Fixes

stack-auth · Dec 27, 2024 · c98ab27 · c98ab27
1 parent 8b723cd
commit c98ab27
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 114 deletions.
diff --git a/apps/backend/src/app/api/v1/users/crud.tsx b/apps/backend/src/app/api/v1/users/crud.tsx
@@ -248,14 +248,6 @@ export function getUserQuery(projectId: string, userId: string): RawQuery<UsersC
                 FROM "Event"
                 WHERE data->>'projectId' = "ProjectUser"."projectId" AND ("data"->>'userId')::UUID = "ProjectUser"."projectUserId" AND "systemEventTypeIds" @> '{"$user-activity"}'
               ),
-              'UserActivityEvents', (
-                SELECT COALESCE(ARRAY_AGG(
-                  to_jsonb("Event") ||
-                  jsonb_build_object()
-                ), '{}')
-                FROM "Event"
-                WHERE "Event".data->>'projectId' = "ProjectUser"."projectId" AND ("Event".data->>'userId')::UUID = "ProjectUser"."projectUserId" AND "Event"."systemEventTypeIds" @> '{"$user-activity"}'
-              ),
               'ContactChannels', (
                 SELECT COALESCE(ARRAY_AGG(
                   to_jsonb("ContactChannel") ||
@@ -328,106 +320,7 @@ export function getUserQuery(projectId: string, userId: string): RawQuery<UsersC
         )
       ) AS "row_data_json"
     `,
-    postProcess: async (queryResult) => {
-      /*
-  const selectedTeamMembers = prisma.teamMembers;
-  if (selectedTeamMembers.length > 1) {
-    throw new StackAssertionError("User cannot have more than one selected team; this should never happen");
-  }
-
-  // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition
-  const primaryEmailContactChannel = prisma.contactChannels.find((c) => c.type === 'EMAIL' && c.isPrimary);
-  const passwordAuth = prisma.authMethods.find((m) => m.passwordAuthMethod);
-  const otpAuth = prisma.authMethods.find((m) => m.otpAuthMethod);
-  const passkeyAuth = prisma.authMethods.find((m) => m.passkeyAuthMethod);
-
-  return {
-    id: prisma.projectUserId,
-    display_name: prisma.displayName || null,
-    primary_email: primaryEmailContactChannel?.value || null,
-    primary_email_verified: !!primaryEmailContactChannel?.isVerified,
-    primary_email_auth_enabled: !!primaryEmailContactChannel?.usedForAuth,
-    profile_image_url: prisma.profileImageUrl,
-    signed_up_at_millis: prisma.createdAt.getTime(),
-    client_metadata: prisma.clientMetadata,
-    client_read_only_metadata: prisma.clientReadOnlyMetadata,
-    server_metadata: prisma.serverMetadata,
-    has_password: !!passwordAuth,
-    otp_auth_enabled: !!otpAuth,
-    auth_with_email: !!passwordAuth || !!otpAuth,
-    requires_totp_mfa: prisma.requiresTotpMfa,
-    passkey_auth_enabled: !!passkeyAuth,
-    oauth_providers: prisma.projectUserOAuthAccounts.map((a) => ({
-      id: a.oauthProviderConfigId,
-      account_id: a.providerAccountId,
-      email: a.email,
-    })),
-    selected_team_id: selectedTeamMembers[0]?.teamId ?? null,
-    selected_team: selectedTeamMembers[0] ? teamPrismaToCrud(selectedTeamMembers[0]?.team) : null,
-    last_active_at_millis: lastActiveAtMillis,
-  };
-
-
-[
-  {
-    row_data_json: [
-      {
-        createdAt: '2024-12-27T01:18:14.979',
-        projectId: 'internal',
-        updatedAt: '2024-12-27T01:18:14.979',
-        totpSecret: null,
-        AuthMethods: [
-          {
-            id: '61d03adb-4121-4315-a930-ecfd99148811',
-            createdAt: '2024-12-27T01:18:15.17',
-            projectId: 'internal',
-            updatedAt: '2024-12-27T01:18:15.17',
-            OtpAuthMethod: [
-              {
-                createdAt: '2024-12-27T01:18:15.17',
-                projectId: 'internal',
-                updatedAt: '2024-12-27T01:18:15.17',
-                authMethodId: '61d03adb-4121-4315-a930-ecfd99148811',
-                projectUserId: 'be796835-b849-478f-93c8-a0827c4eff35'
-              }
-            ],
-            projectUserId: 'be796835-b849-478f-93c8-a0827c4eff35',
-            OAuthAuthMethod: null,
-            projectConfigId: 'f1d1732c-3061-41b0-bce4-09e0c5c009fc',
-            PasskeyAuthMethod: null,
-            PasswordAuthMethod: null,
-            authMethodConfigId: '27aa9ab1-664f-4910-97a0-a50c382c7e4f'
-          }
-        ],
-        displayName: null,
-        projectUserId: 'be796835-b849-478f-93c8-a0827c4eff35',
-        clientMetadata: null,
-        serverMetadata: null,
-        ContactChannels: [
-          {
-            id: '9a191986-97f9-42b8-99d0-db5a684ae88a',
-            type: 'EMAIL',
-            value: 'default-mailbox--28598bbe-79ed-44e6-b476-e6ffaa3a2dd5@stack-generated.example.com',
-            createdAt: '2024-12-27T01:18:15.071',
-            isPrimary: 'TRUE',
-            projectId: 'internal',
-            updatedAt: '2024-12-27T01:18:15.071',
-            isVerified: true,
-            usedForAuth: 'TRUE',
-            projectUserId: 'be796835-b849-478f-93c8-a0827c4eff35'
-          }
-        ],
-        profileImageUrl: null,
-        requiresTotpMfa: false,
-        SelectedTeamMember: null,
-        clientReadOnlyMetadata: null,
-        ProjectUserOAuthAccounts: null
-      }
-    ]
-  }
-]
-      */
-
+    postProcess: (queryResult) => {
       if (queryResult.length === 0) {
         return null;
       }

