From 7dcb7f30af082d95e3c11a5e9b71018813bd89b1 Mon Sep 17 00:00:00 2001 From: Steve Korshakov Date: Fri, 18 Jul 2025 23:33:44 -0700 Subject: [PATCH] fix: missing account id in response --- .../migration.sql | 5 ++++ prisma/schema.prisma | 29 ++++++++++--------- sources/app/api.ts | 9 +++--- 3 files changed, 26 insertions(+), 17 deletions(-) create mode 100644 prisma/migrations/20250719061508_add_response_account/migration.sql diff --git a/prisma/migrations/20250719061508_add_response_account/migration.sql b/prisma/migrations/20250719061508_add_response_account/migration.sql new file mode 100644 index 0000000..a966b96 --- /dev/null +++ b/prisma/migrations/20250719061508_add_response_account/migration.sql @@ -0,0 +1,5 @@ +-- AlterTable +ALTER TABLE "TerminalAuthRequest" ADD COLUMN "responseAccountId" TEXT; + +-- AddForeignKey +ALTER TABLE "TerminalAuthRequest" ADD CONSTRAINT "TerminalAuthRequest_responseAccountId_fkey" FOREIGN KEY ("responseAccountId") REFERENCES "Account"("id") ON DELETE SET NULL ON UPDATE CASCADE; diff --git a/prisma/schema.prisma b/prisma/schema.prisma index 170dc53..5c6d513 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -19,22 +19,25 @@ datasource db { // model Account { - id String @id @default(cuid()) - publicKey String @unique - seq Int @default(0) - createdAt DateTime @default(now()) - updatedAt DateTime @updatedAt - Session Session[] - Update Update[] - AccountPushToken AccountPushToken[] + id String @id @default(cuid()) + publicKey String @unique + seq Int @default(0) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt + Session Session[] + Update Update[] + AccountPushToken AccountPushToken[] + TerminalAuthRequest TerminalAuthRequest[] } model TerminalAuthRequest { - id String @id @default(cuid()) - publicKey String @unique - response String? - createdAt DateTime @default(now()) - updatedAt DateTime @updatedAt + id String @id @default(cuid()) + publicKey String @unique + response String? + responseAccountId String? + responseAccount Account? @relation(fields: [responseAccountId], references: [id]) + createdAt DateTime @default(now()) + updatedAt DateTime @updatedAt } model AccountPushToken { diff --git a/sources/app/api.ts b/sources/app/api.ts index 9f72cf7..2441543 100644 --- a/sources/app/api.ts +++ b/sources/app/api.ts @@ -188,12 +188,12 @@ export async function startApi() { const answer = await db.terminalAuthRequest.upsert({ where: { publicKey: privacyKit.encodeHex(publicKey) }, - update: { updatedAt: new Date() }, + update: {}, create: { publicKey: privacyKit.encodeHex(publicKey) } }); - if (answer.response) { - const token = await tokenGenerator.new({ user: answer.id, extras: { session: answer.id } }); + if (answer.response && answer.responseAccountId) { + const token = await tokenGenerator.new({ user: answer.responseAccountId!, extras: { session: answer.id } }); return reply.send({ state: 'authorized', token: token, @@ -206,6 +206,7 @@ export async function startApi() { // Approve auth request typed.post('/v1/auth/response', { + preHandler: app.authenticate, schema: { body: z.object({ response: z.string(), @@ -227,7 +228,7 @@ export async function startApi() { if (!authRequest.response) { await db.terminalAuthRequest.update({ where: { id: authRequest.id }, - data: { response: request.body.response } + data: { response: request.body.response, responseAccountId: request.user.id } }); } return reply.send({ success: true });