diff --git a/ASAshop.html b/ASAshop.html
index 5faa77d..d7276a7 100644
--- a/ASAshop.html
+++ b/ASAshop.html
@@ -467,17 +467,50 @@
let remaining = 12;
/* ===== Login banner (whoami) ===== */
- async function getWhoAmI() {
- try {
- const r = await fetch(`${API}/api/inventory`, { credentials: 'include' })
- if (!r.ok) return null;
- return await r.json();
- } catch { return null; }
- }
- getWhoAmI().then(u => {
- if (u) document.getElementById('whoami').textContent =
- `Signed in as ${u.global_name || u.username}`;
- });
+ /* ===== Login banner (whoami) + Discord OAuth ===== */
+ async function getWhoAmI() {
+ try {
+ // inventory endpoint should set/return session if already logged in
+ const r = await fetch(`${API}/api/inventory`, { credentials: 'include' });
+ if (!r.ok) return null;
+ const j = await r.json();
+
+ // Some backends return user data nested (e.g., { user: {...} })
+ const u = j?.user ?? j;
+
+ // Prefer global_name, fall back to username, then to Discord ID
+ const label =
+ u?.global_name ??
+ u?.username ??
+ (u?.id ? `User ${u.id}` : null);
+
+ return label ? { label, raw: u } : null;
+ } catch {
+ return null;
+ }
+ }
+
+ // Show status next to the button
+ (async () => {
+ const who = await getWhoAmI();
+ document.getElementById('whoami').textContent =
+ who ? `Signed in as ${who.label}` : 'Not signed in';
+ })();
+
+ // Clicking the button should start Discord OAuth on your server.
+ // Adjust the path if your backend uses a different route.
+ document.getElementById('loginDiscord').addEventListener('click', (e) => {
+ // If already signed in, do nothing (or open account page)
+ const label = document.getElementById('whoami').textContent || '';
+ if (label.startsWith('Signed in as')) return;
+
+ e.preventDefault();
+ const redirect = encodeURIComponent(location.href);
+ // Common patterns you might be using on the Pi:
+ // /api/auth/discord or /auth/discord
+ // Change this to match your server’s route.
+ location.href = `${API}/api/auth/discord?redirect=${redirect}`;
+ });
/* ===== Products (unique IDs) ===== */
const products = [
@@ -680,30 +713,56 @@
async function checkout(cart) {
- // 1) reserve
+ let user = null;
+ try {
+ const r = await fetch(`${API}/api/inventory`, { credentials: 'include' });
+ if (r.ok) user = await r.json();
+ } catch { }
+
+ // reserve
const r1 = await fetch(`${API}/api/reserve`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
- body: JSON.stringify({ items: cart })
+ body: JSON.stringify({ items: cart, user })
});
const j1 = await r1.json();
if (!j1.ok) { alert(j1.error || 'reserve failed'); return; }
- // 2) create checkout
+ // create checkout with Discord user
const r2 = await fetch(`${API}/api/create-checkout`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
resKey: j1.resKey,
items: [],
+ discordUser: user, // <— this flows to metadata
success_url: location.origin + location.pathname + '?ok=1',
cancel_url: location.origin + location.pathname + '?cancel=1'
})
});
const j2 = await r2.json();
if (!j2.url) { alert(j2.error || 'create-checkout failed'); return; }
- location.href = j2.url; // redirect to Stripe
+ location.href = j2.url;
}
+
+
+ // Single, unified checkout click handler (shows warning, then proceeds)
+ document.getElementById('checkoutBtn').addEventListener('click', async (e) => {
+ e.preventDefault();
+
+ const entries = Object.entries(state.cart || {});
+ if (!entries.length) return alert('Your cart is empty.');
+
+ alert("⚠️ IMPORTANT: After checkout, you must contact a team member to receive your order.\n\nPlease open a ticket in Discord once payment is complete.");
+
+ const items = entries.map(([id, qty]) => {
+ const p = products.find(p => p.id === id);
+ return { id, name: p?.name || id, qty: Number(qty || 1), price: p?.price || 0 };
+ });
+
+ await checkout(items);
+ });
+
// === Checkout warning ===
document.getElementById('checkoutBtn').addEventListener('click', (e) => {
e.preventDefault();