mai
/
posimai-root
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: include plan in JWT, update session/verify to use plan column

This commit is contained in:
posimai 2026-04-05 15:03:04 +09:00
parent 8fdcb65f4b
commit 2e326605cb
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
server.js
View File

@ -105,7 +105,13 @@ async function createSessionJWT(userId) {
`INSERT INTO auth_sessions (id, user_id, token_hash, expires_at) VALUES ($1, $2, $3, $4)`,
[sessionId, userId, tokenHash, expiresAt]
);
return jwt.sign({ userId, sid: sessionId }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS });
// plan を JWT に含める(各アプリがプレミアム判定できるよう)
let plan = 'free';
try {
const r = await pool.query(`SELECT plan FROM users WHERE user_id = $1`, [userId]);
plan = r.rows[0]?.plan || 'free';
} catch (_) {}
return jwt.sign({ userId, sid: sessionId, plan }, JWT_SECRET, { expiresIn: JWT_TTL_SECONDS });
}
const app = express();
@ -866,19 +872,20 @@ function buildRouter() {
}
});
// GET /api/auth/session/verify — check current JWT + purchase status
// GET /api/auth/session/verify — check current JWT + plan
r.get('/auth/session/verify', authMiddleware, async (req, res) => {
if (req.authType === 'apikey') {
return res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: true });
return res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'premium', purchased: true });
}
try {
const result = await pool.query(
`SELECT purchased_at FROM users WHERE user_id = $1`, [req.userId]
`SELECT plan, purchased_at FROM users WHERE user_id = $1`, [req.userId]
);
const purchased = !!(result.rows[0]?.purchased_at);
res.json({ ok: true, userId: req.userId, authType: req.authType, purchased });
const plan = result.rows[0]?.plan || 'free';
const purchased = plan === 'premium';
res.json({ ok: true, userId: req.userId, authType: req.authType, plan, purchased });
} catch (e) {
res.json({ ok: true, userId: req.userId, authType: req.authType, purchased: false });
res.json({ ok: true, userId: req.userId, authType: req.authType, plan: 'free', purchased: false });
}
});