Merge branch 'master' of github.com:profullstack/generate-pdf-api

Author: ralyodio

public/js/route-helpers.js

@@ -4,8 +4,24 @@
  * This module provides helper functions to simplify route creation and registration
  * for the SPA router.
  */
+import { apiKeyService } from '../../src/services/api-key-service.js';
 import { loadPage } from './router.js';
 
+/**
+ * Check if a user has access based on subscription status or admin privileges
+ * @param {Object} user - User object
+ * @returns {boolean} - Whether the user has access
+ */
+function hasAccess(user) {
+  if (!user) return false;
+  
+  // Admin users always have access
+  if (user.is_admin === true) return true;
+  
+  // Otherwise, check for active subscription
+  return user.subscription?.status === 'active';
+}
+
 /**
  * Create a route configuration object with common patterns
  * 
@@ -46,11 +62,10 @@ export function createRoute(viewPath, options = {}) {
             const userJson = localStorage.getItem('user');
             if (userJson) {
               const user = JSON.parse(userJson);
-              const hasActiveSubscription = user?.subscription?.status === 'active';
-              const isAdmin = user?.isAdmin === true;
+
+              const hasAccess = await apiKeyService.hasAccess(user.email);
 
-              // Allow access for users with either an active subscription or admin privileges
-              if (!hasActiveSubscription && !isAdmin) {
+              if (!hasAccess) {
                 console.log('Subscription required, redirecting to subscription page');
                 alert('You need an active subscription to access this page.');
                 return next('/subscription');

public/js/views/dashboard.js

@@ -33,14 +33,19 @@ function initDashboard() {
     }
   }
 
-  // Verify subscription status or admin privileges
-  const hasActiveSubscription = user &&
-                               user.subscription &&
-                               user.subscription.status === 'active';
-  const isAdmin = user && user.isAdmin === true;
+  /**
+   * Check if user has access (admin or active subscription)
+   * @param {Object} user - User object
+   * @returns {boolean} - Whether the user has access
+   */
+  function hasAccess(user) {
+    if (!user) return false;
+    if (user.is_admin === true) return true;
+    return user.subscription?.status === 'active';
+  }
 
-  // Allow access for users with either an active subscription or admin privileges
-  if (!hasActiveSubscription && !isAdmin) {
+  // Check if user has access
+  if (!hasAccess(user)) {
     // Redirect to subscription page
     alert('You need an active subscription to access the dashboard.');
     window.router.navigate('/subscription');

src/middleware/subscription-check.js

@@ -1,4 +1,5 @@
 import { paymentService } from '../services/payment-service.js';
+import { apiKeyService } from '../services/api-key-service.js';
 import { errorUtils } from '../utils/error-utils.js';
 
 /**
@@ -33,10 +34,10 @@ export async function subscriptionCheck(c, next) {
     // For simplicity, we're using the API key as the email address
     const email = apiKey;
 
-    // Check if user has an active subscription
-    const hasActiveSubscription = await paymentService.hasActiveSubscription(email);
+    // Check if user has an active subscription or is an admin
+    const hasAccess = await apiKeyService.hasAccess(email);
 
-    if (!hasActiveSubscription) {
+    if (!hasAccess) {
       return c.json({ 
         error: 'Active subscription required', 
         subscription_required: true,

src/services/api-key-service.js

@@ -40,11 +40,11 @@ export const apiKeyService = {
   /**
    * Create user if not exists
    * @param {string} email - User email
-   * @param {boolean} isAdmin - Whether the user is an admin
+   * @param {boolean} is_admin - Whether the user is an admin
    * @returns {Promise<Object|null>} - User object or null if couldn't be created
    * @private
    */
-  async _createUserIfNotExists(email, isAdmin = false) {
+  async _createUserIfNotExists(email, is_admin = false) {
     try {
       // Check if user exists
       const user = await this._getUserByEmail(email);
@@ -62,7 +62,7 @@ export const apiKeyService = {
           .from('users')
           .insert([{
             email,
-            is_admin: isAdmin
+            is_admin: is_admin
           }])
           .select()
           .single();
@@ -72,7 +72,7 @@ export const apiKeyService = {
             console.warn(`API Key Service: Permission denied to create user ${email}, proceeding anyway`);
             // Return a temporary user object with just the email
             // This allows operations to proceed without failing entirely
-            return { email, id: null, is_admin: isAdmin, temp_user: true };
+            return { email, id: null, is_admin: is_admin, temp_user: true };
           } else {
             throw error;
           }
@@ -86,15 +86,15 @@ export const apiKeyService = {
         if (insertError.code === '42501') { // Permission denied error
           console.warn(`API Key Service: Permission denied to create user ${email}, proceeding anyway`);
           // Return a temporary user object with just the email
-          return { email, id: null, is_admin: isAdmin, temp_user: true };
+          return { email, id: null, is_admin: is_admin, temp_user: true };
         } else {
           throw insertError;
         }
       }
     } catch (error) {
       console.error(`API Key Service: Error in _createUserIfNotExists for ${email}:`, error);
       // Return a temporary user object to allow operations to continue
-      return { email, id: null, is_admin: isAdmin, temp_user: true };
+      return { email, id: null, is_admin: is_admin, temp_user: true };
     }
   },