From 4fb49e0252a9a09f57c959b4710397c55146ca73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Urban=20Vidovic=CC=8C?= <urbanfoundit@gmail.com>
Date: Sat, 30 Mar 2024 15:43:05 +0100
Subject: [PATCH] fix: date check if user has already claimed the credential
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Urban Vidovič <urbanfoundit@gmail.com>
---
 .../dapp/src/app/api/campaigns/issue/route.ts | 103 +++++++++++-------
 1 file changed, 61 insertions(+), 42 deletions(-)

diff --git a/packages/dapp/src/app/api/campaigns/issue/route.ts b/packages/dapp/src/app/api/campaigns/issue/route.ts
index 4ebd7fb38..d504c5f0c 100644
--- a/packages/dapp/src/app/api/campaigns/issue/route.ts
+++ b/packages/dapp/src/app/api/campaigns/issue/route.ts
@@ -76,21 +76,13 @@ export async function POST(request: NextRequest) {
       });
     }
 
-    if (campaign.total && campaign.claimed >= campaign.total) {
-      return new NextResponse('Campaign is already fully claimed', {
-        status: 400,
-        headers: {
-          ...CORS_HEADERS,
-        },
-      });
-    }
-    const { data: completedRequirements, error: completedRequirementsError } =
-      await supabase.rpc('get_num_of_users_requirements_by_campaign', {
-        campaign_id: campaignId,
-        user_id: user.sub,
-      });
+    const { data: claim, error: claimError } = await supabase
+      .from('claims')
+      .select('*')
+      .eq('campaign_id', campaignId)
+      .eq('user_id', user.sub);
 
-    if (completedRequirementsError) {
+    if (claimError) {
       return new NextResponse('Internal Server Error', {
         status: 500,
         headers: {
@@ -98,13 +90,60 @@ export async function POST(request: NextRequest) {
         },
       });
     }
-    if (completedRequirements !== campaign.requirements.length) {
-      return new NextResponse('User has not completed all requirements', {
-        status: 400,
-        headers: {
-          ...CORS_HEADERS,
-        },
-      });
+
+    let claimDate = new Date().toISOString();
+    let alreadyClaimed = false;
+    if (claim.length > 0) {
+      claimDate = claim[0].claimed_at;
+      alreadyClaimed = true;
+    }
+
+    if (!alreadyClaimed) {
+      const now = new Date();
+      const startDateValid =
+        campaign.start_date && new Date(campaign.start_date) > now;
+      const endDateValid =
+        campaign.end_date && new Date(campaign.end_date) < now;
+      const isCampaignInactive = startDateValid || endDateValid;
+      const isCampaignFullyClaimed =
+        campaign.total && campaign.claimed >= campaign.total;
+
+      if (isCampaignInactive) {
+        return new NextResponse('Campaign is not active', {
+          status: 400,
+          headers: { ...CORS_HEADERS },
+        });
+      }
+
+      if (isCampaignFullyClaimed) {
+        return new NextResponse('Campaign is already fully claimed', {
+          status: 400,
+          headers: { ...CORS_HEADERS },
+        });
+      }
+
+      const { data: completedRequirements, error: completedRequirementsError } =
+        await supabase.rpc('get_num_of_users_requirements_by_campaign', {
+          campaign_id: campaignId,
+          user_id: user.sub,
+        });
+
+      if (completedRequirementsError) {
+        return new NextResponse('Internal Server Error', {
+          status: 500,
+          headers: {
+            ...CORS_HEADERS,
+          },
+        });
+      }
+      if (completedRequirements !== campaign.requirements.length) {
+        return new NextResponse('User has not completed all requirements', {
+          status: 400,
+          headers: {
+            ...CORS_HEADERS,
+          },
+        });
+      }
     }
 
     const agent = await getAgent();
@@ -135,21 +174,6 @@ export async function POST(request: NextRequest) {
       });
     }
 
-    const { data: claim, error: claimError } = await supabase
-      .from('claims')
-      .select('*')
-      .eq('campaign_id', campaignId)
-      .eq('user_id', user.sub);
-
-    if (claimError) {
-      return new NextResponse('Internal Server Error', {
-        status: 500,
-        headers: {
-          ...CORS_HEADERS,
-        },
-      });
-    }
-
     const controllerKeyId = 'key-1';
 
     const issuerDid = await agent.didManagerImport({
@@ -166,12 +190,8 @@ export async function POST(request: NextRequest) {
       ],
     });
 
-    let claimDate = new Date().toISOString();
-    if (claim.length > 0) {
-      claimDate = claim[0].claimed_at;
-    }
     let credentialId = claim[0]?.credential_id;
-    if (claim.length === 0) {
+    if (!alreadyClaimed) {
       const { data: insertedClaimData, error: updatedClaimError } =
         await supabase
           .from('claims')
@@ -194,7 +214,6 @@ export async function POST(request: NextRequest) {
           });
         }
 
-        console.error('Error updating claim', updatedClaimError);
         return new NextResponse('Internal Server Error', {
           status: 500,
           headers: {