From bbd1b3395a84c96273e3f8f9f98f63432a80a093 Mon Sep 17 00:00:00 2001
From: James <james.ray0059@gmail.com>
Date: Sun, 5 Oct 2025 22:14:37 -0700
Subject: [PATCH] Add files via upload

---
 ASAshop.html | 89 +++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 74 insertions(+), 15 deletions(-)

diff --git a/ASAshop.html b/ASAshop.html
index 5faa77d..d7276a7 100644
--- a/ASAshop.html
+++ b/ASAshop.html
@@ -467,17 +467,50 @@
         let remaining = 12;
 
                 /* ===== Login banner (whoami) ===== */
-                async function getWhoAmI() {
-                    try {
-                        const r = await fetch(`${API}/api/inventory`, { credentials: 'include' })
-                        if (!r.ok) return null;
-                        return await r.json();
-                    } catch { return null; }
-                }
-                getWhoAmI().then(u => {
-                    if (u) document.getElementById('whoami').textContent =
-                        `Signed in as ${u.global_name || u.username}`;
-                });
+        /* ===== Login banner (whoami) + Discord OAuth ===== */
+        async function getWhoAmI() {
+            try {
+                // inventory endpoint should set/return session if already logged in
+                const r = await fetch(`${API}/api/inventory`, { credentials: 'include' });
+                if (!r.ok) return null;
+                const j = await r.json();
+
+                // Some backends return user data nested (e.g., { user: {...} })
+                const u = j?.user ?? j;
+
+                // Prefer global_name, fall back to username, then to Discord ID
+                const label =
+                    u?.global_name ??
+                    u?.username ??
+                    (u?.id ? `User ${u.id}` : null);
+
+                return label ? { label, raw: u } : null;
+            } catch {
+                return null;
+            }
+        }
+
+        // Show status next to the button
+        (async () => {
+            const who = await getWhoAmI();
+            document.getElementById('whoami').textContent =
+                who ? `Signed in as ${who.label}` : 'Not signed in';
+        })();
+
+        // Clicking the button should start Discord OAuth on your server.
+        // Adjust the path if your backend uses a different route.
+        document.getElementById('loginDiscord').addEventListener('click', (e) => {
+            // If already signed in, do nothing (or open account page)
+            const label = document.getElementById('whoami').textContent || '';
+            if (label.startsWith('Signed in as')) return;
+
+            e.preventDefault();
+            const redirect = encodeURIComponent(location.href);
+            // Common patterns you might be using on the Pi:
+            //   /api/auth/discord   or   /auth/discord
+            // Change this to match your server’s route.
+            location.href = `${API}/api/auth/discord?redirect=${redirect}`;
+        });
     
                 /* ===== Products (unique IDs) ===== */
                 const products = [
@@ -680,30 +713,56 @@
         
 
         async function checkout(cart) {
-            // 1) reserve
+            let user = null;
+            try {
+                const r = await fetch(`${API}/api/inventory`, { credentials: 'include' });
+                if (r.ok) user = await r.json();
+            } catch { }
+
+            // reserve
             const r1 = await fetch(`${API}/api/reserve`, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
-                body: JSON.stringify({ items: cart })
+                body: JSON.stringify({ items: cart, user })
             });
             const j1 = await r1.json();
             if (!j1.ok) { alert(j1.error || 'reserve failed'); return; }
 
-            // 2) create checkout
+            // create checkout with Discord user
             const r2 = await fetch(`${API}/api/create-checkout`, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify({
                     resKey: j1.resKey,
                     items: [],
+                    discordUser: user, // <— this flows to metadata
                     success_url: location.origin + location.pathname + '?ok=1',
                     cancel_url: location.origin + location.pathname + '?cancel=1'
                 })
             });
             const j2 = await r2.json();
             if (!j2.url) { alert(j2.error || 'create-checkout failed'); return; }
-            location.href = j2.url;   // redirect to Stripe
+            location.href = j2.url;
         }
+
+
+        // Single, unified checkout click handler (shows warning, then proceeds)
+        document.getElementById('checkoutBtn').addEventListener('click', async (e) => {
+            e.preventDefault();
+
+            const entries = Object.entries(state.cart || {});
+            if (!entries.length) return alert('Your cart is empty.');
+
+            alert("⚠️ IMPORTANT: After checkout, you must contact a team member to receive your order.\n\nPlease open a ticket in Discord once payment is complete.");
+
+            const items = entries.map(([id, qty]) => {
+                const p = products.find(p => p.id === id);
+                return { id, name: p?.name || id, qty: Number(qty || 1), price: p?.price || 0 };
+            });
+
+            await checkout(items);
+        });
+
         // === Checkout warning ===
         document.getElementById('checkoutBtn').addEventListener('click', (e) => {
             e.preventDefault();