language-learning-app/frontend/src/routes/app/+layout.server.ts

import { redirect, type ServerLoad } from '@sveltejs/kit';
import { getAccountStatusApiAccountStatusGet } from '../../client/sdk.gen.ts';
import type { AccountStatusResponse } from '../../client/types.gen.ts';

const PROBLEM_FLAGS_COOKIE_NAME = 'account_problem_flags';
export const load: ServerLoad = async ({ locals, url, cookies }) => {
	const cachedFlags = cookies.get(PROBLEM_FLAGS_COOKIE_NAME);
	let problemFlags: string[] = [];

	if (cachedFlags === undefined) {
		const { data } = await getAccountStatusApiAccountStatusGet({
			headers: { Authorization: `Bearer ${locals.authToken}` }
		});

		const flags = (data as AccountStatusResponse)?.problem_flags ?? [];

		// 15-minute cookie-based cache
		cookies.set(PROBLEM_FLAGS_COOKIE_NAME, JSON.stringify(flags), {
			path: '/',
			maxAge: 60 * 15
		});

		problemFlags = flags;
	}

	// Redirect to onboarding if not yet completed — guard against redirect loop
	if (problemFlags.includes('no_onboarding') && !url.pathname.startsWith('/app/onboarding')) {
		redirect(307, '/app/onboarding');
	}

	// Don't hard-block on unverified email yet (login gate is not active),
	// but surface the flag so the layout can show a warning banner.
	return {
		emailUnverified: problemFlags.includes('unvalidated_email')
	};
};