remove lucia

2026-02-25 22:36:38 +00:00 · 2024-10-13 17:13:47 -04:00
parent f14fb90ab6
commit 99d6cababa
39 changed files with 234 additions and 167 deletions
--- a/server/routers/auth/changePassword.ts
+++ b/server/routers/auth/changePassword.ts
@@ -2,7 +2,7 @@ import { Request, Response, NextFunction } from "express";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
 import { fromError } from "zod-validation-error";
-import lucia, { unauthorized } from "@server/auth";
+import { unauthorized, invalidateAllSessions } from "@server/auth";
 import { z } from "zod";
 import { db } from "@server/db";
 import { User, users } from "@server/db/schema";
@@ -74,7 +74,7 @@ export async function changePassword(
            const validOTP = await verifyTotpCode(
                code!,
                user.twoFactorSecret!,
-                user.id,
+                user.userId,
            );

            if (!validOTP) {
@@ -94,9 +94,9 @@ export async function changePassword(
            .set({
                passwordHash: hash,
            })
-            .where(eq(users.id, user.id));
+            .where(eq(users.userId, user.userId));

-        await lucia.invalidateUserSessions(user.id);
+        await invalidateAllSessions(user.userId);

        // TODO: send email to user confirming password change

--- a/server/routers/auth/disable2fa.ts
+++ b/server/routers/auth/disable2fa.ts
@@ -69,7 +69,7 @@ export async function disable2fa(
        const validOTP = await verifyTotpCode(
            code,
            user.twoFactorSecret!,
-            user.id,
+            user.userId,
        );

        if (!validOTP) {
@@ -84,11 +84,11 @@ export async function disable2fa(
        await db
            .update(users)
            .set({ twoFactorEnabled: false })
-            .where(eq(users.id, user.id));
+            .where(eq(users.userId, user.userId));

        await db
            .delete(twoFactorBackupCodes)
-            .where(eq(twoFactorBackupCodes.userId, user.id));
+            .where(eq(twoFactorBackupCodes.userId, user.userId));

        // TODO: send email to user confirming two-factor authentication is disabled

--- a/server/routers/auth/getUserOrgs.ts
+++ b/server/routers/auth/getUserOrgs.ts
@@ -6,7 +6,7 @@ import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';

 export async function getUserOrgs(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user?.id; // Assuming you have user information in the request
+    const userId = req.user?.userId; // Assuming you have user information in the request

    if (!userId) {
        return next(createHttpError(HttpCode.UNAUTHORIZED, 'User not authenticated'));
@@ -30,4 +30,4 @@ export async function getUserOrgs(req: Request, res: Response, next: NextFunctio
    } catch (error) {
        next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error retrieving user organizations'));
    }
-}
+}
--- a/server/routers/auth/login.ts
+++ b/server/routers/auth/login.ts
@@ -1,5 +1,10 @@
 import { verify } from "@node-rs/argon2";
-import lucia, { verifySession } from "@server/auth";
+import {
+    createSession,
+    generateSessionToken,
+    serializeSessionCookie,
+    verifySession,
+} from "@server/auth";
 import db from "@server/db";
 import { users } from "@server/db/schema";
 import HttpCode from "@server/types/HttpCode";
@@ -102,7 +107,7 @@ export async function login(
            const validOTP = await verifyTotpCode(
                code,
                existingUser.twoFactorSecret!,
-                existingUser.id,
+                existingUser.userId,
            );

            if (!validOTP) {
@@ -115,13 +120,11 @@ export async function login(
            }
        }

-        const session = await lucia.createSession(existingUser.id, {});
-        const cookie = lucia.createSessionCookie(session.id).serialize();
+        const token = generateSessionToken();
+        await createSession(token, existingUser.userId);
+        const cookie = serializeSessionCookie(token);

