Files
Momento/memento-note/lib/consent/server-consent.ts
Antigravity e2672cd2c2
Some checks failed
CI / Lint, Test & Build (push) Failing after 1m19s
CI / Deploy production (on server) (push) Has been skipped
feat(notes): liens internes, onglet Réseau, living blocks et consentement IA
Rend les liens entre notes visibles et persistants (sync NoteLink au save, auto-save, graphe réseau rafraîchi), ajoute living blocks, Memory Echo, recherche globale, consentement IA explicite et consolide les prototypes design en architectural-grid.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-24 14:27:29 +00:00

31 lines
865 B
TypeScript

import { auth } from '@/auth'
import { prisma } from '@/lib/prisma'
import { NextResponse } from 'next/server'
/**
* Checks if the authenticated user has explicit GDPR AI processing consent.
* Persistent consent: UserAISettings.aiProcessingConsent
* Session-only consent: signed JWT claim (not client headers — GDPR-safe)
*/
export async function hasUserAiConsent(): Promise<boolean> {
const session = await auth()
if (!session?.user?.id) {
return false
}
if (session.aiSessionConsent === true) {
return true
}
const settings = await prisma.userAISettings.findUnique({
where: { userId: session.user.id },
select: { aiProcessingConsent: true },
})
return settings?.aiProcessingConsent ?? false
}
export function aiConsentForbiddenResponse() {
return NextResponse.json({ error: 'ai_consent_required' }, { status: 403 })
}