feat: add idv check for store

Author: LeafdTK

lark-ui/src/lib/VerificationPopup.svelte

@@ -0,0 +1,77 @@
+<script lang="ts">
+    import Button from "./Button.svelte";
+
+    const {
+        onClose,
+    }: {
+        onClose: () => void;
+    } = $props();
+</script>
+
+<div class="modal-overlay" onclick={(e) => e.target === e.currentTarget && onClose()}>
+    <div class="modal-content">
+        <h2 class="modal-title">Verification Required</h2>
+        <p class="modal-text">
+            You must be verified eligible to purchase items from the shop. 
+            Please complete verification before making a purchase.
+        </p>
+        <div class="button-container">
+            <Button 
+                label="Close" 
+                onclick={onClose}
+                color="black"
+            />
+        </div>
+    </div>
+</div>
+
+<style>
+    .modal-overlay {
+        position: fixed;
+        inset: 0;
+        background: rgba(0, 0, 0, 0.7);
+        display: flex;
+        align-items: center;
+        justify-content: center;
+        z-index: 1000;
+    }
+
+    .modal-content {
+        background: #5E5087;
+        border: 2px solid #fee1c0;
+        border-radius: 16px;
+        padding: 40px;
+        max-width: 500px;
+        width: 90%;
+        display: flex;
+        flex-direction: column;
+        gap: 24px;
+    }
+
+    .modal-title {
+        font-family: "Moga", sans-serif;
+        font-size: 36px;
+        color: #fee1c0;
+        text-align: center;
+        letter-spacing: -0.99px;
+        margin: 0;
+        line-height: 1.2;
+    }
+
+    .modal-text {
+        font-family: "PT Sans", sans-serif;
+        font-size: 18px;
+        color: white;
+        text-align: center;
+        letter-spacing: -0.264px;
+        line-height: 1.5;
+        margin: 0;
+    }
+
+    .button-container {
+        display: flex;
+        justify-content: center;
+        margin-top: 8px;
+    }
+</style>
+

lark-ui/src/lib/auth.ts

@@ -524,6 +524,26 @@ export async function getShopBalance(fetchFn: FetchFunction = fetch): Promise<Sh
   return null;
 }
 
+export async function checkVerificationStatus(email: string, fetchFn: FetchFunction = fetch): Promise<{ isVerified: boolean; error?: string }> {
+  const externalApiUrl = 'https://identity.hackclub.com/api/external/check';
+  const checkUrl = `${externalApiUrl}?email=${encodeURIComponent(email)}`;
+  
+  try {
+    const response = await fetchFn(checkUrl);
+    
+    if (!response.ok) {
+      return { isVerified: false, error: 'Failed to check verification status' };
+    }
+    
+    const data = await response.json();
+    const isVerified = data.result === 'verified_eligible';
+    
+    return { isVerified };
+  } catch (error) {
+    return { isVerified: false, error: 'Failed to check verification status' };
+  }
+}
+
 export async function purchaseShopItem(itemId: number, variantId?: number, fetchFn: FetchFunction = fetch): Promise<{ success: boolean; error?: string; transaction?: ShopTransaction; newBalance?: ShopBalance; specialAction?: string | null }> {
   const body: { itemId: number; variantId?: number } = { itemId };
   if (variantId) {

lark-ui/src/routes/app/shop/[id]/+page.svelte

@@ -4,6 +4,7 @@
     import { checkAuthStatus, getShopItem, getShopBalance, purchaseShopItem, type User, type ShopItem, type ShopBalance, type ShopItemVariant } from "$lib/auth";
     import { page } from "$app/state";
     import Button from "$lib/Button.svelte";
+    import VerificationPopup from "$lib/VerificationPopup.svelte";
 
     let user: User | null = $state<User | null>(null);
     let item: ShopItem | null = $state(null);
@@ -14,6 +15,7 @@
     let success = $state('');
     let selectedVariantId = $state<number | null>(null);
     let specialAction = $state<string | null>(null);
+    let showVerificationPopup = $state(false);
 
     const itemId = parseInt(page.params.id!);
 
