From cee67dc005df5f17f240cf9e4d2c5a7ccef94e20 Mon Sep 17 00:00:00 2001
From: Jennie Robinson Faber <jennie@jenniefaber.com>
Date: Sat, 4 Apr 2026 12:28:55 +0100
Subject: [PATCH] fix: use auth cookie for member pricing in series available
 endpoint

---
 server/api/series/[id]/tickets/available.get.js | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/server/api/series/[id]/tickets/available.get.js b/server/api/series/[id]/tickets/available.get.js
index 784c6b1..4688dd8 100644
--- a/server/api/series/[id]/tickets/available.get.js
+++ b/server/api/series/[id]/tickets/available.get.js
@@ -39,7 +39,19 @@ export default defineEventHandler(async (event) => {
     // Check membership if email provided
     let member = null;
 
-    if (email) {
+    // Try auth cookie first for accurate member pricing
+    const token = getCookie(event, 'auth-token')
+    if (token) {
+      try {
+        const jwt = await import('jsonwebtoken')
+        const decoded = jwt.default.verify(token, useRuntimeConfig(event).jwtSecret)
+        member = await Member.findById(decoded.memberId)
+      } catch {
+        // Token invalid, fall through to email lookup
+      }
+    }
+
+    if (!member && email) {
       member = await Member.findOne({ email: email.toLowerCase() });
     }