Merged in feat/SW-3549-pass-scandic-token (pull request #2989)

Feat/SW-3549 pass scandic token * WIP pass scandic token * pass scandic token when booking * Merge branch 'master' of bitbucket.org:scandic-swap/web into feat/SW-3549-pass-scandic-token * pass user token when doing availability search * undo changes * merge * Merged in fix/sw-3551-rsc-bookingflowconfig (pull request #2988) fix(SW-3551): Fix issue with BookingConfigProvider in RSC * wip move config to pages * Move config providing to pages * Merged in fix/update-promo-error-modal-text (pull request #2990) fix: update promo error modal text * fix: update promo error modal text Approved-by: Emma Zettervall * Merged in fix/sw-3514-missing-membership-input-for-multiroom (pull request #2991) fix(SW-3514): Show join Scandic Friends card for SAS multiroom * Show join card for room 2+ Approved-by: Hrishikesh Vaipurkar * Merged in feat/lokalise-rebuild (pull request #2993) Feat/lokalise rebuild * chore(lokalise): update translation ids * chore(lokalise): easier to switch between projects * chore(lokalise): update translation ids * . * . * . * . * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * . * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * . * . * chore(lokalise): update translation ids * chore(lokalise): update translation ids * chore(lokalise): new translations * merge * switch to errors for missing id's * merge * sync translations Approved-by: Linus Flood * Merged in feat/SW-3552-logout-from-social-session-when- (pull request #2994) feat(SW-3552): Removed scandic session on logout Approved-by: Joakim Jäderberg * merge * replace getRedemptionTokenSafely() with context based instead * Refactor user verification and error handling across multiple components; implement safeTry utility for safer async calls * Refactor user verification and error handling across multiple components; implement safeTry utility for safer async calls * merge * Merge branch 'master' of bitbucket.org:scandic-swap/web into feat/SW-3549-pass-scandic-token * add booking scope remove unused getMembershipNumber() Approved-by: Anton Gunnarsson Approved-by: Hrishikesh Vaipurkar
2025-10-24 13:17:02 +00:00
parent c473bbc8b0
commit 3b3e7308cc
36 changed files with 558 additions and 503 deletions
--- a/packages/trpc/lib/routers/user/query/index.ts
+++ b/packages/trpc/lib/routers/user/query/index.ts
@@ -1,8 +1,10 @@
 import { createCounter } from "@scandic-hotels/common/telemetry"
+import { safeTry } from "@scandic-hotels/common/utils/safeTry"

 import { router } from "../../.."
 import * as api from "../../../api"
 import { Transactions } from "../../../enums/transactions"
+import { notFound } from "../../../errors"
 import {
  languageProtectedProcedure,
  protectedProcedure,
@@ -42,30 +44,25 @@ export const userQueryRouter = router({
      })
    })
    .query(async function getUser({ ctx }) {
-      const data = await getVerifiedUser({ session: ctx.session })
-
-      if (!data) {
-        return null
+      const user = await ctx.getScandicUser()
+      if (!user) {
+        throw notFound()
      }

-      if ("error" in data && data.error) {
-        return data
-      }
-
-      return parsedUser(data.data, !ctx.isMFA)
+      return parsedUser(user, !ctx.isMFA)
    }),
  getSafely: safeProtectedProcedure.query(async function getUser({ ctx }) {
    if (!isValidSession(ctx.session)) {
      return null
    }

-    const data = await getVerifiedUser({ session: ctx.session })
+    const user = await ctx.getScandicUser()

-    if (!data || "error" in data) {
+    if (!user) {
      return null
    }

-    return parsedUser(data.data, false)
+    return parsedUser(user, false)
  }),
  getWithExtendedPartnerData: safeProtectedProcedure.query(
    async function getUser({ ctx }) {
@@ -73,60 +70,49 @@ export const userQueryRouter = router({
        return null
      }

-      const data = await getVerifiedUser({
-        session: ctx.session,
-        includeExtendedPartnerData: true,
-      })
+      const user = await ctx.getScandicUser()

-      if (!data || "error" in data) {
+      if (!user) {
        return null
      }

-      return parsedUser(data.data, false)
+      return parsedUser(user, false)
    }
  ),
  name: safeProtectedProcedure.query(async function ({ ctx }) {
    if (!isValidSession(ctx.session)) {
      return null
    }
-    const verifiedData = await getVerifiedUser({ session: ctx.session })
+    const user = await ctx.getScandicUser()