-        res.appendHeader(
-            "Set-Cookie",
-            cookie
-        );
+        res.appendHeader("Set-Cookie", cookie);

        if (!existingUser.emailVerified) {
            return response<LoginResponse>(res, {
--- a/server/routers/auth/logout.ts
+++ b/server/routers/auth/logout.ts
@@ -1,16 +1,20 @@
 import { Request, Response, NextFunction } from "express";
-import { lucia } from "@server/auth";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
 import response from "@server/utils/response";
 import logger from "@server/logger";
+import {
+    createBlankSessionTokenCookie,
+    invalidateSession,
+    SESSION_COOKIE_NAME,
+} from "@server/auth";

 export async function logout(
    req: Request,
    res: Response,
    next: NextFunction,
 ): Promise<any> {
-    const sessionId = req.cookies[lucia.sessionCookieName];
+    const sessionId = req.cookies[SESSION_COOKIE_NAME];

    if (!sessionId) {
        return next(
@@ -22,11 +26,8 @@ export async function logout(
    }

    try {
-        await lucia.invalidateSession(sessionId);
-        res.setHeader(
-            "Set-Cookie",
-            lucia.createBlankSessionCookie().serialize(),
-        );
+        await invalidateSession(sessionId);
+        res.setHeader("Set-Cookie", createBlankSessionTokenCookie());

        return response<null>(res, {
            data: null,
--- a/server/routers/auth/requestEmailVerificationCode.ts
+++ b/server/routers/auth/requestEmailVerificationCode.ts
@@ -26,7 +26,7 @@ export async function requestEmailVerificationCode(
            );
        }

-        await sendEmailVerificationCode(user.email, user.id);
+        await sendEmailVerificationCode(user.email, user.userId);

        return response<RequestEmailVerificationCodeResponse>(res, {
            data: {
--- a/server/routers/auth/requestPasswordReset.ts
+++ b/server/routers/auth/requestPasswordReset.ts
@@ -8,10 +8,11 @@ import { db } from "@server/db";
 import { passwordResetTokens, users } from "@server/db/schema";
 import { eq } from "drizzle-orm";
 import { sha256 } from "oslo/crypto";
-import { generateIdFromEntropySize, TimeSpan } from "lucia";
 import { encodeHex } from "oslo/encoding";
 import { createDate } from "oslo";
 import logger from "@server/logger";
+import { generateIdFromEntropySize } from "@server/auth";
+import { TimeSpan } from "oslo";

 export const requestPasswordResetBody = z.object({
    email: z.string().email(),
@@ -58,7 +59,7 @@ export async function requestPasswordReset(

        await db
            .delete(passwordResetTokens)
-            .where(eq(passwordResetTokens.userId, existingUser[0].id));
+            .where(eq(passwordResetTokens.userId, existingUser[0].userId));

        const token = generateIdFromEntropySize(25);
        const tokenHash = encodeHex(
@@ -66,7 +67,7 @@ export async function requestPasswordReset(
        );

        await db.insert(passwordResetTokens).values({
-            userId: existingUser[0].id,
+            userId: existingUser[0].userId,
            tokenHash,
            expiresAt: createDate(new TimeSpan(2, "h")).getTime(),
        });
@@ -89,7 +90,7 @@ export async function requestPasswordReset(
        return next(
            createHttpError(
                HttpCode.INTERNAL_SERVER_ERROR,
-                "Failed to process password reset request"
+                "Failed to process password reset request",
            ),
        );
    }
--- a/server/routers/auth/requestTotpSecret.ts
+++ b/server/routers/auth/requestTotpSecret.ts
@@ -72,7 +72,7 @@ export async function requestTotpSecret(
            .set({
                twoFactorSecret: secret,
            })
-            .where(eq(users.id, user.id));
+            .where(eq(users.userId, user.userId));

        return response<RequestTotpSecretResponse>(res, {
            data: {
--- a/server/routers/auth/resetPassword.ts
+++ b/server/routers/auth/resetPassword.ts
@@ -13,7 +13,7 @@ import { verifyTotpCode } from "@server/auth/2fa";
 import { passwordSchema } from "@server/auth/passwordSchema";
 import { encodeHex } from "oslo/encoding";
 import { isWithinExpirationDate } from "oslo";
-import lucia from "@server/auth";
+import { invalidateAllSessions } from "@server/auth";

 export const resetPasswordBody = z.object({
    token: z.string(),
@@ -71,7 +71,7 @@ export async function resetPassword(
        const user = await db
            .select()
            .from(users)
-            .where(eq(users.id, resetRequest[0].userId));
+            .where(eq(users.userId, resetRequest[0].userId));

        if (!user || !user.length) {
            return next(
@@ -96,7 +96,7 @@ export async function resetPassword(
            const validOTP = await verifyTotpCode(
                code!,
                user[0].twoFactorSecret!,
-                user[0].id,
+                user[0].userId,
            );

            if (!validOTP) {
@@ -111,12 +111,12 @@ export async function resetPassword(

        const passwordHash = await hashPassword(newPassword);

