Fix login stuff?

2026-03-05 02:06:41 +00:00 · 2024-10-06 18:43:20 -04:00
parent 06eb1544f4
commit d144704066
11 changed files with 76 additions and 37 deletions
--- a/server/routers/external.ts
+++ b/server/routers/external.ts
@@ -93,7 +93,8 @@ authenticated.delete(

 authenticated.get("/users", user.listUsers);
 // authenticated.get("/org/:orgId/users", user.???); // TODO: Implement this
-authenticated.get("/user/:userId", user.getUser);
+authenticated.get("/user", user.getUser);
+// authenticated.get("/user/:userId", user.getUser);
 authenticated.delete("/user/:userId", user.deleteUser);

 // Auth routes
--- a/server/routers/user/getUser.ts
+++ b/server/routers/user/getUser.ts
@@ -9,29 +9,20 @@ import createHttpError from 'http-errors';
 import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
 import logger from '@server/logger';

-const getUserSchema = z.object({
-    userId: z.string().uuid()
-});

 export async function getUser(req: Request, res: Response, next: NextFunction): Promise<any> {
    try {
-        const parsedParams = getUserSchema.safeParse(req.params);
-        if (!parsedParams.success) {
-            return next(
-                createHttpError(
-                    HttpCode.BAD_REQUEST,
-                    parsedParams.error.errors.map(e => e.message).join(', ')
-                )
-            );
+        const userId = req.user?.id;
+        
+        if (!userId) {
+            return next(createHttpError(HttpCode.UNAUTHORIZED, "User not found"));
        }

-        const { userId } = parsedParams.data;
-
-        // Check if the user has permission to list sites
-        const hasPermission = await checkUserActionPermission(ActionsEnum.getUser, req);
-        if (!hasPermission) {
-            return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
-        }
+        // // Check if the user has permission to list sites
+        // const hasPermission = await checkUserActionPermission(ActionsEnum.getUser, req);
+        // if (!hasPermission) {
+        //     return next(createHttpError(HttpCode.FORBIDDEN, 'User does not have permission to list sites'));
+        // }

        const user = await db.select()
            .from(users)
@@ -47,11 +38,12 @@ export async function getUser(req: Request, res: Response, next: NextFunction):
            );
        }

-        // Remove passwordHash from the response
-        const { passwordHash: _, ...userWithoutPassword } = user[0];
-
        return response(res, {
-            data: userWithoutPassword,
+            data: {
+                email: user[0].email,
+                twoFactorEnabled: user[0].twoFactorEnabled,
+                emailVerified: user[0].emailVerified
+            },
            success: true,
            error: false,
            message: "User retrieved successfully",