[PR #373] [MERGED] Require authenticated user identity for billing APIs and remove localStorage fallback #681

New issue

Closed

opened 2026-03-13 21:03:27 +03:00 by kerem · 0 comments

kerem commented 2026-03-13 21:03:27 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/AJaySi/ALwrity/pull/373
Author: @AJaySi
Created: 3/4/2026
Status: ✅ Merged
Merged: 3/5/2026
Merged by: @AJaySi

Base: main ← Head: codex/refactor-billingservice-to-use-authenticated-user

---

📝 Commits (1)

• 5a7b9e6 Refactor billing flows to require authenticated user IDs

📊 Changes

7 files changed (+54 additions, -33 deletions)

View changed files

📝 frontend/src/components/billing/CompactBillingDashboard/hooks/useCompactBillingData.ts (+1 -1)
📝 frontend/src/components/billing/CompactBillingDashboard/index.tsx (+1 -1)
📝 frontend/src/components/billing/EnhancedBillingDashboard.tsx (+25 -9)
📝 frontend/src/components/billing/SubscriptionRenewalHistory.tsx (+1 -1)
📝 frontend/src/hooks/useOAuthTokenAlerts.ts (+3 -4)
📝 frontend/src/pages/BillingPage.tsx (+11 -5)
📝 frontend/src/services/billingService.ts (+12 -12)

📄 Description

Motivation

• Stop reading localStorage.getItem('user_id') and remove the 'demo-user' fallback so billing calls always use a canonical authenticated identity.
• Prevent anonymous/optional user-id behavior across billing UI and hooks by enforcing explicit authenticated userId propagation.
• Make it possible to migrate safely to backend /me/* style routes or otherwise rely solely on the server-resolved identity from the auth token.

Description

• Updated frontend/src/services/billingService.ts so all user-scoped methods require an explicit userId parameter and no longer read localStorage or fall back to 'demo-user' (examples: getDashboardData, getUsageStats, getUsageTrends, getUsageAlerts, getUserSubscription, getRenewalHistory).
• Adjusted dashboard consumers to pass authenticated identity: EnhancedBillingDashboard now imports useAuth, resolves effectiveUserId (prop or clerk userId), guards fetches when missing, and passes effectiveUserId to child components and billing calls.
• Tightened component/hook contracts to accept required userId: changed useCompactBillingData hook signature and CompactBillingDashboard/SubscriptionRenewalHistory props to require userId and updated call sites accordingly.
• Updated background polling hook useOAuthTokenAlerts to use the provided authenticated userId and skip polling when no authenticated identity is available (removed localStorage fallback).

Testing

• Attempted a frontend build with npm --prefix frontend run build to validate compilation, but it failed in this environment due to missing dev dependencies (react-scripts: not found).
• No automated unit tests were executed in CI from this environment; changes were validated by running repository-wide search/replace checks and manual inspection of affected call sites to ensure userId is passed through.

---

Codex Task

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/AJaySi/ALwrity/pull/373 **Author:** [@AJaySi](https://github.com/AJaySi) **Created:** 3/4/2026 **Status:** ✅ Merged **Merged:** 3/5/2026 **Merged by:** [@AJaySi](https://github.com/AJaySi) **Base:** `main` ← **Head:** `codex/refactor-billingservice-to-use-authenticated-user` --- ### 📝 Commits (1) - [`5a7b9e6`](https://github.com/AJaySi/ALwrity/commit/5a7b9e6c6bffc03c5713a433d577c446744120cb) Refactor billing flows to require authenticated user IDs ### 📊 Changes **7 files changed** (+54 additions, -33 deletions) <details> <summary>View changed files</summary> 📝 `frontend/src/components/billing/CompactBillingDashboard/hooks/useCompactBillingData.ts` (+1 -1) 📝 `frontend/src/components/billing/CompactBillingDashboard/index.tsx` (+1 -1) 📝 `frontend/src/components/billing/EnhancedBillingDashboard.tsx` (+25 -9) 📝 `frontend/src/components/billing/SubscriptionRenewalHistory.tsx` (+1 -1) 📝 `frontend/src/hooks/useOAuthTokenAlerts.ts` (+3 -4) 📝 `frontend/src/pages/BillingPage.tsx` (+11 -5) 📝 `frontend/src/services/billingService.ts` (+12 -12) </details> ### 📄 Description ### Motivation - Stop reading `localStorage.getItem('user_id')` and remove the `'demo-user'` fallback so billing calls always use a canonical authenticated identity. - Prevent anonymous/optional user-id behavior across billing UI and hooks by enforcing explicit authenticated `userId` propagation. - Make it possible to migrate safely to backend `/me/*` style routes or otherwise rely solely on the server-resolved identity from the auth token. ### Description - Updated `frontend/src/services/billingService.ts` so all user-scoped methods require an explicit `userId` parameter and no longer read `localStorage` or fall back to `'demo-user'` (examples: `getDashboardData`, `getUsageStats`, `getUsageTrends`, `getUsageAlerts`, `getUserSubscription`, `getRenewalHistory`). - Adjusted dashboard consumers to pass authenticated identity: `EnhancedBillingDashboard` now imports `useAuth`, resolves `effectiveUserId` (prop or clerk `userId`), guards fetches when missing, and passes `effectiveUserId` to child components and billing calls. - Tightened component/hook contracts to accept required `userId`: changed `useCompactBillingData` hook signature and `CompactBillingDashboard`/`SubscriptionRenewalHistory` props to require `userId` and updated call sites accordingly. - Updated background polling hook `useOAuthTokenAlerts` to use the provided authenticated `userId` and skip polling when no authenticated identity is available (removed `localStorage` fallback). ### Testing - Attempted a frontend build with `npm --prefix frontend run build` to validate compilation, but it failed in this environment due to missing dev dependencies (`react-scripts: not found`). - No automated unit tests were executed in CI from this environment; changes were validated by running repository-wide search/replace checks and manual inspection of affected call sites to ensure `userId` is passed through. ------ [Codex Task](https://chatgpt.com/codex/tasks/task_e_69a84685b1ec83288c28e9d4cdd60a8f) --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-13 21:03:27 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

