Hugging Face's logo

Spaces:
gaurv007
/
ClauseGuard
Sleeping

App Files Community
6
ClauseGuard
File size: 2,441 Bytes
f16b685
 
 
 
 
 
 
b360975
f16b685
 
 
 
 
 
 
 
 
 
 
 
 
b360975
 
 
 
 
 
f16b685
 
 
 
 
b360975
f16b685
 
 
 
 
b360975
 
 
 
f16b685
 
 
 
 
 
 
 
b360975
f16b685
 
b360975
 
 
 
 
 
 
 
 
 
 
f16b685
 
 
 
 
 
 
 
b360975
 
 
 
 
 
f16b685
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import { NextRequest, NextResponse } from "next/server";
import { createClient } from "@/lib/supabase/server";

/**
 * GET /api/me
 * Returns the current user's profile from DB.
 * Used by client components (analyze page, etc.) to determine plan, role, usage.
 * Admin gets FULL access to everything — no limits, no restrictions.
 */
export async function GET(req: NextRequest) {
  try {
    const supabase = await createClient();
    const { data: { user } } = await supabase.auth.getUser();

    if (!user) {
      return NextResponse.json({
        authenticated: false,
        plan: "free",
        role: "user",
        isAdmin: false,
        analyses_this_month: 0,
        scan_limit: 10,
        can_upload: false,
        can_compare: false,
        can_export_pdf: false,
        can_chat: false,
        can_redline_llm: false,
      });
    }

    const { data: profile } = await supabase
      .from("profiles")
      .select("plan, role, is_banned, analyses_this_month, full_name, email, team_id, created_at")
      .eq("id", user.id)
      .single();

    const plan = profile?.plan || "free";
    const role = profile?.role || "user";
    const isAdmin = role === "admin";

    // Admin gets EVERYTHING — no limits, no restrictions, period.
    const hasFullAccess = isAdmin || plan !== "free";

    return NextResponse.json({
      authenticated: true,
      id: user.id,
      email: profile?.email || user.email,
      full_name: profile?.full_name || "",
      plan,
      role,
      isAdmin,
      is_banned: profile?.is_banned || false,
      analyses_this_month: profile?.analyses_this_month || 0,
      team_id: profile?.team_id || null,
      created_at: profile?.created_at || null,
      // Use 999999 instead of Infinity (not valid JSON)
      scan_limit: isAdmin ? 999999 : plan === "free" ? 10 : 999999,
      can_upload: hasFullAccess,
      can_compare: hasFullAccess,
      can_export_pdf: hasFullAccess,
      can_chat: hasFullAccess,
      can_redline_llm: hasFullAccess,
      can_api_keys: hasFullAccess,
      can_team: isAdmin || plan === "team",
    });
  } catch (error) {
    return NextResponse.json({
      authenticated: false,
      plan: "free",
      role: "user",
      isAdmin: false,
      analyses_this_month: 0,
      scan_limit: 10,
      can_upload: false,
      can_compare: false,
      can_export_pdf: false,
      can_chat: false,
      can_redline_llm: false,
    });
  }
}