-        await lucia.invalidateUserSessions(resetRequest[0].userId);
+        await invalidateAllSessions(resetRequest[0].userId);

        await db
            .update(users)
            .set({ passwordHash })
-            .where(eq(users.id, resetRequest[0].userId));
+            .where(eq(users.userId, resetRequest[0].userId));

        await db
            .delete(passwordResetTokens)
--- a/server/routers/auth/signup.ts
+++ b/server/routers/auth/signup.ts
@@ -3,9 +3,7 @@ import db from "@server/db";
 import { hash } from "@node-rs/argon2";
 import HttpCode from "@server/types/HttpCode";
 import { z } from "zod";
-import { generateId } from "lucia";
 import { users } from "@server/db/schema";
-import lucia from "@server/auth";
 import { fromError } from "zod-validation-error";
 import createHttpError from "http-errors";
 import response from "@server/utils/response";
@@ -14,6 +12,12 @@ import { sendEmailVerificationCode } from "./sendEmailVerificationCode";
 import { passwordSchema } from "@server/auth/passwordSchema";
 import { eq } from "drizzle-orm";
 import moment from "moment";
+import {
+    createSession,
+    generateId,
+    generateSessionToken,
+    serializeSessionCookie,
+} from "@server/auth";

 export const signupBodySchema = z.object({
    email: z.string().email(),
@@ -85,22 +89,21 @@ export async function signup(
                );
            } else {
                // If the user was created more than 2 hours ago, we want to delete the old user and create a new one
-                await db.delete(users).where(eq(users.id, user.id));
+                await db.delete(users).where(eq(users.userId, user.userId));
            }
        }

        await db.insert(users).values({
-            id: userId,
+            userId: userId,
            email: email,
            passwordHash,
            dateCreated: moment().toISOString(),
        });

-        const session = await lucia.createSession(userId, {});
-        res.appendHeader(
-            "Set-Cookie",
-            lucia.createSessionCookie(session.id).serialize(),
-        );
+        const token = generateSessionToken();
+        await createSession(token, userId);
+        const cookie = serializeSessionCookie(token);
+        res.appendHeader("Set-Cookie", cookie);

        sendEmailVerificationCode(email, userId);

--- a/server/routers/auth/verifyEmail.ts
+++ b/server/routers/auth/verifyEmail.ts
@@ -51,14 +51,14 @@ export async function verifyEmail(
        if (valid) {
            await db
                .delete(emailVerificationCodes)
-                .where(eq(emailVerificationCodes.userId, user.id));
+                .where(eq(emailVerificationCodes.userId, user.userId));

            await db
                .update(users)
                .set({
                    emailVerified: true,
                })
-                .where(eq(users.id, user.id));
+                .where(eq(users.userId, user.userId));
        } else {
            return next(
                createHttpError(
@@ -93,7 +93,7 @@ async function isValidCode(user: User, code: string): Promise<boolean> {
    const codeRecord = await db
        .select()
        .from(emailVerificationCodes)
-        .where(eq(emailVerificationCodes.userId, user.id))
+        .where(eq(emailVerificationCodes.userId, user.userId))
        .limit(1);

    if (user.email !== codeRecord[0].email) {
--- a/server/routers/auth/verifyOrgAccess.ts
+++ b/server/routers/auth/verifyOrgAccess.ts
@@ -7,7 +7,7 @@ import HttpCode from '@server/types/HttpCode';
 import { AuthenticatedRequest } from '@server/types/Auth';

 export function verifyOrgAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user!.id; // Assuming you have user information in the request
+    const userId = req.user!.userId; // Assuming you have user information in the request
    const orgId = parseInt(req.params.orgId);

    if (!userId) {
--- a/server/routers/auth/verifyResourceAccess.ts
+++ b/server/routers/auth/verifyResourceAccess.ts
@@ -6,7 +6,7 @@ import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';

