From c37c68a341faab9645e206a68a238a98628f7721 Mon Sep 17 00:00:00 2001
From: erio <asakifeng@gmail.com>
Date: Sat, 28 Feb 2026 16:02:55 +0800
Subject: [PATCH] feat: append auth token to purchase iframe url

---
 backend/cmd/server/VERSION                       |  2 +-
 .../src/views/user/PurchaseSubscriptionView.vue  | 16 ++++++++++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/backend/cmd/server/VERSION b/backend/cmd/server/VERSION
index 6c38dc27..f79be184 100644
--- a/backend/cmd/server/VERSION
+++ b/backend/cmd/server/VERSION
@@ -1 +1 @@
-0.1.87.4
\ No newline at end of file
+0.1.87.5
\ No newline at end of file
diff --git a/frontend/src/views/user/PurchaseSubscriptionView.vue b/frontend/src/views/user/PurchaseSubscriptionView.vue
index c7504a0e..e919de4c 100644
--- a/frontend/src/views/user/PurchaseSubscriptionView.vue
+++ b/frontend/src/views/user/PurchaseSubscriptionView.vue
@@ -80,6 +80,7 @@ const appStore = useAppStore()
 const authStore = useAuthStore()
 
 const PURCHASE_USER_ID_QUERY_KEY = 'user_id'
+const PURCHASE_AUTH_TOKEN_QUERY_KEY = 'token'
 const PURCHASE_THEME_QUERY_KEY = 'theme'
 const PURCHASE_UI_MODE_QUERY_KEY = 'ui_mode'
 const PURCHASE_UI_MODE_EMBEDDED = 'embedded'
@@ -97,13 +98,21 @@ function detectTheme(): 'light' | 'dark' {
   return document.documentElement.classList.contains('dark') ? 'dark' : 'light'
 }
 
-function buildPurchaseUrl(baseUrl: string, userId?: number, theme: 'light' | 'dark' = 'light'): string {
+function buildPurchaseUrl(
+  baseUrl: string,
+  userId?: number,
+  authToken?: string | null,
+  theme: 'light' | 'dark' = 'light',
+): string {
   if (!baseUrl) return baseUrl
   try {
     const url = new URL(baseUrl)
     if (userId) {
       url.searchParams.set(PURCHASE_USER_ID_QUERY_KEY, String(userId))
     }
+    if (authToken) {
+      url.searchParams.set(PURCHASE_AUTH_TOKEN_QUERY_KEY, authToken)
+    }
     url.searchParams.set(PURCHASE_THEME_QUERY_KEY, theme)
     url.searchParams.set(PURCHASE_UI_MODE_QUERY_KEY, PURCHASE_UI_MODE_EMBEDDED)
     return url.toString()
@@ -112,6 +121,9 @@ function buildPurchaseUrl(baseUrl: string, userId?: number, theme: 'light' | 'da
     if (userId) {
       params.push(`${PURCHASE_USER_ID_QUERY_KEY}=${encodeURIComponent(String(userId))}`)
     }
+    if (authToken) {
+      params.push(`${PURCHASE_AUTH_TOKEN_QUERY_KEY}=${encodeURIComponent(authToken)}`)
+    }
     params.push(`${PURCHASE_THEME_QUERY_KEY}=${encodeURIComponent(theme)}`)
     params.push(`${PURCHASE_UI_MODE_QUERY_KEY}=${encodeURIComponent(PURCHASE_UI_MODE_EMBEDDED)}`)
     const separator = baseUrl.includes('?') ? '&' : '?'
@@ -121,7 +133,7 @@ function buildPurchaseUrl(baseUrl: string, userId?: number, theme: 'light' | 'da
 
 const purchaseUrl = computed(() => {
   const baseUrl = (appStore.cachedPublicSettings?.purchase_subscription_url || '').trim()
-  return buildPurchaseUrl(baseUrl, authStore.user?.id, purchaseTheme.value)
+  return buildPurchaseUrl(baseUrl, authStore.user?.id, authStore.token, purchaseTheme.value)
 })
 
 const isValidUrl = computed(() => {