Recommended flow

Click “Login” → modal opens (good).

After successful auth:

If isPaid = true → send to /brand (or /profile if you prefer).

If isPaid = false (free user) → send to /pricing (subscription levels) with a secondary link to /profile.

This gives new/free users a clear upgrade path while paid users go straight to value.

Drop-in prompt for Replit (adds redirect logic)
Update auth flow:

1) Backend: include a `newUser` flag in /api/auth/register response, and include `isPaid` in both register & login responses.
   - Register response: { email, isPaid: false, newUser: true }
   - Login response: { email, isPaid, newUser: false }

2) Frontend:
   - In the login/register modal, on success call `handleAuthSuccess({ isPaid, newUser })`.
   - Redirect rules:
       if (isPaid) -> navigate('/brand');       // or '/profile'
       else        -> navigate('/pricing');     // with a small link "Skip for now → Profile"

3) Add a simple /pricing page (static for now) listing Free vs Pro.

Minimal code changes
Backend (small tweak to existing endpoints)
// server/auth/routes.ts
// ...existing imports...

router.post("/api/auth/register", async (req, res) => {
  const { email, password } = req.body || {};
  if (!email || !password) return res.status(400).json({ error: "Email and password required" });
  if (Users.findByEmail(email)) return res.status(409).json({ error: "Email already in use" });

  const hash = await bcrypt.hash(password, 10);
  const user = Users.create(email, hash)!;
  const token = signUserToken({ id: user.id, email: user.email, isPaid: !!user.is_paid });
  res.cookie("token", token, { httpOnly: true, sameSite: "lax", secure: false, path: "/" });
  return res.json({ email: user.email, isPaid: false, newUser: true });
});

router.post("/api/auth/login", async (req, res) => {
  const { email, password } = req.body || {};
  const user = Users.findByEmail(email || "");
  if (!user) return res.status(401).json({ error: "Invalid credentials" });
  const ok = await bcrypt.compare(password || "", user.password_hash);
  if (!ok) return res.status(401).json({ error: "Invalid credentials" });
  const token = signUserToken({ id: user.id, email: user.email, isPaid: !!user.is_paid });
  res.cookie("token", token, { httpOnly: true, sameSite: "lax", secure: false, path: "/" });
  return res.json({ email: user.email, isPaid: !!user.is_paid, newUser: false });
});

Frontend (post-auth redirect helper)
// src/store/authRedirect.ts
export function handleAuthSuccess(opts: { isPaid: boolean; newUser: boolean }, navigate: (path:string)=>void) {
  if (opts.isPaid) {
    navigate('/brand');      // or '/profile'
  } else {
    navigate('/pricing');    // free users see plans first
  }
}


In your login/register modal submit success:

import { handleAuthSuccess } from '@/store/authRedirect';

// after successful fetch to /api/auth/login or /api/auth/register:
handleAuthSuccess({ isPaid: data.isPaid, newUser: data.newUser }, (p)=>navigate(p));

Simple Pricing page stub (Phase-1 basic)

Route: /pricing

// src/pages/Pricing/PricingPage.tsx
export default function PricingPage(){
  return (
    <div className="max-w-4xl mx-auto py-10">
      <h1 className="text-3xl font-bold mb-6">Choose your plan</h1>
      <div className="grid sm:grid-cols-2 gap-6">
        <div className="rounded-2xl border p-6">
          <h2 className="text-xl font-semibold mb-2">Free</h2>
          <ul className="text-sm space-y-2 mb-4">
            <li>• Name + Slogan (basic)</li>
            <li>• Logo preview (low-res)</li>
            <li>• Color palette (3 colors)</li>
            <li>• Profile (Lite)</li>
          </ul>
          <a href="/profile" className="underline text-sm">Skip for now → Profile</a>
        </div>
        <div className="rounded-2xl border p-6">
          <h2 className="text-xl font-semibold mb-2">Pro — $19/mo</h2>
          <ul className="text-sm space-y-2 mb-4">
            <li>• Full logo pack (SVG/PNG, transparent)</li>
            <li>• Expanded palettes + fonts</li>
            <li>• Slogan & Business Plan (Pro)</li>
            <li>• Export PDF/DOCX/Google Docs</li>
          </ul>
          <button
            onClick={()=>openPaywallModal({source:'pricing'})}
            className="rounded-xl py-2 px-4 bg-black text-white"
          >
            Upgrade
          </button>
        </div>
      </div>
    </div>
  );
}

Optional nicety (doesn’t require DB changes)

If the user clicked “Upgrade” somewhere before login, stash the intended path in sessionStorage.intendedPath. After auth, prefer redirecting there. Example: if they tried to export a logo, after login redirect back to that screen and show the paywall.

TL;DR

Your header → login modal → redirect to /pricing (free) or /brand//profile (paid) is exactly right.

The auth & paywall code we set up fully supports this; we just add a tiny redirect helper.

No schema changes required; this is all front-door logic.