 export async function verifyResourceAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user!.id; // Assuming you have user information in the request
+    const userId = req.user!.userId; // Assuming you have user information in the request
    const resourceId = req.params.resourceId || req.body.resourceId || req.query.resourceId;

    if (!userId) {
@@ -75,4 +75,4 @@ export async function verifyResourceAccess(req: Request, res: Response, next: Ne
    } catch (error) {
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying resource access'));
    }
-}
+}
--- a/server/routers/auth/verifyRoleAccess.ts
+++ b/server/routers/auth/verifyRoleAccess.ts
@@ -7,7 +7,7 @@ import HttpCode from '@server/types/HttpCode';
 import logger from '@server/logger';

 export async function verifyRoleAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user?.id; // Assuming you have user information in the request
+    const userId = req.user?.userId; // Assuming you have user information in the request
    const roleId = parseInt(req.params.roleId || req.body.roleId || req.query.roleId);

    if (!userId) {
@@ -47,4 +47,4 @@ export async function verifyRoleAccess(req: Request, res: Response, next: NextFu
        logger.error('Error verifying role access:', error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying role access'));
    }
-}
+}
--- a/server/routers/auth/verifySiteAccess.ts
+++ b/server/routers/auth/verifySiteAccess.ts
@@ -6,7 +6,7 @@ import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';

 export async function verifySiteAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user!.id; // Assuming you have user information in the request
+    const userId = req.user!.userId; // Assuming you have user information in the request
    const siteId = parseInt(req.params.siteId || req.body.siteId || req.query.siteId);

    if (!userId) {
@@ -76,4 +76,4 @@ export async function verifySiteAccess(req: Request, res: Response, next: NextFu
    } catch (error) {
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying site access'));
    }
-}
+}
--- a/server/routers/auth/verifySuperuser.ts
+++ b/server/routers/auth/verifySuperuser.ts
@@ -7,7 +7,7 @@ import HttpCode from '@server/types/HttpCode';
 import logger from '@server/logger';

 export async function verifySuperuser(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user?.id; // Assuming you have user information in the request
+    const userId = req.user?.userId; // Assuming you have user information in the request
    const orgId = req.userOrgId;

    if (!userId) {
@@ -18,7 +18,7 @@ export async function verifySuperuser(req: Request, res: Response, next: NextFun
        return next(createHttpError(HttpCode.UNAUTHORIZED, 'User not authenticated'));
    }

-    try {     
+    try {
        // Check if the user has a role in the organization
        const userOrgRole = await db.select()
            .from(userOrgs)
@@ -35,7 +35,7 @@ export async function verifySuperuser(req: Request, res: Response, next: NextFun
            .from(roles)
            .where(eq(roles.roleId, userOrgRole[0].roleId))
            .limit(1);
-            
+
        if (userRole.length === 0 || !userRole[0].isSuperuserRole) {
            return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have superuser access'));
        }
@@ -45,4 +45,4 @@ export async function verifySuperuser(req: Request, res: Response, next: NextFun
        logger.error('Error verifying role access:', error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying role access'));
    }
-}
+}
--- a/server/routers/auth/verifyTargetAccess.ts
+++ b/server/routers/auth/verifyTargetAccess.ts
@@ -6,7 +6,7 @@ import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';

 export async function verifyTargetAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user!.id; // Assuming you have user information in the request
+    const userId = req.user!.userId; // Assuming you have user information in the request
    const targetId = parseInt(req.params.targetId);

    if (!userId) {
@@ -81,4 +81,4 @@ export async function verifyTargetAccess(req: Request, res: Response, next: Next
        .catch((error) => {
            next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying organization access'));
        });
-}
+}
--- a/server/routers/auth/verifyTotp.ts
+++ b/server/routers/auth/verifyTotp.ts
@@ -61,7 +61,7 @@ export async function verifyTotp(
    }

    try {
-        const valid = await verifyTotpCode(code, user.twoFactorSecret, user.id);
+        const valid = await verifyTotpCode(code, user.twoFactorSecret, user.userId);

