jennie/ghostguild-org
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(auth): rename paymentBridge → signupBridge

Browse source 
After commit 90acc35 issued the cookie for $0 signups too, the "payment"
framing was wrong — there's no payment in a $0 signup. The cookie is
about bridging the gap between signup-form submit and email verify, not
about payment specifically.

Changes:
- setPaymentBridgeCookie  → setSignupBridgeCookie
- getPaymentBridgeMember  → getSignupBridgeMember
- Cookie wire name        payment-bridge → signup-bridge
- JWT scope               payment_bridge → signup_bridge

Touches both /api/helcim/subscription (signup activation) and
/api/helcim/initialize-payment (paid Helcim checkout) which both consume
the cookie. In-flight signup sessions started before this lands will
need to re-submit the form (cookie name mismatch); cutover hasn't
happened yet, so the only impact is local dev sessions.
This commit is contained in:
Jennie Robinson Faber 2026-04-30 15:31:54 +01:00
parent c6a5e25d06
commit 9b79ae6bf4
8 changed files with 36 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

10
server/api/helcim/customer.post.js
View file

@ -4,7 +4,7 @@ import { connectDB } from '../../utils/mongoose.js'
import { createHelcimCustomer } from '../../utils/helcim.js'
import PreRegistration from '../../models/preRegistration.js'
import { sendMagicLink } from '../../utils/magicLink.js'
import { setPaymentBridgeCookie } from '../../utils/auth.js'
import { setSignupBridgeCookie } from '../../utils/auth.js'
import { rateLimit } from '../../utils/rateLimit.js'
export default defineEventHandler(async (event) => {
@ -116,10 +116,10 @@ export default defineEventHandler(async (event) => {
})
// Signup completes (paid checkout or free activation) before the magic
// link is clicked, so issue a short-lived, payment-only bridge cookie
// that lets /api/helcim/initialize-payment and /api/helcim/subscription
// identify the member without a verified auth session.
setPaymentBridgeCookie(event, member)
// link is clicked, so issue a short-lived signup-bridge cookie that lets
// /api/helcim/initialize-payment and /api/helcim/subscription identify
// the member without a verified auth session.
setSignupBridgeCookie(event, member)
return {
success: true,

4
server/api/helcim/initialize-payment.post.js
View file

@ -2,7 +2,7 @@ import Member from '../../models/member.js'
import { loadPublicEvent } from '../../utils/loadEvent.js'
import { loadPublicSeries } from '../../utils/loadSeries.js'
import { calculateTicketPrice, calculateSeriesTicketPrice, hasMemberAccess } from '../../utils/tickets.js'
import { requireAuth, getOptionalMember, getPaymentBridgeMember } from '../../utils/auth.js'
import { requireAuth, getOptionalMember, getSignupBridgeMember } from '../../utils/auth.js'
import { initializeHelcimPaySession } from '../../utils/helcim.js'
export default defineEventHandler(async (event) => {
@ -17,7 +17,7 @@ export default defineEventHandler(async (event) => {
if (!isTicket) {
if (isMembershipSignup) {
const bridgeMember = await getPaymentBridgeMember(event)
const bridgeMember = await getSignupBridgeMember(event)
if (!bridgeMember) {
await requireAuth(event)
}

6
server/api/helcim/subscription.post.js
View file

@ -3,7 +3,7 @@ import { getHelcimPlanId, requiresPayment } from '../../config/contributions.js'
import Member from '../../models/member.js'
import { connectDB } from '../../utils/mongoose.js'
import { getSlackService } from '../../utils/slack.ts'
import { requireAuth, getPaymentBridgeMember } from '../../utils/auth.js'
import { requireAuth, getSignupBridgeMember } from '../../utils/auth.js'
import { createHelcimSubscription, generateIdempotencyKey, listHelcimCustomerTransactions } from '../../utils/helcim.js'
import { sendWelcomeEmail } from '../../utils/resend.js'
import { upsertPaymentFromHelcim } from '../../utils/payments.js'
@ -11,8 +11,8 @@ import { upsertPaymentFromHelcim } from '../../utils/payments.js'
export default defineEventHandler(async (event) => {
try {
// Membership signup completes subscription before email verify; allow the
// payment-bridge cookie set by /api/helcim/customer to satisfy auth here.
const bridgeMember = await getPaymentBridgeMember(event)
// signup-bridge cookie set by /api/helcim/customer to satisfy auth here.
const bridgeMember = await getSignupBridgeMember(event)
if (!bridgeMember) {
await requireAuth(event)
}