Add admin session minting endpoint

thezzisu · thezzisu · commit f28359b5b9a3 · 2026-02-08T20:17:16.000+08:00
diff --git a/services/web/app/src/Features/Admin/AdminSessionController.js b/services/web/app/src/Features/Admin/AdminSessionController.js
@@ -0,0 +1,35 @@
+const AuthenticationController = require('../Authentication/AuthenticationController')
+const EmailHelper = require('../Helpers/EmailHelper')
+const UserGetter = require('../User/UserGetter')
+
+async function createSession(req, res) {
+  const email = EmailHelper.parseEmail(req.body?.email)
+  if (!email) {
+    return res.status(400).json({ error: 'invalid_email' })
+  }
+
+  const user = await UserGetter.promises.getUserByAnyEmail(email)
+
+  if (!user) {
+    return res.sendStatus(404)
+  }
+
+  if (user.suspended) {
+    return res.status(403).json({ error: 'account_suspended' })
+  }
+
+  await AuthenticationController.promises.createSessionForUser(user, req)
+
+  return res.status(201).json({
+    user: {
+      id: user._id.toString(),
+      email: user.email,
+      first_name: user.first_name,
+      last_name: user.last_name,
+    },
+  })
+}
+
+module.exports = {
+  createSession,
+}
diff --git a/services/web/app/src/Features/Authentication/AuthenticationController.js b/services/web/app/src/Features/Authentication/AuthenticationController.js
@@ -663,8 +663,16 @@ function _loginAsyncHandlers(req, user, anonymousAnalyticsId, isNewUser) {
   return (user._login_req_ip = req.ip)
 }
 
+AuthenticationController.createSessionForUser = function (user, req, callback) {
+  const anonymousAnalyticsId = req.session.analyticsId
+  const isNewUser = req.session.justRegistered || false
+  _loginAsyncHandlers(req, user, anonymousAnalyticsId, isNewUser)
+  _afterLoginSessionSetup(req, user, callback)
+}
+
 AuthenticationController.promises = {
   finishLogin: AuthenticationController._finishLoginAsync,
+  createSessionForUser: promisify(AuthenticationController.createSessionForUser),
 }
 
 module.exports = AuthenticationController
diff --git a/services/web/app/src/router.mjs b/services/web/app/src/router.mjs
@@ -22,6 +22,7 @@ import UserInfoController from './Features/User/UserInfoController.js'
 import UserController from './Features/User/UserController.js'
 import UserEmailsController from './Features/User/UserEmailsController.js'
 import UserPagesController from './Features/User/UserPagesController.js'
+import AdminSessionController from './Features/Admin/AdminSessionController.js'
 import TutorialController from './Features/Tutorial/TutorialController.js'
 import DocumentController from './Features/Documents/DocumentController.js'
 import CompileManager from './Features/Compile/CompileManager.js'
@@ -496,6 +497,12 @@ async function initialize(webRouter, privateApiRouter, publicApiRouter) {
     UserInfoController.getPersonalInfo
   )
 
+  privateApiRouter.post(
+    '/api/v1/admin/session',
+    AuthenticationController.requirePrivateApiAuth(),
+    AdminSessionController.createSession
+  )
+
   webRouter.get(
     '/user/reconfirm',
     UserPagesController.renderReconfirmAccountPage