codex/task-title-3y5pbt

codex/task-title-lsrpho

codex/task-title

codex/locate-and-render-brollinfopanel-component

codex/import-scene-composition-symbols-in-broll_service

codex/refactor-preview-generation-flow

codex/standardize-chart-preview-route-usage

codex/import-b-roll-handler-and-update-router

codex/implement-podcast-research-response-updates

codex/add-cost-estimation-feature-to-podcastdashboard

codex/remove-heuristic-calculators-and-update-estimates-bhvhnh

codex/remove-heuristic-calculators-and-update-estimates

codex/implement-dedicated-podcastcostest-model

codex/add-podcast-maker-feature-documentation

codex/review-flat-file-context-system-implementation

codex/create-podcast-maker-best-practices-documentation

codex/add-podcast-maker-journey-pages-for-personas

codex/refactor-podcast-maker-documentation-structure

dependabot/npm_and_yarn/frontend/npm_and_yarn-7d3393088f

codex/log-skipped-and-loaded-items

codex/create-startup-phases-for-podcast-demo-tugrzv

codex/create-startup-phases-for-podcast-demo

codex/add-api-feature-profile-status-endpoint

codex/refactor-routermanager-to-use-registry

codex/add-new-modules-for-feature-management

codex/downgrade-api-key-warning-logging

codex/refactor-onboarding-loading-logic

codex/add-ci-lint-check-for-user_id-patterns

codex/remove-sessionlocal-import-and-add-health-check

codex/refactor-dubbed_audio_dir-to-tenant-path-resolver

codex/update-task-metadata-and-api-responses

codex/verify-podcast-analysis-and-cost-tracking

codex/assert-api-endpoints-on-startup

codex/add-env-controlled-guard-for-stripe-key

codex/remove-feature-flag-for-production-demo

codex/add-mode-aware-redirect-logic-in-pricingpage

codex/document-deployment-configuration-for-demo-mode

codex/ensure-api.subscription.router-always-included

codex/guard-onboarding-manager-and-endpoints

codex/wrap-router-inclusion-in-demo-mode-check

codex/add-podcast-only-demo-mode-toggle

dependabot/npm_and_yarn/frontend/npm_and_yarn-f5ea90b336

codex/update-reset_current_billing_period-logic

codex/update-error-handling-in-monitoring-middleware

codex/move-stripe_plan_price_mapping-to-env-driven-config

codex/refactor-billingservice-to-use-authenticated-user

codex/update-user-access-verification-for-routes

session/agent_eae6711f-e04b-4d48-8d66-43ee051feb7b

v0.5.0

v0.3

v0.2

v0.1

Labels

Clear labels   

AI Content Agents

  

AI Content Strategy

  

AI Content planning

  

AI Marketing Tools

  

AI SEO

  

AI personalization

  

AI writer

  

ALwrity Copi-lot

  

Alwrity web search

  

Anthropic

  

DeepSeek

  

Gemini AI

  

Integration

  

LLM

  

OnBoarding

  

OnBoarding

  

RAG knowledgebase Memory

  

bug

  

documentation

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

openai

  

pull-request

Mirrored from GitHub Pull Request

No labels

AI Content Agents

AI Content Strategy

AI Content planning

AI Marketing Tools

AI SEO

AI personalization

AI writer

ALwrity Copi-lot

Alwrity web search

Anthropic

DeepSeek

Gemini AI

Integration

LLM

OnBoarding

OnBoarding

RAG knowledgebase Memory

bug

documentation

enhancement

good first issue

help wanted

invalid

openai

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ALwrity#681

No description provided.