fix(events): fix check-in QR flow and event id normalization

Author: makerjackie

apps/web/src/app/(main)/(public)/events/[eventId]/checkin/page.tsx

@@ -19,7 +19,7 @@ import {
 	useRouter,
 	useSearchParams,
 } from "next/navigation";
-import { useEffect, useState } from "react";
+import { useCallback, useEffect, useRef, useState } from "react";
 import { toast } from "sonner";
 import { useTranslations } from "next-intl";
 
@@ -53,14 +53,12 @@ export default function EventCheckInPage() {
 	);
 	const [loading, setLoading] = useState(true);
 	const [isCheckingIn, setIsCheckingIn] = useState(false);
+	const hasAutoCheckInTriggeredRef = useRef(false);
+	const hasAutoLoginRedirectRef = useRef(false);
 	const searchString = searchParams.toString();
 	const redirectTo = searchString ? `${pathname}?${searchString}` : pathname;
 
-	useEffect(() => {
-		fetchCheckInStatus();
-	}, [eventId]);
-
-	const fetchCheckInStatus = async () => {
+	const fetchCheckInStatus = useCallback(async () => {
 		try {
 			const response = await fetch(
 				`/api/events/${eventId}/checkin/status`,
@@ -86,10 +84,16 @@ export default function EventCheckInPage() {
 		} finally {
 			setLoading(false);
 		}
-	};
+	}, [eventId, t]);
+
+	useEffect(() => {
+		hasAutoCheckInTriggeredRef.current = false;
+		hasAutoLoginRedirectRef.current = false;
+		void fetchCheckInStatus();
+	}, [fetchCheckInStatus]);
 
-	const handleCheckIn = async () => {
-		if (!checkInStatus?.canCheckIn) {
+	const handleCheckIn = useCallback(async () => {
+		if (!checkInStatus?.canCheckIn || isCheckingIn) {
 			return;
 		}
 
@@ -108,7 +112,7 @@ export default function EventCheckInPage() {
 			if (response.ok) {
 				toast.success(t("successfullyCheckedIn"));
 				// Refresh status
-				fetchCheckInStatus();
+				await fetchCheckInStatus();
 			} else {
 				const error = await response.json();
 				toast.error(error.error || t("checkInError"));
@@ -119,9 +123,16 @@ export default function EventCheckInPage() {
 		} finally {
 			setIsCheckingIn(false);
 		}
-	};
+	}, [
+		checkInStatus?.canCheckIn,
+		isCheckingIn,
+		eventId,
+		t,
+		fetchCheckInStatus,
+	]);
 
 	const statusMessageLower = checkInStatus?.message?.toLowerCase() ?? "";
+	const isLoginRequired = checkInStatus?.statusCode === "LOGIN_REQUIRED";
 
 	const isNotRegistered =
 		checkInStatus?.statusCode === "NOT_REGISTERED" ||
@@ -131,15 +142,26 @@ export default function EventCheckInPage() {
 		checkInStatus?.statusCode === "REGISTRATION_PENDING" ||
 		statusMessageLower.includes("not approved");
 
-	// If user is not registered, jump straight to the registration entry
 	useEffect(() => {
-		if (!checkInStatus || !isNotRegistered) return;
-		const searchParams = new URLSearchParams();
-		searchParams.set("openRegistration", "1");
-		searchParams.set("from", "checkin");
-		const targetPath = `/events/${eventId}?${searchParams.toString()}`;
-		router.replace(targetPath);
-	}, [checkInStatus, isNotRegistered, eventId, router]);
+		if (!isLoginRequired || hasAutoLoginRedirectRef.current) return;
+		hasAutoLoginRedirectRef.current = true;
+		router.replace(
+			`/auth/login?redirectTo=${encodeURIComponent(redirectTo)}`,
+		);
+	}, [isLoginRequired, redirectTo, router]);
+
+	useEffect(() => {
+		if (!checkInStatus?.canCheckIn || checkInStatus.isAlreadyCheckedIn)
+			return;
+		if (isCheckingIn || hasAutoCheckInTriggeredRef.current) return;
+		hasAutoCheckInTriggeredRef.current = true;
+		void handleCheckIn();
+	}, [
+		checkInStatus?.canCheckIn,
+		checkInStatus?.isAlreadyCheckedIn,
+		isCheckingIn,
+		handleCheckIn,
+	]);
 