diff --git a/apps/backend/src/prisma-client.tsx b/apps/backend/src/prisma-client.tsx
@@ -43,7 +43,7 @@ export async function retryTransaction<T>(fn: (...args: Parameters<Parameters<ty
 
 export type RawQuery<T> = {
   sql: Prisma.Sql,
-  postProcess: (rows: any[]) => Promise<T>,
+  postProcess: (rows: any[]) => T,  // Tip: If your postProcess is async, just set T = Promise<any> (compared to doing Promise.all in rawQuery, this ensures that there are no accidental timing attacks)
 };
 
 export async function rawQuery<Q extends RawQuery<any>>(query: Q): Promise<Awaited<ReturnType<Q["postProcess"]>>> {
@@ -83,8 +83,7 @@ async function rawQueryArray<Q extends RawQuery<any>[]>(queries: Q): Promise<[]
     const index = +type.slice(1);
     unprocessed[index].push(row.json);
   }
-  const postProcessed = await Promise.all(
-    queries.map((q, index) => q.postProcess(unprocessed[index]))
-  );
+  const postProcessed = queries.map((q, index) => q.postProcess(unprocessed[index]));
   return postProcessed as any;
 }
+
diff --git a/apps/backend/src/route-handlers/smart-request.tsx b/apps/backend/src/route-handlers/smart-request.tsx
@@ -216,7 +216,6 @@ const parseAuth = withTraceSpan('smart request parseAuth', async (req: NextReque
     isClientKeyValid: () => projectId && publishableClientKey && requestType === "client" ? checkApiKeySet(projectId, { publishableClientKey }) : Promise.resolve(false),
     isServerKeyValid: () => projectId && secretServerKey && requestType === "server" ? checkApiKeySet(projectId, { secretServerKey }) : Promise.resolve(false),
     isAdminKeyValid: () => projectId && superSecretAdminKey && requestType === "admin" ? checkApiKeySet(projectId, { superSecretAdminKey }) : Promise.resolve(false),
-    user: () => projectId && accessToken ? extractUserFromAccessToken({ token: accessToken, projectId }) : Promise.resolve(null),
     internalUser: () => projectId && adminAccessToken ? extractUserFromAdminAccessToken({ token: adminAccessToken, projectId }) : Promise.resolve(null),
   } as const;
   const results: [string, Promise<any>][] = [];
@@ -285,7 +284,7 @@ const parseAuth = withTraceSpan('smart request parseAuth', async (req: NextReque
 
   return {
     project,
-    user: await queries.user ?? undefined,
+    user: queriesResults.user ?? undefined,
     type: requestType,
   };
 });