fix: trial popping striaght away

Author: danieldanielecki

AUTHENTICATION_SETUP.md

@@ -136,6 +136,44 @@ The authentication flow works seamlessly across all platforms.
 3. **Trial timer not working**: Clear localStorage and refresh page
 4. **Authentication state not persisting**: Check browser console for errors
 
+### Apple SSO Production Issues
+
+If Apple SSO shows "invalid_request" error in production, check these common causes:
+
+#### 1. **Apple Developer Configuration**
+
+- **Services ID**: Verify your Services ID (`com.ditectrev.education`) is correctly configured in Apple Developer Console
+- **Redirect URLs**: Ensure your production domain is added to the "Return URLs" list
+- **Domain Verification**: Verify your domain ownership in Apple Developer Console
+- **Key Configuration**: Check that your Apple Sign In key is properly configured
+
+#### 2. **Appwrite Configuration**
+
+- **Client ID**: Must match your Apple Services ID exactly (`com.ditectrev.education`)
+- **Bundle ID**: Should match your app's bundle identifier
+- **Team ID**: Verify this matches your Apple Developer Team ID
+- **Key ID**: Must match the Key ID from your Apple Sign In key
+- **Private Key**: Ensure the private key is correctly formatted (PEM format)
+
+#### 3. **Production Environment**
+
+- **HTTPS Required**: Apple SSO only works over HTTPS in production
+- **Domain Matching**: The domain in the request must match the registered domain
+- **Callback URL**: Must be `https://fra.cloud.appwrite.io/v1/account/sessions/oauth2/callback/apple/[PROJECT_ID]`
+
+#### 4. **Debugging Steps**
+
+1. Check Appwrite console logs for detailed error messages
+2. Verify all Apple Developer settings match Appwrite configuration
+3. Test the OAuth flow manually using Apple's authorization URL
+4. Ensure your production domain is verified with Apple
+
+#### 5. **Common Error Codes**
+
+- **invalid_client**: Client ID mismatch or invalid configuration
+- **invalid_request**: Malformed request or missing parameters
+- **unauthorized_client**: App not authorized for Apple Sign In
+
 ### Debug Mode
 
 Enable debug logging by adding to your `.env.local`:

SECURE_TRIAL_SETUP.md

@@ -40,6 +40,7 @@ The new system tracks trials **server-side** using:
 
      ```text
      session_id (string, 255 chars, required)
+     ip_address (string, 255 chars, required)
      user_agent (string, 1000 chars, required)
      start_time (integer, required)
      end_time (integer, required)
@@ -202,6 +203,7 @@ The code has been updated to use `useSecureTrial` instead of `useTrialTimer`. Th
 CREATE TABLE trials (
   id VARCHAR(255) PRIMARY KEY,
   session_id VARCHAR(255) NOT NULL,
+  ip_address VARCHAR(255) NOT NULL,
   user_agent VARCHAR(1000) NOT NULL,
   start_time BIGINT NOT NULL,
   end_time BIGINT NOT NULL,

debug-trial.js

@@ -0,0 +1,43 @@
+// Simple debug script you can run in browser console
+// Copy and paste this into your browser's developer console
+
+console.log("🔍 Debugging trial system in browser...");
+
+// Check if Appwrite is loaded
+if (typeof window !== "undefined") {
+  console.log("✅ Running in browser environment");
+
+  // Check environment variables
+  console.log("Environment check:");
+  console.log("- Current URL:", window.location.href);
+
+  // Check localStorage
+  console.log("\nLocalStorage check:");
+  console.log("- currentTrialId:", localStorage.getItem("currentTrialId"));
+  console.log("- trial_session_id:", localStorage.getItem("trial_session_id"));
+  console.log("- ip_fallback_id:", localStorage.getItem("ip_fallback_id"));
+  console.log("- trial_ever_used:", localStorage.getItem("trial_ever_used"));
+
+  // Check sessionStorage
+  console.log("\nSessionStorage check:");
+  console.log("- trial_ever_used:", sessionStorage.getItem("trial_ever_used"));
+
+  // Test Appwrite connection
+  console.log("\n🧪 Testing Appwrite connection...");
+
+  try {
+    // This will tell us if Appwrite client can be created
+    fetch("https://fra.cloud.appwrite.io/v1/health")
+      .then((response) => response.json())
+      .then((data) => {
+        console.log("✅ Appwrite server reachable:", data);
+      })
+      .catch((error) => {
+        console.error("❌ Appwrite server not reachable:", error);
+      });
+  } catch (error) {
+    console.error("❌ Failed to test Appwrite connection:", error);
+  }
+} else {
+  console.log("❌ Not running in browser environment");
+}

hooks/useSecureTrial.tsx

@@ -127,14 +127,20 @@ export const useSecureTrial = () => {
     try {
       // Check multiple storage mechanisms for trial usage evidence
       const localTrialId = localStorage.getItem("currentTrialId");
-      const sessionId = localStorage.getItem("trial_session_id");
+      // NOTE: Don't check trial_session_id here - it gets created for new users too!
       const fallbackId = localStorage.getItem("ip_fallback_id");
+      const trialEverUsed = localStorage.getItem("trial_ever_used");
 
