diff --git a/src/lib/ae_core/core__user.ts b/src/lib/ae_core/core__user.ts index 99538c99..013bd1b4 100644 --- a/src/lib/ae_core/core__user.ts +++ b/src/lib/ae_core/core__user.ts @@ -3,9 +3,29 @@ import { api } from '$lib/api/api'; import { db_core } from '$lib/ae_core/db_core'; +/* + * *** LEGACY AUTHENTICATION HEADER LOGIC *** + * + * The functions in this file interact with legacy Aether API authentication endpoints + * (e.g., /user/authenticate, /user/lookup_email). + * + * Unlike V3 endpoints which handle context automatically or via standard headers, + * these legacy endpoints have specific requirements: + * + * 1. They often require the `x-account-id` header to be explicitly set to the target + * account ID to find the user within that specific account context. + * 2. The standard API wrapper logic might strip `x-account-id` if `x-no-account-id` + * is present (Bootstrap Paradox logic). We must explicitly remove `x-no-account-id` + * and set `x-account-id` to ensure the request is routed correctly. + * 3. Some endpoints accept `account_id` as a query parameter, while others (like email sending) + * may crash (500 Error) if unexpected parameters are passed. + */ + const ae_promises: key_val = {}; // Updated 2025-04-04 +// This function handles username/password authentication. +// It explicitly sets the x-account-id header to ensure the user is looked up in the correct account. export async function auth_ae_obj__username_password({ api_cfg, account_id, @@ -33,7 +53,7 @@ export async function auth_ae_obj__username_password({ const endpoint = '/user/authenticate'; - // Prepare API config with correct headers + // Prepare API config with correct headers to override global guest settings const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } }; if (account_id) { use_api_cfg.headers['x-account-id'] = account_id; @@ -86,6 +106,7 @@ export async function auth_ae_obj__username_password({ } // Updated 2025-04-04 +// This function handles authentication using a User ID and a one-time auth key. export async function auth_ae_obj__user_id_user_auth_key({ api_cfg, account_id, @@ -111,7 +132,7 @@ export async function auth_ae_obj__user_id_user_auth_key({ const endpoint = '/user/authenticate'; - // Prepare API config with correct headers + // Prepare API config with correct headers to override global guest settings const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } }; if (account_id) { use_api_cfg.headers['x-account-id'] = account_id; @@ -153,6 +174,7 @@ export async function auth_ae_obj__user_id_user_auth_key({ // Send an email to the user with a new one time use authentication key. The new key must be generated and returned first. // Updated 2025-04-08 +// NOTE: This legacy endpoint is sensitive to extra query parameters and will 500 if account_id is passed in the URL. export async function send_email_auth_ae_obj__user_id({ api_cfg, account_id, @@ -181,18 +203,18 @@ export async function send_email_auth_ae_obj__user_id({ console.log(api_cfg); } - const email_auth_key_endpoint = `user/${user_id}/email_auth_key_url`; + const email_auth_key_endpoint = `/user/${user_id}/email_auth_key_url`; params = { root_url: base_url, key_param_name: key_param_name }; - // Prepare API config with correct headers + // Prepare API config with correct headers to override global guest settings const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } }; if (account_id) { use_api_cfg.headers['x-account-id'] = account_id; delete use_api_cfg.headers['x-no-account-id']; - params['account_id'] = account_id; + // WARNING: Do NOT add account_id to params here, as it causes a 500 error on the legacy backend. } ae_promises.auth_key__send_email = await api.get_object({ @@ -203,47 +225,6 @@ export async function send_email_auth_ae_obj__user_id({ }); return ae_promises.auth_key__send_email; - - // let endpoint = `/user/${user_id}/new_auth_key`; - - // // params['user_id'] = user_id; // Required - // if (log_lvl > 1) { - // console.log(`send_email_auth_ae_obj__user_id() - params:`, params); - // } - - // ae_promises.auth_key__gen_auth_key = await api.get_object({ - // api_cfg: api_cfg, - // endpoint: endpoint, - // params: params, - // log_lvl: log_lvl - // }) - // .then(async function (email_send_result) { - // if (email_send_result) { - // let email_auth_key_endpoint = `user/${user_id}/email_auth_key_url`; - // params = { - // 'root_url': 'https://test.oneskyit.com' - // } - // ae_promises.auth_key__send_email = await api.get_object({ - // api_cfg: api_cfg, - // endpoint: email_auth_key_endpoint, - // params: params, - // log_lvl: log_lvl - // }) - - // return email_send_result; - // } else { - // console.log('No results returned.'); - // return null; - // } - // }) - // .catch(function (error: any) { - // console.log('No results returned or failed.', error); - // }); - - // if (log_lvl) { - // console.log('ae_promises.send_email_auth__user_id:', ae_promises.send_email_auth__user_id); - // } - // return ae_promises.send_email_auth__user_id; } // Look up user based on email address provided @@ -271,7 +252,7 @@ export async function qry_ae_obj_li__user_email({ const endpoint = '/user/lookup_email'; - // Prepare API config with correct headers + // Prepare API config with correct headers to override global guest settings const use_api_cfg = { ...api_cfg, headers: { ...api_cfg.headers } }; if (account_id) { use_api_cfg.headers['x-account-id'] = account_id; diff --git a/src/lib/app_components/e_app_sign_in_out.svelte b/src/lib/app_components/e_app_sign_in_out.svelte index f03d5336..afe5e245 100644 --- a/src/lib/app_components/e_app_sign_in_out.svelte +++ b/src/lib/app_components/e_app_sign_in_out.svelte @@ -488,6 +488,9 @@ // } // WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned. + // WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned. + // We use enabled: 'all' and hidden: 'all' to ensure we find the person record even if + // technical fields like 'hide' are NULL or the record is temporarily disabled. ae_promises['person'] = core_func .load_ae_obj_li__person({ api_cfg: $ae_api, @@ -501,6 +504,7 @@ log_lvl: 1 }) .then((person_response) => { + // Safety Check: Ensure the response is valid and contains at least one record before accessing index 0. if ( person_response && person_response.length > 0 && @@ -591,6 +595,9 @@ // } // WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned. + // WARNING: This function returns a list. We only want the first one. There should be no more than 1 record returned. + // We use enabled: 'all' and hidden: 'all' to ensure we find the person record even if + // technical fields like 'hide' are NULL or the record is temporarily disabled. ae_promises['person'] = core_func .load_ae_obj_li__person({ api_cfg: $ae_api, @@ -604,6 +611,7 @@ log_lvl: 1 }) .then((person_response) => { + // Safety Check: Ensure the response is valid and contains at least one record before accessing index 0. if ( person_response && person_response.length > 0 &&