-    if (!verifiedData || "error" in verifiedData) {
+    if (!user) {
      return null
    }
    return {
-      firstName: verifiedData.data.firstName,
-      lastName: verifiedData.data.lastName,
+      firstName: user.firstName,
+      lastName: user.lastName,
    }
  }),
  membershipLevel: protectedProcedure.query(async function ({ ctx }) {
-    const verifiedData = await getVerifiedUser({ session: ctx.session })
-    if (
-      !verifiedData ||
-      "error" in verifiedData ||
-      !verifiedData.data.loyalty
-    ) {
+    const user = await ctx.getScandicUser()
+    if (!user?.loyalty) {
      return null
    }

-    const membershipLevel = getFriendsMembership(verifiedData.data.loyalty)
+    const membershipLevel = getFriendsMembership(user.loyalty)
    return membershipLevel
  }),
  safeMembershipLevel: safeProtectedProcedure.query(async function ({ ctx }) {
    if (!isValidSession(ctx.session)) {
      return null
    }
-    const verifiedData = await getVerifiedUser({ session: ctx.session })
+    const user = await ctx.getScandicUser()

-    if (
-      !verifiedData ||
-      "error" in verifiedData ||
-      !verifiedData.data.loyalty
-    ) {
+    if (!user?.loyalty) {
      return null
    }

-    const membershipLevel = getFriendsMembership(verifiedData.data.loyalty)
+    const membershipLevel = getFriendsMembership(user.loyalty)
    return membershipLevel
  }),
  userTrackingInfo,
@@ -327,12 +313,14 @@ export const userQueryRouter = router({
    }),

  membershipCards: protectedProcedure.query(async function ({ ctx }) {
-    const userData = await getVerifiedUser({ session: ctx.session })
+    const [userData, error] = await safeTry(
+      getVerifiedUser({ token: ctx.session.token })
+    )

-    if (!userData || "error" in userData || !userData.data.loyalty) {
+    if (!userData?.loyalty || error) {
      return null
    }

-    return getMembershipCards(userData.data.loyalty)
+    return getMembershipCards(userData.loyalty)
  }),
 })
--- a/packages/trpc/lib/routers/user/query/userTrackingInfo.ts
+++ b/packages/trpc/lib/routers/user/query/userTrackingInfo.ts
@@ -47,13 +47,9 @@ async function getScandicFriendsUserTrackingData(session: Session | null) {
  }

  try {
-    const verifiedUserData = await getVerifiedUser({ session: session })
+    const verifiedUserData = await getVerifiedUser({ token: session.token })

-    if (
-      !verifiedUserData ||
-      "error" in verifiedUserData ||
-      !verifiedUserData.data.loyalty
-    ) {
+    if (!verifiedUserData || !verifiedUserData.loyalty) {
      metricsUserTrackingInfo.success({
        reason: "invalid user data",
        data: notLoggedInUserTrackingData,
@@ -61,12 +57,12 @@ async function getScandicFriendsUserTrackingData(session: Session | null) {
      return notLoggedInUserTrackingData
    }

-    const membership = getFriendsMembership(verifiedUserData.data.loyalty)
+    const membership = getFriendsMembership(verifiedUserData.loyalty)

    const loggedInUserTrackingData: TrackingUserData = {
      loginStatus: "logged in",
      loginType: session.token.loginType as LoginType,
-      memberId: verifiedUserData.data.profileId,
+      memberId: verifiedUserData.profileId,
      membershipNumber: membership?.membershipNumber,
      memberLevel: membership?.membershipLevel,
      loginAction: "login success",
--- a/packages/trpc/lib/routers/user/utils.ts
+++ b/packages/trpc/lib/routers/user/utils.ts
@@ -1,6 +1,7 @@
 import { myStay } from "@scandic-hotels/common/constants/routes/myStay"
 import { dt } from "@scandic-hotels/common/dt"
 import { createCounter } from "@scandic-hotels/common/telemetry"
+import { safeTry } from "@scandic-hotels/common/utils/safeTry"

 import { env } from "../../../env/server"
 import * as api from "../../api"
@@ -8,7 +9,6 @@ import { cache } from "../../DUPLICATED/cache"
 import { creditCardsSchema } from "../../routers/user/output"
 import { toApiLang } from "../../utils"
 import { encrypt } from "../../utils/encryption"
-import { isValidSession } from "../../utils/session"
 import { getVerifiedUser } from "./utils/getVerifiedUser"
 import { type FriendTransaction, getStaysSchema, type Stay } from "./output"

