gahusb/jaengseung-made
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(downloads): 다운로드 검증을 orders 단일 소스로 교체 + 내 제품 제품별 그룹핑

Browse Source 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
gahusb
2026-06-11 08:47:32 +09:00
parent 3fa865a6e7
commit f151af89f3
3 changed files with 126 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
app/api/packs/list-mine/route.ts
View File

@@ -2,8 +2,7 @@ import { NextResponse } from 'next/server';
import { cookies } from 'next/headers';
import { createServerClient as createSSRClient } from '@supabase/ssr';
import { createAdminClient } from '@/lib/supabase/admin';
import { extractPackTier, type PackTier } from '@/lib/pack-assets';
import { tierIncludes, getPackFilesForTiers } from '@/lib/supabase/pack-files';
import { getUserAccessibleProductIds, getFilesByProductIds } from '@/lib/supabase/product-files';
export const runtime = 'nodejs';
@@ -20,21 +19,25 @@ export async function GET() {
},
);
const { data: { user } } = await supabase.auth.getUser();
if (!user) return NextResponse.json({ files: [] });
if (!user) return NextResponse.json({ products: [] });
const admin = createAdminClient();
const { data: orders } = await admin
.from('contact_requests')
.select('service, status')
.eq('user_id', user.id)
.eq('status', 'completed');
const productIds = await getUserAccessibleProductIds(admin, user.id);
if (productIds.length === 0) return NextResponse.json({ products: [] });
const tiers = new Set<PackTier>();
for (const o of (orders ?? [])) {
const t = extractPackTier(o.service);
if (t) tierIncludes(t).forEach((x) => tiers.add(x));
const [files, { data: products }] = await Promise.all([
getFilesByProductIds(admin, productIds),
admin.from('products').select('id, name').in('id', productIds),
]);
const nameMap = new Map((products ?? []).map((p) => [p.id, p.name as string]));
const grouped = new Map<string, { id: string; name: string; files: typeof files }>();
for (const f of files) {
if (!f.product_id) continue;
if (!grouped.has(f.product_id)) {
grouped.set(f.product_id, { id: f.product_id, name: nameMap.get(f.product_id) ?? f.product_id, files: [] });
}
grouped.get(f.product_id)!.files.push(f);
}
const files = await getPackFilesForTiers(admin, Array.from(tiers));
return NextResponse.json({ files });
return NextResponse.json({ products: Array.from(grouped.values()) });
}

34
app/api/packs/sign-link/route.ts
View File

@@ -2,8 +2,7 @@ import { NextResponse } from 'next/server';
import { cookies } from 'next/headers';
import { createServerClient as createSSRClient } from '@supabase/ssr';
import { createAdminClient } from '@/lib/supabase/admin';
import { extractPackTier, type PackTier } from '@/lib/pack-assets';
import { tierIncludes, getPackFileById } from '@/lib/supabase/pack-files';
import { getUserAccessibleProductIds, getFileById } from '@/lib/supabase/product-files';
import { signLink } from '@/lib/web-backend';
export const runtime = 'nodejs';
@@ -33,33 +32,18 @@ export async function POST(request: Request) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// 2) orders 조회 — completed Music 팩 구매 확인
// 2) orders(paid) 단일 소스로 접근 가능한 product_id 확인
const admin = createAdminClient();
const { data: orders } = await admin
.from('contact_requests')
.select('service, status')
.eq('user_id', user.id)
.eq('status', 'completed');
const tiers = new Set<PackTier>();
for (const o of (orders ?? [])) {
const t = extractPackTier(o.service);
if (t) tierIncludes(t).forEach((x) => tiers.add(x));
const accessible = await getUserAccessibleProductIds(admin, user.id);
if (accessible.length === 0) {
return NextResponse.json({ error: '구매 내역이 없거나 입금 확인 전입니다' }, { status: 403 });
}
if (tiers.size === 0) {
return NextResponse.json({ error: '구매 내역이 없거나 결제 미완료입니다' }, { status: 403 });
const file = await getFileById(admin, fileId);
if (!file || file.deleted_at || !file.product_id || !accessible.includes(file.product_id)) {
return NextResponse.json({ error: '구매한 제품의 파일이 아닙니다' }, { status: 403 });
}
// 3) 파일 조회 + tier 매칭
const file = await getPackFileById(admin, fileId);
if (!file) {
return NextResponse.json({ error: '파일을 찾을 수 없습니다' }, { status: 404 });
}
if (!tiers.has(file.min_tier)) {
return NextResponse.json({ error: '구매 등급에서 접근할 수 없는 파일입니다' }, { status: 403 });
}
// 4) web-backend 호출 → DSM 공유 링크
// 3) web-backend 호출 → DSM 공유 링크
try {
const { url, expires_at } = await signLink({
file_path: file.file_path,