Show a clear warning to team admins incorrectly logging into the tool

httptoolkit · Feb 14, 2024 · 02c8d47 · 02c8d47
1 parent 0235384
commit 02c8d47
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 9 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -39,7 +39,7 @@
     "@fortawesome/free-regular-svg-icons": "^5.12.1",
     "@fortawesome/free-solid-svg-icons": "^5.12.1",
     "@fortawesome/react-fontawesome": "^0.1.8",
-    "@httptoolkit/accounts": "^2.0.0",
+    "@httptoolkit/accounts": "^2.1.0",
     "@httptoolkit/auth0-lock": "^11.26.3",
     "@httptoolkit/httpsnippet": "^2.1.1",
     "@open-rpc/meta-schema": "^1.14.2",

diff --git a/src/model/account/account-store.ts b/src/model/account/account-store.ts
@@ -1,5 +1,5 @@
 import * as _ from 'lodash';
-import { observable, action, flow, computed, when } from 'mobx';
+import { observable, action, flow, computed, when, observe } from 'mobx';
 
 import { logError, logErrorsAsUser } from '../../errors';
 import { trackEvent } from '../../metrics';
@@ -76,6 +76,32 @@ export class AccountStore {
         setInterval(this.updateUser, 1000 * 60 * 10);
         loginEvents.on('logout', this.updateUser);
 
+        // Whenever account data updates, check if we're a non-user team admin, and notify (and
+        // logout) if so. This isn't a security measure (admin's dont get access anyway) it's just
+        // a UX question, as it can be confusing for admins otherwise when logging in doesn't work.
+        observe(this, 'accountDataLastUpdated', () => {
+            if (
+                !this.user.subscription &&
+                this.user.teamSubscription
+            ) {
+                alert(
+                    "You are the administrator of an HTTP Toolkit team, but you aren't listed " +
+                    "as an active member, so you don't have access to HTTP Toolkit's " +
+                    "paid features yourself." +
+                    "\n\n" +
+                    "To manage your team, please visit accounts.httptoolkit.tech."
+                );
+
+                window.open(
+                    "https://accounts.httptoolkit.tech",
+                    "_blank",
+                    "noreferrer noopener"
+                );
+
+                this.logOut();
+            }
+        });
+
         console.log('Account store initialized');
     });