 	if (loading) {
 		return (
@@ -314,8 +336,7 @@ export default function EventCheckInPage() {
 
 								{!checkInStatus.canCheckIn &&
 									!checkInStatus.isAlreadyCheckedIn &&
-									checkInStatus.message ===
-										t("loginRequiredMessage") && (
+									isLoginRequired && (
 										<Button
 											size="lg"
 											className="w-full"

apps/web/src/modules/account/events/hooks/useEventManagement.ts

@@ -451,7 +451,10 @@ export function useEventManagement() {
 					errorType = "warning";
 				} else if (rawError.includes("not registered")) {
 					errorMessage = t("actions.checkInNotRegistered");
-				} else if (rawError.includes("not confirmed")) {
+				} else if (
+					rawError.includes("not confirmed") ||
+					rawError.includes("not approved")
+				) {
 					errorMessage = t("actions.checkInNotConfirmed");
 				}
 

apps/web/src/server/routes/events.ts

@@ -948,12 +948,23 @@ app.get("/:eventId/my-feedback", async (c) => {
 		}
 
 		const eventId = c.req.param("eventId");
+		const event = await getEventById(eventId, { includeAdminData: false });
+
+		if (!event) {
+			return c.json(
+				{
+					success: false,
+					error: "Event not found",
+				},
+				404,
+			);
+		}
 
 		// Get user's feedback for this event
 		const feedback = await db.eventFeedback.findUnique({
 			where: {
 				eventId_userId: {
-					eventId,
+					eventId: event.id,
 					userId: session.user.id,
 				},
 			},

apps/web/src/server/routes/events/checkin.ts

@@ -56,6 +56,7 @@ app.post("/", zValidator("json", checkInSchema), async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Check if event check-in is available (2 hours before start time)
 		const now = new Date();
@@ -76,7 +77,7 @@ app.post("/", zValidator("json", checkInSchema), async (c) => {
 		// If checking in someone else, verify permissions
 		if (data.userId && data.userId !== session.user.id) {
 			const hasPermission = await canViewEventManagementData(
-				data.eventId,
+				canonicalEventId,
 				session.user.id,
 			);
 
@@ -91,8 +92,33 @@ app.post("/", zValidator("json", checkInSchema), async (c) => {
 			}
 		}
 
+		const registration = await getUserRegistration(
+			canonicalEventId,
+			targetUserId,
+		);
+
+		if (!registration) {
+			return c.json(
+				{
+					success: false,
+					error: "User is not registered for this event",
+				},
+				400,
+			);
+		}
+
+		if (registration.status !== "APPROVED") {
+			return c.json(
+				{
+					success: false,
+					error: "User is not confirmed for this event yet",
+				},
+				400,
+			);
+		}
+
 		const checkIn = await checkIntoEvent({
-			eventId: data.eventId,
+			eventId: canonicalEventId,
 			userId: targetUserId,
 			checkedInBy: data.userId ? session.user.id : undefined,
 		});
@@ -105,7 +131,7 @@ app.post("/", zValidator("json", checkInSchema), async (c) => {
 				category: "活动参与",
 				description: `参与活动：${event.title}`,
 				cpValue: CP_VALUES.EVENT_CHECKIN,
-				sourceId: data.eventId,
+				sourceId: canonicalEventId,
 				sourceType: "event",
 				organizationId: event.organizationId || undefined,
 			});
@@ -189,10 +215,11 @@ app.get("/", async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Check if user has permission to view check-ins
 		const hasPermission = await canViewEventManagementData(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 		);
 