        let codes;
        if (valid) {
@@ -69,7 +69,7 @@ export async function verifyTotp(
            await db
                .update(users)
                .set({ twoFactorEnabled: true })
-                .where(eq(users.id, user.id));
+                .where(eq(users.userId, user.userId));

            const backupCodes = await generateBackupCodes();
            codes = backupCodes;
@@ -77,7 +77,7 @@ export async function verifyTotp(
                const hash = await hashPassword(code);

                await db.insert(twoFactorBackupCodes).values({
-                    userId: user.id,
+                    userId: user.userId,
                    codeHash: hash,
                });
            }
--- a/server/routers/auth/verifyUserAccess.ts
+++ b/server/routers/auth/verifyUserAccess.ts
@@ -6,7 +6,7 @@ import createHttpError from 'http-errors';
 import HttpCode from '@server/types/HttpCode';

 export async function verifyUserAccess(req: Request, res: Response, next: NextFunction) {
-    const userId = req.user!.id; // Assuming you have user information in the request
+    const userId = req.user!.userId; // Assuming you have user information in the request
    const reqUserId = req.params.userId || req.body.userId || req.query.userId;

    if (!userId) {
@@ -18,7 +18,7 @@ export async function verifyUserAccess(req: Request, res: Response, next: NextFu
    }

    try {
-        
+
        const userOrg = await db.select()
            .from(userOrgs)
            .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, req.userOrgId!)))
@@ -34,4 +34,4 @@ export async function verifyUserAccess(req: Request, res: Response, next: NextFu
    } catch (error) {
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Error verifying site access'));
    }
-}
+}
--- a/server/routers/badger/verifyUser.ts
+++ b/server/routers/badger/verifyUser.ts
@@ -1,11 +1,10 @@
-import lucia from "@server/auth";
 import HttpCode from "@server/types/HttpCode";
 import { NextFunction, Request, Response } from "express";
 import createHttpError from "http-errors";
 import { z } from "zod";
 import { fromError } from "zod-validation-error";
 import { response } from "@server/utils/response";
-import logger from "@server/logger";
+import { validateSessionToken } from "@server/auth";

 export const verifyUserBody = z.object({
    sessionId: z.string(),
@@ -36,7 +35,7 @@ export async function verifyUser(
    const { sessionId } = parsedBody.data;

    try {
-        const { session, user } = await lucia.validateSession(sessionId);
+        const { session, user } = await validateSessionToken(sessionId);

        if (!session || !user) {
            return next(
--- a/server/routers/resource/createResource.ts
+++ b/server/routers/resource/createResource.ts
@@ -95,7 +95,7 @@ export async function createResource(req: Request, res: Response, next: NextFunc
        if (req.userOrgRoleId != superuserRole[0].roleId) {
            // make sure the user can access the resource
            await db.insert(userResources).values({
-                userId: req.user?.id!,
+                userId: req.user?.userId!,
                resourceId: newResource[0].resourceId,
            });
        }
--- a/server/routers/resource/listResources.ts
+++ b/server/routers/resource/listResources.ts
@@ -57,7 +57,7 @@ export async function listResources(req: RequestWithOrgAndRole, res: Response, n
            .fullJoin(roleResources, eq(userResources.resourceId, roleResources.resourceId))
            .where(
                or(
-                    eq(userResources.userId, req.user!.id),
+                    eq(userResources.userId, req.user!.userId),
                    eq(roleResources.roleId, req.userOrgRoleId!)
                )
            );
@@ -111,4 +111,4 @@ export async function listResources(req: RequestWithOrgAndRole, res: Response, n
        logger.error(error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
    }
-}
+}
--- a/server/routers/site/createSite.ts
+++ b/server/routers/site/createSite.ts
@@ -75,7 +75,7 @@ export async function createSite(req: Request, res: Response, next: NextFunction
        .from(roles)
        .where(and(eq(roles.isSuperuserRole, true), eq(roles.orgId, orgId)))
        .limit(1);
-        
+
        if (superuserRole.length === 0) {
            return next(
                createHttpError(
@@ -84,20 +84,20 @@ export async function createSite(req: Request, res: Response, next: NextFunction
                )
            );
        }
-        
-        await db.insert(roleSites).values({ 
+
+        await db.insert(roleSites).values({
            roleId: superuserRole[0].roleId,
            siteId: newSite[0].siteId,
        });

