Adjust authentication queries to reference Session ALS & currentUser global

Author: CarsonF

src/components/authentication/authentication.gel.repository.ts

@@ -165,32 +165,26 @@ export class AuthenticationGelRepository
     },
   );
 
-  async getCurrentPasswordHash(session: Session) {
-    return await this.db.run(this.getCurrentPasswordHashQuery, {
-      userId: session.userId,
-    });
+  async getCurrentPasswordHash() {
+    return await this.db.run(this.getCurrentPasswordHashQuery, {});
   }
-  private readonly getCurrentPasswordHashQuery = e.params(
-    { userId: e.uuid },
-    ({ userId }) => {
-      const user = e.cast(e.User, userId);
-      const identity = e.select(e.Auth.Identity, () => ({
-        filter_single: { user },
-      }));
-      return identity.passwordHash;
-    },
-  );
+  private readonly getCurrentPasswordHashQuery = e.params({}, () => {
+    const user = e.global.currentUser;
+    const identity = e.select(e.Auth.Identity, () => ({
+      filter_single: { user },
+    }));
+    return identity.passwordHash;
+  });
 
-  async updatePassword(newPasswordHash: string, session: Session) {
+  async updatePassword(newPasswordHash: string) {
     await this.db.run(this.updatePasswordQuery, {
-      userId: session.userId,
       passwordHash: newPasswordHash,
     });
   }
   private readonly updatePasswordQuery = e.params(
-    { userId: e.uuid, passwordHash: e.str },
-    ({ userId, passwordHash }) => {
-      const user = e.cast(e.User, userId);
+    { passwordHash: e.str },
+    ({ passwordHash }) => {
+      const user = e.global.currentUser;
       const identity = e.assert_exists(
         e.select(e.Auth.Identity, () => ({
           filter_single: { user },

src/components/authentication/authentication.repository.ts

@@ -222,7 +222,7 @@ export class AuthenticationRepository {
     return result?.roles ?? [];
   }
 
-  async getCurrentPasswordHash(session: Session) {
+  async getCurrentPasswordHash() {
     const result = await this.db
       .query()
       .match([
@@ -236,10 +236,7 @@ export class AuthenticationRepository {
     return result?.passwordHash ?? null;
   }
 
-  async updatePassword(
-    newPasswordHash: string,
-    session: Session,
-  ): Promise<void> {
+  async updatePassword(newPasswordHash: string): Promise<void> {
     await this.db
       .query()
       .match([

src/components/authentication/authentication.service.ts

@@ -92,7 +92,10 @@ export class AuthenticationService {
       throw new UnauthenticatedException('Invalid credentials');
     }
 
-    const userId = await this.repo.connectSessionToUser(input, session);
+    const userId = await this.repo.connectSessionToUser(
+      input,
+      this.sessionHost.current,
+    );
 
     if (!userId) {
       throw new ServerException('Login failed');
@@ -261,16 +264,16 @@ export class AuthenticationService {
     if (!oldPassword)
       throw new InputException('Old Password Required', 'oldPassword');
 
-    const hash = await this.repo.getCurrentPasswordHash(session);
+    const hash = await this.repo.getCurrentPasswordHash();
 
     if (!(await this.crypto.verify(hash, oldPassword))) {
       throw new UnauthenticatedException('Invalid credentials');
     }
 
     const newPasswordHash = await this.crypto.hash(newPassword);
-    await this.repo.updatePassword(newPasswordHash, session);
+    await this.repo.updatePassword(newPasswordHash);
 
-    await this.repo.deactivateAllOtherSessions(session);
+    await this.repo.deactivateAllOtherSessions(this.sessionHost.current);
   }
 
   async forgotPassword(email: string): Promise<void> {
@@ -306,7 +309,7 @@ export class AuthenticationService {
     await this.repo.updatePasswordViaEmailToken(emailToken, pash);
     await this.repo.deactivateAllOtherSessionsByEmail(
       emailToken.email,
-      session,
+      this.sessionHost.current,
     );
     await this.repo.removeAllEmailTokensForEmail(emailToken.email);
   }