@@ -206,7 +233,7 @@ app.get("/", async (c) => {
 			);
 		}
 
-		const checkIns = await getEventCheckIns(eventId);
+		const checkIns = await getEventCheckIns(canonicalEventId);
 
 		return c.json({
 			success: true,
@@ -263,10 +290,11 @@ app.get("/status", async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Check if user is registered for the event
 		const registration = await getUserRegistration(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 		);
 		if (!registration) {
@@ -297,7 +325,10 @@ app.get("/status", async (c) => {
 		}
 
 		// Check if user is already checked in
-		const existingCheckIn = await getUserCheckIn(eventId, session.user.id);
+		const existingCheckIn = await getUserCheckIn(
+			canonicalEventId,
+			session.user.id,
+		);
 		if (existingCheckIn) {
 			return c.json({
 				success: true,
@@ -400,11 +431,12 @@ app.delete("/", zValidator("json", checkInSchema), async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// If canceling someone else's check-in, verify permissions
 		if (data.userId && data.userId !== session.user.id) {
 			const hasPermission = await canViewEventManagementData(
-				data.eventId,
+				canonicalEventId,
 				session.user.id,
 			);
 
@@ -420,7 +452,7 @@ app.delete("/", zValidator("json", checkInSchema), async (c) => {
 		}
 
 		const canceledCheckIn = await cancelEventCheckIn(
-			data.eventId,
+			canonicalEventId,
 			targetUserId,
 		);
 

apps/web/src/server/routes/events/feedback.ts

@@ -92,6 +92,7 @@ app.post("/", zValidator("json", feedbackSchema), async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Allow feedback for published events (removed time restrictions)
 		if (
@@ -109,7 +110,7 @@ app.post("/", zValidator("json", feedbackSchema), async (c) => {
 
 		// Check if user is registered for the event with confirmed status
 		const registration = await getEventRegistration(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 		);
 		if (!registration || registration.status !== "APPROVED") {
@@ -162,7 +163,7 @@ app.post("/", zValidator("json", feedbackSchema), async (c) => {
 		}
 
 		const feedback = await createEventFeedback({
-			eventId,
+			eventId: canonicalEventId,
 			userId: session.user.id,
 			rating: data.rating,
 			comment: data.comment || null,
@@ -179,7 +180,7 @@ app.post("/", zValidator("json", feedbackSchema), async (c) => {
 				category: "活动参与",
 				description: `为活动"${event.title}"提供反馈`,
 				cpValue: CP_VALUES.EVENT_FEEDBACK,
-				sourceId: eventId,
+				sourceId: canonicalEventId,
 				sourceType: "event_feedback",
 				organizationId: event.organizationId || undefined,
 			});
@@ -257,10 +258,11 @@ app.get("/", async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Check if user has permission to view feedback
 		const hasPermission = await canViewEventManagementData(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 		);
 		if (!hasPermission) {
@@ -273,7 +275,7 @@ app.get("/", async (c) => {
 			);
 		}
 
-		const feedback = await getEventFeedback(eventId);
+		const feedback = await getEventFeedback(canonicalEventId);
 
 		return c.json({
 			success: true,
@@ -332,10 +334,11 @@ app.put("/", zValidator("json", updateFeedbackSchema), async (c) => {
 				404,
 			);
 		}
+		const canonicalEventId = event.id;
 
 		// Check if user is registered for the event with confirmed status
 		const registration = await getEventRegistration(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 		);
 		if (!registration || registration.status !== "APPROVED") {
@@ -388,7 +391,7 @@ app.put("/", zValidator("json", updateFeedbackSchema), async (c) => {
 		}
 
 		const updatedFeedback = await updateEventFeedback(
-			eventId,
+			canonicalEventId,
 			session.user.id,
 			{
 				rating: data.rating,