       // Also check sessionStorage (survives page refresh but not tab close)
       const sessionTrialUsed = sessionStorage.getItem("trial_ever_used");
 
       // If any evidence of previous trial exists, consider it used
-      return !!(localTrialId || sessionId || fallbackId || sessionTrialUsed);
+      return !!(
+        localTrialId ||
+        fallbackId ||
+        trialEverUsed ||
+        sessionTrialUsed
+      );
     } catch (error) {
       // If we can't check, assume trial was used (security-first)
       return true;
@@ -336,18 +342,7 @@ export const useSecureTrial = () => {
       }
 
       try {
-        // First check if this device has ever used a trial (additional security)
-        if (hasUsedTrialBefore()) {
-          // Device has evidence of previous trial usage - block access immediately
-          setTrialExpired(true);
-          setTrialBlocked(true);
-          setTimeRemaining(0);
-          setTrialStartTime(null);
-          setIsLoading(false);
-          return;
-        }
-
-        // Check if user already has an active trial
+        // First check if user already has an active trial (allow resuming)
         const existingTrial = await checkExistingTrial();
 
         if (existingTrial) {

scripts/debug-trial-creation.js

@@ -0,0 +1,110 @@
+/**
+ * Debug script to test trial creation with browser-like conditions
+ * Usage: node scripts/debug-trial-creation.js
+ */
+
+require("dotenv").config();
+const { Client, Databases } = require("node-appwrite");
+
+// Initialize Appwrite client
+const client = new Client()
+  .setEndpoint(process.env.NEXT_PUBLIC_APPWRITE_ENDPOINT)
+  .setProject(process.env.NEXT_PUBLIC_APPWRITE_PROJECT_ID)
+  .setKey(process.env.NEXT_PUBLIC_APPWRITE_API_KEY);
+
+const databases = new Databases(client);
+
+const DATABASE_ID = process.env.NEXT_PUBLIC_APPWRITE_DATABASE_ID;
+const COLLECTION_ID = process.env.NEXT_PUBLIC_APPWRITE_COLLECTION_ID;
+
+async function debugTrialCreation() {
+  try {
+    console.log("🔍 Debugging trial creation...");
+    console.log("=====================================");
+    console.log(`Database ID: ${DATABASE_ID}`);
+    console.log(`Collection ID: ${COLLECTION_ID}`);
+    console.log("");
+
+    // Check current state
+    console.log("1️⃣ Checking current database state...");
+    const currentTrials = await databases.listDocuments(
+      DATABASE_ID,
+      COLLECTION_ID,
+    );
+    console.log(`Found ${currentTrials.total} existing trials`);
+
+    if (currentTrials.total > 0) {
+      console.log("Existing trials:");
+      currentTrials.documents.forEach((trial, index) => {
+        console.log(`  ${index + 1}. ID: ${trial.$id}`);
+        console.log(`     Session: ${trial.session_id}`);
+        console.log(`     IP: ${trial.ip_address}`);
+        console.log(`     Active: ${trial.is_active}`);
+        console.log(
+          `     Start: ${new Date(trial.start_time).toLocaleString()}`,
+        );
+        console.log(`     End: ${new Date(trial.end_time).toLocaleString()}`);
+        console.log("");
+      });
+    }
+
+    // Simulate browser session creation
+    console.log("2️⃣ Simulating browser trial creation...");
+    const sessionId = `browser_session_${Date.now()}_${Math.random()
+      .toString(36)
+      .substr(2, 9)}`;
+    const deviceFingerprint = `fp_browser_${Math.random()
+      .toString(36)
+      .substr(2, 9)}`;
+    const ipAddress = "192.168.1.100"; // Simulate browser IP
+    const startTime = Date.now();
+    const endTime = startTime + 15 * 60 * 1000; // 15 minutes
+
+    console.log(`Attempting to create trial with:`);
+    console.log(`  Session ID: ${sessionId}`);
+    console.log(`  Device FP: ${deviceFingerprint}`);
+    console.log(`  IP Address: ${ipAddress}`);
+    console.log(`  Start Time: ${new Date(startTime).toLocaleString()}`);
+    console.log(`  End Time: ${new Date(endTime).toLocaleString()}`);
+
+    try {
+      const newTrial = await databases.createDocument(
+        DATABASE_ID,
+        COLLECTION_ID,
+        "unique()",
+        {
+          session_id: sessionId,
+          ip_address: ipAddress,
+          user_agent:
+            "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36",
+          start_time: startTime,
+          end_time: endTime,
+          is_active: true,
+          device_fingerprint: deviceFingerprint,
+        },
+      );
+
+      console.log("✅ Trial creation successful!");
+      console.log(`   New Trial ID: ${newTrial.$id}`);
+
+      // Verify it was created
+      console.log("\n3️⃣ Verifying trial was created...");
+      const verification = await databases.listDocuments(
+        DATABASE_ID,
+        COLLECTION_ID,
+      );
+      console.log(`Total trials now: ${verification.total}`);
+
+      return newTrial.$id;
+    } catch (createError) {
+      console.error("❌ Trial creation failed:", createError.message);
+      console.error("Error details:", createError);
+      return null;
+    }
+  } catch (error) {
+    console.error("❌ Debug failed:", error.message);
+    console.error("Full error:", error);
+  }
+}
+
+debugTrialCreation();