@@ -40,7 +42,7 @@
     });
 
     async function handlePurchase() {
-        if (!item || purchasing) return;
+        if (!item || purchasing || !user) return;
         
         const hasVariants = item.variants && item.variants.length > 0;
         if (hasVariants && !selectedVariantId) {
@@ -66,6 +68,9 @@
             }
         } else {
             error = result.error || 'Purchase failed';
+            if (result.error?.includes('verified eligible') || result.error?.includes('verify eligibility')) {
+                showVerificationPopup = true;
+            }
         }
         
         purchasing = false;
@@ -181,6 +186,10 @@
             </div>
         </div>
     {/if}
+
+    {#if showVerificationPopup}
+        <VerificationPopup onClose={() => showVerificationPopup = false} />
+    {/if}
 </div>
 
 <style>

owl-api/src/shop/shop.service.ts

@@ -172,6 +172,51 @@ export class ShopService {
   }
 
   async purchaseItem(userId: number, itemId: number, variantId?: number) {
+    console.log(`[Shop Purchase] Starting purchase for userId: ${userId}, itemId: ${itemId}, variantId: ${variantId || 'none'}`);
+    
+    const user = await this.prisma.user.findUnique({
+      where: { userId },
+      select: { email: true },
+    });
+
+    if (!user || !user.email) {
+      console.error(`[Shop Purchase] User email not found for userId: ${userId}`);
+      throw new BadRequestException('User email not found');
+    }
+
+    console.log(`[Shop Purchase] Checking verification status for user: ${userId}, email: ${user.email}`);
+    const externalApiBaseUrl = this.configService.get<string>('EXTERNAL_VERIFICATION_API_URL', 'https://identity.hackclub.com/api/external');
+    const checkUrl = `${externalApiBaseUrl}/check?email=${encodeURIComponent(user.email)}`;
+    console.log(`[Shop Purchase] Verification API URL: ${checkUrl}`);
+    
+    try {
+      const verificationResponse = await fetch(checkUrl);
+      console.log(`[Shop Purchase] Verification API response status: ${verificationResponse.status}`);
+      
+      if (!verificationResponse.ok) {
+        const errorText = await verificationResponse.text().catch(() => 'Unable to read response');
+        console.error(`[Shop Purchase] Verification API returned non-OK status: ${verificationResponse.status}, response: ${errorText}`);
+        throw new BadRequestException('Failed to verify eligibility. Please try again later.');
+      }
+      
+      const verificationData = await verificationResponse.json();
+      console.log(`[Shop Purchase] Verification API response data:`, JSON.stringify(verificationData));
+      
+      if (verificationData.result !== 'verified_eligible') {
+        console.warn(`[Shop Purchase] User ${userId} (${user.email}) is not verified_eligible. Result: ${verificationData.result}`);
+        throw new BadRequestException('You must be verified eligible to purchase items from the shop');
+      }
+      
+      console.log(`[Shop Purchase] User ${userId} (${user.email}) verification check passed`);
+    } catch (error) {
+      if (error instanceof BadRequestException) {
+        console.log(`[Shop Purchase] Verification check failed for user ${userId}: ${error.message}`);
+        throw error;
+      }
+      console.error(`[Shop Purchase] Error checking verification status for user ${userId}:`, error);
+      throw new BadRequestException('Failed to verify eligibility. Please try again later.');
+    }
+
     const item = await this.prisma.shopItem.findUnique({
       where: { itemId },
       include: {
@@ -231,6 +276,7 @@ export class ShopService {
       );
     }
 
+    console.log(`[Shop Purchase] Creating transaction for userId: ${userId}, itemId: ${itemId}, cost: ${cost}`);
     const transaction = await this.prisma.transaction.create({
       data: {
         userId,
@@ -245,7 +291,9 @@ export class ShopService {
       },
     });
 
+    console.log(`[Shop Purchase] Transaction created successfully: transactionId ${transaction.transactionId}`);
     const newBalance = await this.getUserBalance(userId);
+    console.log(`[Shop Purchase] New balance for userId ${userId}: ${newBalance.balance} hours`);
 
     let specialAction: string | null = null;
 
@@ -298,6 +346,7 @@ export class ShopService {
       }
     }
 
+    console.log(`[Shop Purchase] Purchase completed successfully for userId: ${userId}, transactionId: ${transaction.transactionId}, specialAction: ${specialAction || 'none'}`);
     return {
       transaction,
       newBalance,