From 526ab4e451a6f16c6d1a559960f08cae9f3c1575 Mon Sep 17 00:00:00 2001 From: m5r Date: Fri, 15 Oct 2021 21:57:28 +0200 Subject: [PATCH] ignore incoming messages if on free plan --- app/messages/api/webhook/incoming-message.ts | 25 ++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/app/messages/api/webhook/incoming-message.ts b/app/messages/api/webhook/incoming-message.ts index fa950d1..fd31773 100644 --- a/app/messages/api/webhook/incoming-message.ts +++ b/app/messages/api/webhook/incoming-message.ts @@ -2,7 +2,7 @@ import type { BlitzApiRequest, BlitzApiResponse } from "blitz"; import twilio from "twilio"; import appLogger from "../../../../integrations/logger"; -import db from "../../../../db"; +import db, { SubscriptionStatus } from "../../../../db"; import insertIncomingMessageQueue from "../queue/insert-incoming-message"; import { smsUrl } from "../../../../integrations/twilio"; import type { ApiError } from "../../../core/types"; @@ -40,7 +40,15 @@ export default async function incomingMessageHandler(req: BlitzApiRequest, res: try { const phoneNumbers = await db.phoneNumber.findMany({ where: { number: body.To }, - include: { organization: true }, + include: { + organization: { + include: { + subscriptions: { + where: { status: SubscriptionStatus.active }, + }, + }, + }, + }, }); if (phoneNumbers.length === 0) { // phone number is not registered by any organization @@ -48,10 +56,19 @@ export default async function incomingMessageHandler(req: BlitzApiRequest, res: return; } - const phoneNumber = phoneNumbers.find((phoneNumber) => { + const phoneNumbersWithActiveSub = phoneNumbers.filter( + (phoneNumber) => phoneNumber.organization.subscriptions.length > 0, + ); + if (phoneNumbersWithActiveSub.length === 0) { + // accept the webhook but don't store incoming message + // because the organization is on the free plan + res.status(200).end(); + } + + const phoneNumber = phoneNumbersWithActiveSub.find((phoneNumber) => { // if multiple organizations have the same number // find the organization currently using that phone number - // maybe we shouldn't let multiple organizations use the same phone number + // maybe we shouldn't let that happen by restricting a phone number to one org? const authToken = phoneNumber.organization.twilioAuthToken ?? ""; return twilio.validateRequest(authToken, twilioSignature, smsUrl, req.body); });