scripts/test-browser-connection.js

@@ -0,0 +1,64 @@
+/**
+ * Test script to check browser-side Appwrite connection
+ * This simulates what happens in the browser
+ */
+
+require("dotenv").config();
+
+// Simulate browser environment variables (these should be NEXT_PUBLIC_*)
+const config = {
+  endpoint: process.env.NEXT_PUBLIC_APPWRITE_ENDPOINT,
+  projectId: process.env.NEXT_PUBLIC_APPWRITE_PROJECT_ID,
+  databaseId: process.env.NEXT_PUBLIC_APPWRITE_DATABASE_ID,
+  collectionId: process.env.NEXT_PUBLIC_APPWRITE_COLLECTION_ID,
+  // Note: Browser doesn't have API key - uses session-based auth
+};
+
+console.log("🌐 Testing browser-side configuration...");
+console.log("=====================================");
+console.log("Environment variables that browser would see:");
+console.log(`NEXT_PUBLIC_APPWRITE_ENDPOINT: ${config.endpoint}`);
+console.log(`NEXT_PUBLIC_APPWRITE_PROJECT_ID: ${config.projectId}`);
+console.log(`NEXT_PUBLIC_APPWRITE_DATABASE_ID: ${config.databaseId}`);
+console.log(`NEXT_PUBLIC_APPWRITE_COLLECTION_ID: ${config.collectionId}`);
+console.log("");
+
+// Check for missing variables
+const missing = [];
+if (!config.endpoint) missing.push("NEXT_PUBLIC_APPWRITE_ENDPOINT");
+if (!config.projectId) missing.push("NEXT_PUBLIC_APPWRITE_PROJECT_ID");
+if (!config.databaseId) missing.push("NEXT_PUBLIC_APPWRITE_DATABASE_ID");
+if (!config.collectionId) missing.push("NEXT_PUBLIC_APPWRITE_COLLECTION_ID");
+
+if (missing.length > 0) {
+  console.error("❌ Missing environment variables:");
+  missing.forEach((var_name) => console.error(`   - ${var_name}`));
+  console.log("");
+  console.log("Browser-side code won't work without these variables!");
+} else {
+  console.log("✅ All required environment variables are present");
+}
+
+console.log("");
+console.log("🔍 Browser limitations to note:");
+console.log("- Browser cannot use NEXT_PUBLIC_APPWRITE_API_KEY directly");
+console.log("- Browser uses session-based authentication");
+console.log("- CORS must be configured in Appwrite console");
+console.log("- Network requests may fail if not authenticated");
+
+// Test if we can create a client (without API key like browser would)
+try {
+  const { Client } = require("node-appwrite");
+  const client = new Client()
+    .setEndpoint(config.endpoint)
+    .setProject(config.projectId);
+  // No .setKey() - browsers don't use API keys
+
+  console.log("");
+  console.log("✅ Client configuration successful (browser-style)");
+  console.log(
+    "Note: Actual database operations would require user authentication in browser",
+  );
+} catch (error) {
+  console.error("❌ Client configuration failed:", error.message);
+}