/session/verify', authMiddleware, async (req, res) => {
if (req.authType === 'apikey') { if (req.authType === 'apikey') {
return res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: true }); return res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'premium', purchased: true });
} }
try { try {
const result = await pool.query( const result = await pool.query(
`SELECT purchased_at FROM users WHERE user_id = $1`, [req.userId] `SELECT plan, purchased_at FROM users WHERE user_id = $1`, [req.userId]
); );
const purchased = !!(result.rows[0]?.purchased_at); const plan = result.rows[0]?.plan || 'free';
res.json({ ok: true, userId: req.userId, authType: req.authType, purchased }); const purchased = plan === 'premium';
res.json({ ok: true, userId: req.userId, authType: req.authType, plan, purchased });
} catch (e) { } catch (e) {
res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: false }); res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'free', purchased: false });
} }
}); });