Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): resolve sign-in crashes and email authentication 500 error

Browse Source 
- Refactored authentication calls in core__user.ts to explicitly set x-account-id and remove x-no-account-id, ensuring correct account context for legacy endpoints.
- Updated emailed sign-in link logic to use the correct /user/{user_id}/email_auth_key_url endpoint and avoid 500 crashes caused by extraneous URL parameters.
- Fixed person search query field names (enable/hide) and broadened search scope to 'all' to ensure records are found regardless of status.
- Added safety checks and documentation to prevent UI crashes when API responses are empty or NULL.
This commit is contained in:
Scott Idem
2026-01-15 14:03:49 -05:00
parent b88d5fbabf
commit 7ce9c5e093
2 changed files with 36 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
src/lib/ae_core/core__user.ts
View File

@@ -3,9 +3,29 @@ import { api } from '$lib/api/api';
import { db_core } from '$lib/ae_core/db_core';
/*
* *** LEGACY AUTHENTICATION HEADER LOGIC ***
*
* The functions in this file interact with legacy Aether API authentication endpoints
* (e.g., /user/authenticate, /user/lookup_email).
*
* Unlike V3 endpoints which handle context automatically or via standard headers,
* these legacy endpoints have specific requirements:
*
* 1. They often require the `x-account-id` header to be explicitly set to the target
* account ID to find the user within that specific account context.
* 2. The standard API wrapper logic might strip `x-account-id` if `x-no-account-id`
* is present (Bootstrap Paradox logic). We must explicitly remove `x-no-account-id`
* and set `x-account-id` to ensure the request is routed correctly.
* 3. Some endpoints accept `account_id` as a query parameter, while others (like email sending)
* may crash (500 Error) if unexpected parameters are passed.
*/
const ae_promises: key_val = {};
// Updated 2025-04-04
// This function handles username/password authentication.
// It explicitly sets the x-account-id header to ensure the user is looked up in the correct account.
export async function auth_ae_obj__username_password({
api_cfg,
account_id,
@@ -33,7 +53,7 @@ export async function auth_ae_obj__username_password({
const endpoint = '/user/authenticate';
// Prepare API config with correct headers
// Prepare API config with correct headers to override global guest settings
const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } };
if (account_id) {
use_api_cfg.headers['x-account-id'] = account_id;
@@ -86,6 +106,7 @@ export async function auth_ae_obj__username_password({
}
// Updated 2025-04-04
// This function handles authentication using a User ID and a one-time auth key.
export async function auth_ae_obj__user_id_user_auth_key({
api_cfg,
account_id,
@@ -111,7 +132,7 @@ export async function auth_ae_obj__user_id_user_auth_key({
const endpoint = '/user/authenticate';
// Prepare API config with correct headers
// Prepare API config with correct headers to override global guest settings
const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } };
if (account_id) {
use_api_cfg.headers['x-account-id'] = account_id;
@@ -153,6 +174,7 @@ export async function auth_ae_obj__user_id_user_auth_key({
// Send an email to the user with a new one time use authentication key. The new key must be generated and returned first.
// Updated 2025-04-08
// NOTE: This legacy endpoint is sensitive to extra query parameters and will 500 if account_id is passed in the URL.
export async function send_email_auth_ae_obj__user_id({
api_cfg,
account_id,
@@ -181,18 +203,18 @@ export async function send_email_auth_ae_obj__user_id({
console.log(api_cfg);
}
const email_auth_key_endpoint = `user/${user_id}/email_auth_key_url`;
const email_auth_key_endpoint = `/user/${user_id}/email_auth_key_url`;
params = {
root_url: base_url,
key_param_name: key_param_name
};
// Prepare API config with correct headers
// Prepare API config with correct headers to override global guest settings
const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } };
if (account_id) {
use_api_cfg.headers['x-account-id'] = account_id;
delete use_api_cfg.headers['x-no-account-id'];
params['account_id'] = account_id;
// WARNING: Do NOT add account_id to params here, as it causes a 500 error on the legacy backend.
}
ae_promises.auth_key__send_email = await api.get_object({
@@ -203,47 +225,6 @@ export async function send_email_auth_ae_obj__user_id({
});
return ae_promises.auth_key__send_email;
// let endpoint = `/user/${user_id}/new_auth_key`;
// // params['user_id'] = user_id; // Required
// if (log_lvl > 1) {
// console.log(`send_email_auth_ae_obj__user_id() - params:`, params);
// }
// ae_promises.auth_key__gen_auth_key = await api.get_object({
// api_cfg: api_cfg,
// endpoint: endpoint,
// params: params,
// log_lvl: log_lvl
// })
// .then(async function (email_send_result) {
// if (email_send_result) {
// let email_auth_key_endpoint = `user/${user_id}/email_auth_key_url`;
// params = {
// 'root_url': 'https://test.oneskyit.com'
// }
// ae_promises.auth_key__send_email = await api.get_object({
// api_cfg: api_cfg,
// endpoint: email_auth_key_endpoint,
// params: params,
// log_lvl: log_lvl
// })
// return email_send_result;
// } else {
// console.log('No results returned.');
// return null;
// }
// })
// .catch(function (error: any) {
// console.log('No results returned or failed.', error);
// });
// if (log_lvl) {
// console.log('ae_promises.send_email_auth__user_id:', ae_promises.send_email_auth__user_id);
// }
// return ae_promises.send_email_auth__user_id;
}
// Look up user based on email address provided
@@ -271,7 +252,7 @@ export async function qry_ae_obj_li__user_email({
const endpoint = '/user/lookup_email';
// Prepare API config with correct headers
// Prepare API config with correct headers to override global guest settings
const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } };
if (account_id) {
use_api_cfg.headers['x-account-id'] = account_id;

8
src/lib/app_components/e_app_sign_in_out.svelte
View File

@@ -488,6 +488,9 @@
// }
// WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned.
// WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned.
// We use enabled: 'all' and hidden: 'all' to ensure we find the person record even if
// technical fields like 'hide' are NULL or the record is temporarily disabled.
ae_promises['person'] = core_func
.load_ae_obj_li__person({
api_cfg: $ae_api,
@@ -501,6 +504,7 @@
log_lvl: 1
})
.then((person_response) => {
// Safety Check: Ensure the response is valid and contains at least one record before accessing index 0.
if (
person_response &&
person_response.length > 0 &&
@@ -591,6 +595,9 @@
// }
// WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned.
// WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned.
// We use enabled: 'all' and hidden: 'all' to ensure we find the person record even if
// technical fields like 'hide' are NULL or the record is temporarily disabled.
ae_promises['person'] = core_func
.load_ae_obj_li__person({
api_cfg: $ae_api,
@@ -604,6 +611,7 @@
log_lvl: 1
})
.then((person_response) => {
// Safety Check: Ensure the response is valid and contains at least one record before accessing index 0.
if (
person_response &&
person_response.length > 0 &&