Block all use of the app by banned users

pimterry · pimterry · commit 0eaff10664bc · 2022-09-19T20:29:41.000+02:00
This is sad, but it's the only way to stop some substantial abuse of
users who keep signing up for subscriptions, using the app, and then
disputing the charges with their banks (resulting in fines for HTTP
Toolkit, and risking a permanent ban from payment providers). These
users are either stealing credit cards, from innocent users elsewhere
who report the charges, or they're using their own cards and lying to
the bank to say that they don't recognize the charge to avoid paying
for software they've purchased and used.

Either way, it seems legitimate to block them entirely. Please don't
file chargebacks, they're an existential risk for the tool for
everybody, and I'm quite happy to give refunds to anybody who isn't
satisfied with Pro.
diff --git a/src/model/account/account-store.ts b/src/model/account/account-store.ts
@@ -71,6 +71,11 @@ export class AccountStore {
         // Include the user email in error reports whilst they're logged in.
         // Useful generally, but especially for checkout/subscription issues.
         reportErrorsAsUser(this.user.email);
+
+        if (this.user.banned) {
+            alert('Your account has been blocked for abuse. Please contact help@httptoolkit.tech.');
+            window.close();
+        }
     }.bind(this));
 
     readonly subscriptionPlans = SubscriptionPlans;
diff --git a/src/model/account/auth.ts b/src/model/account/auth.ts
@@ -223,6 +223,7 @@ type AppData = {
     cancel_url?: string;
     last_receipt_url?: string;
     feature_flags?: string[];
+    banned?: boolean;
 }
 
 type SubscriptionData = {
@@ -237,11 +238,12 @@ type SubscriptionData = {
 
 export type User = {
     email?: string;
+    banned: boolean;
     subscription?: SubscriptionData;
     featureFlags: string[];
 };
 
-const anonUser = (): User => ({ featureFlags: [] });
+const anonUser = (): User => ({ featureFlags: [], banned: false });
 
 /*
  * Synchronously gets the last received user data, _without_
@@ -317,7 +319,8 @@ function parseUserData(userJwt: string | null): User {
         subscription: _.every(_.omit(subscription, ...optionalFields))
             ? subscription as SubscriptionData
             : undefined,
-        featureFlags: appData.feature_flags || []
+        featureFlags: appData.feature_flags || [],
+        banned: !!appData.banned
     };
 }
 
