fix: server side protection to prevent users to create more than two …

…orgs on the free plan
lunary-ai · Feb 17, 2024 · 48d66a3 · 48d66a3
1 parent 317beb3
commit 48d66a3
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 7 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -11,4 +11,5 @@ docker-compose*
 .vscode
 *.next
 *.swp
-/scripts
+/scripts
+.env
diff --git a/packages/backend/src/api/v1/projects/index.ts b/packages/backend/src/api/v1/projects/index.ts
@@ -36,6 +36,12 @@ projects.post("/", async (ctx: Context) => {
   })
   const { name } = bodySchema.parse(ctx.request.body)
 
+  const [org] = await sql`select * from org where id = ${orgId}`
+
+  if (org.plan === "free") {
+    ctx.throw(403, "You can't create more than two project under the free plan")
+  }
+
   const newProject = {
     name,
     orgId,
@@ -49,18 +55,15 @@ projects.post("/", async (ctx: Context) => {
     projectId: project.id,
     apiKey: project.id,
   }
-  sql`
-      insert into api_key ${sql(publicKey)}
-    `
+  sql`insert into api_key ${sql(publicKey)}`
+
   const privateKey = [
     {
       type: "private",
       projectId: project.id,
     },
   ]
-  await sql`
-      insert into api_key ${sql(privateKey)}
-    `
+  await sql`insert into api_key ${sql(privateKey)}`
   ctx.body = project
 })