feat: enhance wallet trial creation logic

[baktun14]

Summary by CodeRabbit

• Bug Fixes

  • Added fingerprint-based blocking of wallet trial starts when the same device fingerprint is associated with another trialing account.

• Tests

  • Added tests covering duplicate-fingerprint rejection and successful trial start when no fingerprint exists.

• Chores

  • Expanded request header forwarding to include User-Agent.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a fingerprint-based duplicate detection to wallet trial creation (blocked in production), new UserRepository query to find trial users by fingerprint, corresponding tests for duplicate/no-fingerprint paths, and propagates the User-Agent header in the client-ip-forwarding interceptor.

Changes

Cohort / File(s)	Summary
Wallet Trial Fingerprint Guard apps/api/src/billing/controllers/wallet/wallet.controller.ts, apps/api/src/billing/controllers/wallet/wallet.controller.spec.ts	Injected UserRepository into WalletController. In production, if a user has lastFingerprint, query for trial users with the same fingerprint (excluding current user) and return 400 if any found. Added tests for duplicate-fingerprint blocking and no-fingerprint allow paths.
User Fingerprint Query apps/api/src/user/repositories/user/user.repository.ts	Added findTrialUsersByFingerprint(fingerprint: string, excludeUserId: string): Promise<{ id: string }[]> to query Users joined with UserWallets where isTrialing and lastFingerprint match, excluding a user ID.
Request Header Propagation apps/deploy-web/src/services/client-ip-forwarding/client-ip-forwarding.interceptor.ts	Extended propagated headers to include user-agent alongside cf-connecting-ip and x-forwarded-for for Axios request config.

Sequence Diagram

sequenceDiagram
    participant Client
    participant WalletController
    participant UserRepository
    participant Database

    Client->>WalletController: POST /wallet (initiate trial)
    WalletController->>WalletController: Check user's lastFingerprint

    alt User has fingerprint (production)
        WalletController->>UserRepository: findTrialUsersByFingerprint(fingerprint, userId)
        UserRepository->>Database: SELECT ... JOIN UserWallets WHERE lastFingerprint = ? AND isTrialing AND userId != ?
        Database-->>UserRepository: Matching users[]
        UserRepository-->>WalletController: Return matches

        alt matches found
            WalletController-->>Client: 400 Duplicate fingerprint error
        else no matches
            WalletController->>WalletController: Create trial wallet
            WalletController-->>Client: 201 Trial created
        end
    else No fingerprint
        WalletController->>WalletController: Create trial wallet
        WalletController-->>Client: 201 Trial created
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat(billing): test charge for free trial #1898: Changes WalletController trial flow with payment/Stripe validations; touches same controller where fingerprint guard was added.
• feat(billing): searches existing payment methods only if provided fin… #2054: Adds duplicate-fingerprint detection logic and related test updates for wallet trials.
• refactor: adds unit tests for start-trial #1762: Modifies wallet trial start flow and tests; overlaps with test-area changes in this PR.

Suggested reviewers

• ygrishajev
• stalniy

Poem

🐰 A tiny hop, a fingerprint found,
I sniff the hashes all around.
If twins appear, I sound the bell—
No duplicate trials shall dwell.
Hooray for one wallet, safe and sound! 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'enhance wallet trial creation logic' accurately reflects the main changes: adding fingerprint duplicate detection to wallet trial initiation, introducing UserRepository dependency, and implementing a guard to block trials for users with duplicate fingerprints.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/fingerprint-check

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 81.81818% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.75%. Comparing base (de8598e) to head (95d382b).
⚠️ Report is 12 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
.../api/src/user/repositories/user/user.repository.ts	50.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2670      +/-   ##
==========================================
+ Coverage   51.32%   53.75%   +2.42%     
==========================================
  Files        1054     1055       +1     
  Lines       29573    29320     -253     
  Branches     6649     6350     -299     
==========================================
+ Hits        15179    15760     +581     
+ Misses      14175    13186     -989     
- Partials      219      374     +155     

Flag	Coverage Δ
api	78.53% <80.00%> (-0.03%)	⬇️
deploy-web	36.38% <100.00%> (+3.74%)	⬆️
log-collector	75.35% <ø> (ø)
notifications	87.94% <ø> (ø)
provider-console	81.48% <ø> (ø)
provider-proxy	84.35% <ø> (ø)
tx-signer	79.25% <ø> (ø)

Files with missing lines	Coverage Δ
...rc/billing/controllers/wallet/wallet.controller.ts	96.82% <100.00%> (+0.27%)	⬆️
...-ip-forwarding/client-ip-forwarding.interceptor.ts	27.27% <100.00%> (ø)
.../api/src/user/repositories/user/user.repository.ts	89.74% <50.00%> (-4.71%)	⬇️

... and 135 files with indirect coverage changes

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@apps/api/src/user/repositories/user/user.repository.ts`:
- Around line 82-87: findTrialUsersByFingerprint is currently returning users
with any wallet matching the fingerprint; restrict the query to trialing wallets
by adding a condition on the wallet's isTrialing column so only wallets where
UserWallets.isTrialing === true are matched. Update the query built in
findTrialUsersByFingerprint to include this additional predicate along with the
existing eq(UserWallets.userId, this.table.id), eq(this.table.lastFingerprint,
fingerprint) and ne(this.table.id, excludeUserId) so the function returns only
trial users.