Delete unaccepted users upon merge user op

Fix: Permission error page displayed after user sign up if organization enforces SAML auth
Improvements
2025-08-28 18:55:53 +00:00 · 2024-06-11 18:41:35 -07:00 · 2024-06-12 00:55:33 +02:00 · 2024-06-12 00:28:11 +02:00 · 2024-06-11 04:04:42 +02:00
2 changed files with 13 additions and 3 deletions
--- a/backend/src/services/auth/auth-signup-service.ts
+++ b/backend/src/services/auth/auth-signup-service.ts
@@ -231,7 +231,7 @@ export const authSignupServiceFactory = ({

    const accessToken = jwt.sign(
      {
-        authMethod: AuthMethod.EMAIL,
+        authMethod: authMethod || AuthMethod.EMAIL,
        authTokenType: AuthTokenType.ACCESS_TOKEN,
        userId: updateduser.info.id,
        tokenVersionId: tokenSession.id,
@@ -244,7 +244,7 @@ export const authSignupServiceFactory = ({

    const refreshToken = jwt.sign(
      {
-        authMethod: AuthMethod.EMAIL,
+        authMethod: authMethod || AuthMethod.EMAIL,
        authTokenType: AuthTokenType.REFRESH_TOKEN,
        userId: updateduser.info.id,
        tokenVersionId: tokenSession.id,
--- a/backend/src/services/user/user-service.ts
+++ b/backend/src/services/user/user-service.ts
@@ -21,6 +21,7 @@ type TUserServiceFactoryDep = {
    | "findOneUserAction"
    | "createUserAction"
    | "findUserEncKeyByUserId"
+    | "delete"
  >;
  userAliasDAL: Pick<TUserAliasDALFactory, "find" | "insertMany">;
  orgMembershipDAL: Pick<TOrgMembershipDALFactory, "find" | "insertMany">;
@@ -85,7 +86,7 @@ export const userServiceFactory = ({
        tx
      );

-      // check if there are users with the same email.
+      // check if there are verified users with the same email.
      const users = await userDAL.find(
        {
          email,
@@ -134,6 +135,15 @@ export const userServiceFactory = ({
          );
        }
      } else {
+        await userDAL.delete(
+          {
+            email,
+            isAccepted: false,
+            isEmailVerified: false
+          },
+          tx
+        );
+
        // update current user's username to [email]
        await userDAL.updateById(
          user.id,
Author	SHA1	Message	Date
Tuan Dang	cb9dabe03f	Delete unaccepted users upon merge user op	2024-06-11 18:41:35 -07:00
Daniel Hougaard	7626dbb96e	Fix: Permission error page displayed after user sign up if organization enforces SAML auth	2024-06-12 00:55:33 +02:00
Daniel Hougaard	869be3c273	Improvements	2024-06-12 00:28:11 +02:00
Daniel Hougaard	985116c6f2	Update user-service.ts	2024-06-11 04:04:42 +02:00