diff --git a/src/modules/auth/auth.controller.ts b/src/modules/auth/auth.controller.ts index 692f94382..d5a8e7b14 100644 --- a/src/modules/auth/auth.controller.ts +++ b/src/modules/auth/auth.controller.ts @@ -174,7 +174,7 @@ export class AuthController { duration: 60, errorMessage: 'Wait for 60 seconds before trying to merge accounts again', }) - async merge(@Body('token') token: string): Promise { + async merge(@Body('token') token: string): Promise<{ success: true }> { return this.authService.mergeUsers(token); } } diff --git a/src/modules/auth/auth.service.ts b/src/modules/auth/auth.service.ts index c1c038855..dd75db4e2 100644 --- a/src/modules/auth/auth.service.ts +++ b/src/modules/auth/auth.service.ts @@ -702,7 +702,7 @@ export class AuthService { return ids; } - async mergeUsers(token: string): Promise { + async mergeUsers(token: string): Promise<{ success: true }> { let baseUserId: number | undefined = undefined; let mergeUserId: number | undefined = undefined; try { @@ -718,7 +718,10 @@ export class AuthService { return this.merge(baseUserId, mergeUserId); } - private async merge(baseUserId: number, mergeUserId: number): Promise { + private async merge( + baseUserId: number, + mergeUserId: number, + ): Promise<{ success: true }> { const baseUser = await this.prisma.users.findOne({ where: { id: baseUserId }, }); @@ -727,9 +730,26 @@ export class AuthService { }); if (!baseUser || !mergeUser) throw new NotFoundException(USER_NOT_FOUND); - const combinedUser = { ...baseUser }; - Object.keys(mergeUser).forEach((key) => { - if (mergeUser[key]) combinedUser[key] = mergeUser[key]; + const combinedUser: Record = {}; + [ + 'checkLocationOnLogin', + 'countryCode', + 'gender', + 'name', + 'notificationEmails', + 'active', + 'prefersLanguage', + 'prefersColorScheme', + 'prefersReducedMotion', + 'profilePictureUrl', + 'role', + 'timezone', + 'twoFactorMethod', + 'twoFactorPhone', + 'twoFactorSecret', + 'attributes', + ].forEach((key) => { + if (mergeUser[key] != null) combinedUser[key] = mergeUser[key]; }); await this.prisma.users.update({ where: { id: baseUserId }, @@ -744,6 +764,7 @@ export class AuthService { this.prisma.backupCodes, this.prisma.identities, this.prisma.auditLogs, + this.prisma.apiKeys, ]) { for await (const item of await (dataType as emailsDelegate).findMany({ where: { user: { id: mergeUserId } }, @@ -754,5 +775,8 @@ export class AuthService { data: { user: { connect: { id: baseUserId } } }, }); } + + await this.prisma.users.delete({ where: { id: mergeUser.id } }); + return { success: true }; } } diff --git a/src/modules/users/users.controller.ts b/src/modules/users/users.controller.ts index a938ae767..f3fd9e6c8 100644 --- a/src/modules/users/users.controller.ts +++ b/src/modules/users/users.controller.ts @@ -69,7 +69,7 @@ export class UserController { async mergeRequest( @Param('userId', ParseIntPipe) id: number, @Body('email') email: string, - ): Promise { + ): Promise<{ queued: true }> { return this.usersService.requestMerge(Number(id), email); } } diff --git a/src/modules/users/users.service.ts b/src/modules/users/users.service.ts index a2ac7d86d..b8bf1e6ef 100644 --- a/src/modules/users/users.service.ts +++ b/src/modules/users/users.service.ts @@ -111,7 +111,7 @@ export class UsersService { return this.prisma.expose(user); } - async requestMerge(userId: number, email: string): Promise { + async requestMerge(userId: number, email: string): Promise<{ queued: true }> { const emailSafe = safeEmail(email); const user = await this.prisma.users.findFirst({ where: { emails: { some: { emailSafe } } }, @@ -122,7 +122,7 @@ export class UsersService { const minutes = parseInt( this.configService.get('security.mergeUsersTokenExpiry') ?? '', ); - return this.email.send({ + this.email.send({ to: `"${user.name}" <${user.prefersEmail.email}>`, template: 'auth/mfa-code', data: { @@ -137,5 +137,6 @@ export class UsersService { )}`, }, }); + return { queued: true }; } }