        if (req.userOrgRoleId != superuserRole[0].roleId) {
            // make sure the user can access the site
-            db.insert(userSites).values({ 
-                userId: req.user?.id!,
+            db.insert(userSites).values({
+                userId: req.user?.userId!,
                siteId: newSite[0].siteId,
            });
        }
-        
+
        return response(res, {
            data: newSite[0],
            success: true,
--- a/server/routers/site/listSites.ts
+++ b/server/routers/site/listSites.ts
@@ -49,7 +49,7 @@ export async function listSites(req: Request, res: Response, next: NextFunction)
            .fullJoin(roleSites, eq(userSites.siteId, roleSites.siteId))
            .where(
                or(
-                    eq(userSites.userId, req.user!.id),
+                    eq(userSites.userId, req.user!.userId),
                    eq(roleSites.roleId, req.userOrgRoleId!)
                )
            );
@@ -104,4 +104,4 @@ export async function listSites(req: Request, res: Response, next: NextFunction)
        logger.error(error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
    }
-}
+}
--- a/server/routers/user/addUserAction.ts
+++ b/server/routers/user/addUserAction.ts
@@ -36,7 +36,7 @@ export async function addUserAction(req: Request, res: Response, next: NextFunct
        }

        // Check if the user exists
-        const user = await db.select().from(users).where(eq(users.id, userId)).limit(1);
+        const user = await db.select().from(users).where(eq(users.userId, userId)).limit(1);
        if (user.length === 0) {
            return next(createHttpError(HttpCode.NOT_FOUND, `User with ID ${userId} not found`));
        }
@@ -58,4 +58,4 @@ export async function addUserAction(req: Request, res: Response, next: NextFunct
        logger.error(error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
    }
-}
+}
--- a/server/routers/user/addUserOrg.ts
+++ b/server/routers/user/addUserOrg.ts
@@ -51,7 +51,7 @@ export async function addUserOrg(req: Request, res: Response, next: NextFunction
        }

        // Check if the user exists
-        const user = await db.select().from(users).where(eq(users.id, userId)).limit(1);
+        const user = await db.select().from(users).where(eq(users.userId, userId)).limit(1);
        if (user.length === 0) {
            return next(createHttpError(HttpCode.NOT_FOUND, `User with ID ${userId} not found`));
        }
@@ -84,4 +84,4 @@ export async function addUserOrg(req: Request, res: Response, next: NextFunction
        logger.error(error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
    }
-}
+}
--- a/server/routers/user/getUser.ts
+++ b/server/routers/user/getUser.ts
@@ -21,7 +21,7 @@ export async function getUser(
    next: NextFunction,
 ): Promise<any> {
    try {
-        const userId = req.user?.id;
+        const userId = req.user?.userId;

        if (!userId) {
            return next(
@@ -32,7 +32,7 @@ export async function getUser(
        const user = await db
            .select()
            .from(users)
-            .where(eq(users.id, userId))
+            .where(eq(users.userId, userId))
            .limit(1);

        if (user.length === 0) {
--- a/server/routers/user/listUsers.ts
+++ b/server/routers/user/listUsers.ts
@@ -52,7 +52,7 @@ export async function listUsers(req: Request, res: Response, next: NextFunction)
        // Query to join users, userOrgs, and roles tables
        const usersWithRoles = await db
            .select({
-                id: users.id,
+                id: users.userId,
                email: users.email,
                emailVerified: users.emailVerified,
                dateCreated: users.dateCreated,
@@ -61,7 +61,7 @@ export async function listUsers(req: Request, res: Response, next: NextFunction)
                roleName: roles.name,
            })
            .from(users)
-            .leftJoin(userOrgs, sql`${users.id} = ${userOrgs.userId}`)
+            .leftJoin(userOrgs, sql`${users.userId} = ${userOrgs.userId}`)
            .leftJoin(roles, sql`${userOrgs.roleId} = ${roles.roleId}`)
            .where(sql`${userOrgs.orgId} = ${orgId}`)
            .limit(limit)
@@ -90,4 +90,4 @@ export async function listUsers(req: Request, res: Response, next: NextFunction)
        logger.error(error);
        return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred..."));
    }
-}
+}