fix: missing account id in response

2025-07-18 23:33:44 -07:00 · 2025-07-18 23:33:44 -07:00 · 7dcb7f30af
commit 7dcb7f30af
parent c17aaf25cb
3 changed files with 26 additions and 17 deletions
--- a/prisma/migrations/20250719061508_add_response_account/migration.sql
+++ b/prisma/migrations/20250719061508_add_response_account/migration.sql
@ -0,0 +1,5 @@
+-- AlterTable
+ALTER TABLE "TerminalAuthRequest" ADD COLUMN     "responseAccountId" TEXT;
+
+-- AddForeignKey
+ALTER TABLE "TerminalAuthRequest" ADD CONSTRAINT "TerminalAuthRequest_responseAccountId_fkey" FOREIGN KEY ("responseAccountId") REFERENCES "Account"("id") ON DELETE SET NULL ON UPDATE CASCADE;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@ -19,22 +19,25 @@ datasource db {
 //

 model Account {
-    id               String             @id @default(cuid())
-    publicKey        String             @unique
-    seq              Int                @default(0)
-    createdAt        DateTime           @default(now())
-    updatedAt        DateTime           @updatedAt
-    Session          Session[]
-    Update           Update[]
-    AccountPushToken AccountPushToken[]
+    id                  String                @id @default(cuid())
+    publicKey           String                @unique
+    seq                 Int                   @default(0)
+    createdAt           DateTime              @default(now())
+    updatedAt           DateTime              @updatedAt
+    Session             Session[]
+    Update              Update[]
+    AccountPushToken    AccountPushToken[]
+    TerminalAuthRequest TerminalAuthRequest[]
 }

 model TerminalAuthRequest {
-    id        String   @id @default(cuid())
-    publicKey String   @unique
-    response  String?
-    createdAt DateTime @default(now())
-    updatedAt DateTime @updatedAt
+    id                String   @id @default(cuid())
+    publicKey         String   @unique
+    response          String?
+    responseAccountId String?
+    responseAccount   Account? @relation(fields: [responseAccountId], references: [id])
+    createdAt         DateTime @default(now())
+    updatedAt         DateTime @updatedAt
 }

 model AccountPushToken {
--- a/sources/app/api.ts
+++ b/sources/app/api.ts
@ -188,12 +188,12 @@ export async function startApi() {

        const answer = await db.terminalAuthRequest.upsert({
            where: { publicKey: privacyKit.encodeHex(publicKey) },
-            update: { updatedAt: new Date() },
+            update: {},
            create: { publicKey: privacyKit.encodeHex(publicKey) }
        });

-        if (answer.response) {
-            const token = await tokenGenerator.new({ user: answer.id, extras: { session: answer.id } });
+        if (answer.response && answer.responseAccountId) {
+            const token = await tokenGenerator.new({ user: answer.responseAccountId!, extras: { session: answer.id } });
            return reply.send({
                state: 'authorized',
                token: token,
@ -206,6 +206,7 @@ export async function startApi() {

    // Approve auth request
    typed.post('/v1/auth/response', {
+        preHandler: app.authenticate,
        schema: {
            body: z.object({
                response: z.string(),
@ -227,7 +228,7 @@ export async function startApi() {
        if (!authRequest.response) {
            await db.terminalAuthRequest.update({
                where: { id: authRequest.id },
-                data: { response: request.body.response }
+                data: { response: request.body.response, responseAccountId: request.user.id }
            });
        }
        return reply.send({ success: true });