Add ban reason to profiles

2025-12-22 16:51:13 -05:00 · 2025-10-30 02:51:16 +00:00
parent e0d1a66fb2
commit e5de404e59
8 changed files with 146 additions and 10 deletions
--- a/supabase/functions/_shared/banCheck.ts
+++ b/supabase/functions/_shared/banCheck.ts
@@ -4,11 +4,11 @@ import { edgeLogger } from "./logger.ts";
 export async function checkUserBanned(
  userId: string,
  supabase: SupabaseClient
-): Promise<{ banned: boolean; error?: string }> {
+): Promise<{ banned: boolean; ban_reason?: string; error?: string }> {
  try {
    const { data: profile, error } = await supabase
      .from('profiles')
-      .select('banned')
+      .select('banned, ban_reason')
      .eq('user_id', userId)
      .single();

@@ -21,18 +21,26 @@ export async function checkUserBanned(
      return { banned: false, error: 'Profile not found' };
    }

-    return { banned: profile.banned };
+    return { 
+      banned: profile.banned,
+      ban_reason: profile.ban_reason || undefined
+    };
  } catch (error) {
    edgeLogger.error('Ban check exception', { userId, error });
    return { banned: false, error: 'Internal error checking account status' };
  }
 }

-export function createBannedResponse(requestId: string, corsHeaders: Record<string, string>) {
+export function createBannedResponse(requestId: string, corsHeaders: Record<string, string>, ban_reason?: string) {
+  const message = ban_reason 
+    ? `Your account has been suspended. Reason: ${ban_reason}`
+    : 'Your account has been suspended. Contact support for assistance.';
+    
  return new Response(
    JSON.stringify({ 
      error: 'Account suspended',
-      message: 'Your account has been suspended. Contact support for assistance.',
+      message,
+      ban_reason,
      requestId
    }),
    { 
--- a/supabase/functions/process-oauth-profile/index.ts
+++ b/supabase/functions/process-oauth-profile/index.ts
@@ -105,6 +105,36 @@ Deno.serve(async (req) => {

    console.log('[OAuth Profile] Processing profile for user:', user.id);

+    // CRITICAL: Check ban status immediately
+    const { data: banProfile } = await supabase
+      .from('profiles')
+      .select('banned, ban_reason')
+      .eq('user_id', user.id)
+      .single();
+    
+    if (banProfile?.banned) {
+      const duration = endRequest(tracking);
+      const message = banProfile.ban_reason 
+        ? `Your account has been suspended. Reason: ${banProfile.ban_reason}`
+        : 'Your account has been suspended. Contact support for assistance.';
+      
+      console.log('[OAuth Profile] User is banned, rejecting authentication', { 
+        requestId: tracking.requestId, 
+        duration,
+        hasBanReason: !!banProfile.ban_reason 
+      });
+      
+      return new Response(JSON.stringify({ 
+        error: 'Account suspended',
+        message,
+        ban_reason: banProfile.ban_reason,
+        requestId: tracking.requestId 
+      }), {
+        status: 403,
+        headers: { ...corsHeaders, 'Content-Type': 'application/json', 'X-Request-ID': tracking.requestId },
+      });
+    }
+
    const provider = user.app_metadata?.provider;
    
    // For Discord, data is in identities[0].identity_data, not user_metadata