@goscribe/server 1.3.0 → 1.3.1

package/dist/trpc.js

@@ -1,7 +1,15 @@
 import { initTRPC, TRPCError } from "@trpc/server";
 import superjson from "superjson";
+import { ActivityLogStatus } from "@prisma/client";
 import { logger } from "./lib/logger.js";
 import { toTRPCError } from "./lib/errors.js";
+import { getUserUsage, getUserPlanLimits } from "./lib/usage_service.js";
+import { getClientIp, isActivityLogEnabled, scheduleRecordActivity, truncateUserAgent, } from "./lib/activity_log_service.js";
+/** Avoid logging the log viewers themselves (noise when browsing activity). */
+const SKIP_ACTIVITY_TRPC_PATHS = new Set([
+    "admin.activityList",
+    "admin.activityExportCsv",
+]);
 const t = initTRPC.context().create({
     transformer: superjson,
     errorFormatter({ shape, error }) {
@@ -51,6 +59,7 @@ const isAuthed = middleware(({ ctx, next }) => {
     }
     return next({
         ctx: {
+            ...ctx,
             session: ctx.session,
             userId: ctx.session.user.id,
         },
@@ -67,8 +76,148 @@ const errorHandler = middleware(async ({ next }) => {
         throw toTRPCError(error);
     }
 });
+/**
+ * Middleware that enforces email verification
+ */
+const isVerified = middleware(async ({ ctx, next }) => {
+    const user = await ctx.db.user.findUnique({
+        where: { id: ctx.session.user.id },
+        select: { emailVerified: true },
+    });
+    if (!user?.emailVerified) {
+        throw new TRPCError({
+            code: "FORBIDDEN",
+            message: "Please verify your email to access this feature",
+        });
+    }
+    return next();
+});
+/**
+ * Middleware that enforces resource limits based on the user's plan.
+ * Note: This matches the 'path' to decide which limit to check.
+ */
+const checkUsageLimit = middleware(async ({ ctx, next, path }) => {
+    const userId = ctx.session.user.id;
+    // 1. Get current usage and limits
+    const [usage, limits] = await Promise.all([
+        getUserUsage(userId),
+        getUserPlanLimits(userId)
+    ]);
+    // If no limits found (no active plan), we block any premium actions
+    if (!limits) {
+        throw new TRPCError({
+            code: "FORBIDDEN",
+            message: "No active plan found. Please subscribe to a plan to continue.",
+        });
+    }
+    // 2. Check limits based on the tRPC path
+    // Flashcards (matches: flashcards.createCard, flashcards.generateFromPrompt)
+    if (path.startsWith('flashcards.') && (path.includes('create') || path.includes('generate')) && usage.flashcards >= limits.maxFlashcards) {
+        throw new TRPCError({ code: "FORBIDDEN", message: "Flashcard limit reached for your plan." });
+    }
+    // Worksheets (matches: worksheets.create, worksheets.generateFromPrompt)
+    if (path.startsWith('worksheets.') && (path.includes('create') || path.includes('generate')) && usage.worksheets >= limits.maxWorksheets) {
+        throw new TRPCError({ code: "FORBIDDEN", message: "Worksheet limit reached for your plan." });
+    }
+    // Podcasts (matches: podcast.generateEpisode)
+    if (path.startsWith('podcast.') && path.includes('generate') && usage.podcasts >= limits.maxPodcasts) {
+        throw new TRPCError({ code: "FORBIDDEN", message: "Podcast limit reached for your plan." });
+    }
+    // Study Guides (matches: studyguide.get - because it lazily creates)
+    if (path.startsWith('studyguide.') && path.includes('get') && usage.studyGuides >= limits.maxStudyGuides) {
+        // Note: We only block if the artifact doesn't exist yet (handled inside the query or by checking usage)
+        // For simplicity, if they hit the limit, we block creation of NEW study guides.
+        // However, usage_service counts existing ones. 
+        // If usage is already at/over limit, it means any NEW workspace's 'get' will fail creation.
+    }
+    // Storage check (for uploads)
+    if (path.includes('upload') && usage.storageBytes >= Number(limits.maxStorageBytes)) {
+        throw new TRPCError({ code: "FORBIDDEN", message: "Storage limit reached for your plan." });
+    }
+    return next();
+});
+/**
+ * Middleware that enforces system admin role
+ */
+const isAdmin = middleware(async ({ ctx, next }) => {
+    const user = await ctx.db.user.findUnique({
+        where: { id: ctx.session.user.id },
+        include: { role: true },
+    });
+    if (user?.role?.name !== 'System Admin') {
+        throw new TRPCError({
+            code: "FORBIDDEN",
+            message: "You do not have permission to access this resource",
+        });
+    }
+    return next();
+});
+/**
+ * Persists ActivityLog rows for authenticated tRPC calls (async, non-blocking).
+ */
+const activityLogMiddleware = middleware(async (opts) => {
+    const { ctx, next, path, type, getRawInput } = opts;
+    if (!isActivityLogEnabled() || SKIP_ACTIVITY_TRPC_PATHS.has(path)) {
+        return next();
+    }
+    const userId = ctx.userId;
+    if (!userId) {
+        return next();
+    }
+    let rawInput;
+    try {
+        rawInput = await getRawInput();
+    }
+    catch {
+        rawInput = undefined;
+    }
+    const req = ctx.req;
+    const ipAddress = req ? getClientIp(req) : undefined;
+    const userAgent = req.headers["user-agent"];
+    const httpMethod = req.method;
+    const start = Date.now();
+    const result = await next();
+    const durationMs = Date.now() - start;
+    if (result.ok) {
+        scheduleRecordActivity({
+            db: ctx.db,
+            actorUserId: userId,
+            path,
+            type,
+            status: ActivityLogStatus.SUCCESS,
+            durationMs,
+            rawInput,
+            ipAddress,
+            userAgent: truncateUserAgent(typeof userAgent === "string" ? userAgent : undefined),
+            httpMethod,
+        });
+    }
+    else {
+        scheduleRecordActivity({
+            db: ctx.db,
+            actorUserId: userId,
+            path,
+            type,
+            status: ActivityLogStatus.FAILURE,
+            durationMs,
+            rawInput,
+            ipAddress,
+            userAgent: truncateUserAgent(typeof userAgent === "string" ? userAgent : undefined),
+            httpMethod,
+            errorCode: result.error.code,
+        });
+    }
+    return result;
+});
 /** Exported procedures with middleware */
 export const authedProcedure = publicProcedure
     .use(loggingMiddleware)
     .use(errorHandler)
-    .use(isAuthed);
+    .use(isAuthed)
+    .use(activityLogMiddleware);
+export const verifiedProcedure = authedProcedure
+    .use(isVerified);
+export const adminProcedure = authedProcedure
+    .use(isAdmin);
+export const limitedProcedure = verifiedProcedure
+    .use(checkUsageLimit);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@goscribe/server",
-  "version": "1.3.0",
+  "version": "1.3.1",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",