@@ -16,19 +16,6 @@ import type { Lang } from "@scandic-hotels/common/constants/language"
 import type { LangRoute } from "@scandic-hotels/common/constants/routes/langRoute"
 import type { Session } from "next-auth"

-export async function getMembershipNumber(
-  session: Session | null
-): Promise<string | undefined> {
-  if (!isValidSession(session)) return undefined
-
-  const verifiedUser = await getVerifiedUser({ session })
-  if (!verifiedUser || "error" in verifiedUser) {
-    return undefined
-  }
-
-  return verifiedUser.data.membershipNumber
-}
-
 export async function getPreviousStays(
  accessToken: string,
  limit: number = 10,
@@ -202,44 +189,45 @@ export async function updateStaysBookingUrl(
  session: Session,
  lang: Lang
 ) {
-  const user = await getVerifiedUser({
-    session,
-  })
-
-  if (user && !("error" in user)) {
-    return data.map((d) => {
-      const originalString =
-        d.attributes.confirmationNumber.toString() + "," + user.data.lastName
-      const encryptedBookingValue = encrypt(originalString)
-
-      // Get base URL with fallback for ephemeral environments (like deploy previews).
-      const baseUrl = env.PUBLIC_URL || "https://www.scandichotels.com"
-
-      // Construct Booking URL.
-      const bookingUrl = new URL(myStay[lang], baseUrl)
-
-      // Add search parameters.
-      if (encryptedBookingValue) {
-        bookingUrl.searchParams.set("RefId", encryptedBookingValue)
-      } else {
-        bookingUrl.searchParams.set("lastName", user.data.lastName)
-        bookingUrl.searchParams.set(
-          "bookingId",
-          d.attributes.confirmationNumber.toString()
-        )
-      }
-
-      return {
-        ...d,
-        attributes: {
-          ...d.attributes,
-          bookingUrl: bookingUrl.toString(),
-        },
-      }
+  const [user, error] = await safeTry(
+    getVerifiedUser({
+      token: session.token,
    })
-  }
+  )

-  return data
+  if (!user || error) {
+    return data
+  }
+  return data.map((d) => {
+    const originalString =
+      d.attributes.confirmationNumber.toString() + "," + user.lastName
+    const encryptedBookingValue = encrypt(originalString)
+
+    // Get base URL with fallback for ephemeral environments (like deploy previews).
+    const baseUrl = env.PUBLIC_URL || "https://www.scandichotels.com"
+
+    // Construct Booking URL.
+    const bookingUrl = new URL(myStay[lang], baseUrl)
+
+    // Add search parameters.
+    if (encryptedBookingValue) {
+      bookingUrl.searchParams.set("RefId", encryptedBookingValue)
+    } else {
+      bookingUrl.searchParams.set("lastName", user.lastName)
+      bookingUrl.searchParams.set(
+        "bookingId",
+        d.attributes.confirmationNumber.toString()
+      )
+    }
+
+    return {
+      ...d,
+      attributes: {
+        ...d.attributes,
+        bookingUrl: bookingUrl.toString(),
+      },
+    }
+  })
 }

 export const myBookingPath: LangRoute = {
--- a/packages/trpc/lib/routers/user/utils/getMemberShipNumber.ts
+++ b/packages/trpc/lib/routers/user/utils/getMemberShipNumber.ts
@@ -1,17 +0,0 @@
-import { isValidSession } from "../../../utils/session"
-import { getVerifiedUser } from "./getVerifiedUser"
-
-import type { Session } from "next-auth"
-
-export async function getMembershipNumber(
-  session: Session | null
-): Promise<string | undefined> {
-  if (!isValidSession(session)) return undefined
-
-  const verifiedUser = await getVerifiedUser({ session })
-  if (!verifiedUser || "error" in verifiedUser) {
-    return undefined
-  }
-
-  return verifiedUser.data.membershipNumber
-}
--- a/packages/trpc/lib/routers/user/utils/getVerifiedUser.ts
+++ b/packages/trpc/lib/routers/user/utils/getVerifiedUser.ts
@@ -2,16 +2,19 @@ import { createCounter } from "@scandic-hotels/common/telemetry"

 import * as api from "../../../api"
 import { cache } from "../../../DUPLICATED/cache"
+import {
+  internalServerError,
+  serverErrorByStatus,
+  sessionExpiredError,
+} from "../../../errors"
 import { getUserSchema } from "../output"

-import type { Session } from "next-auth"
-
 export const getVerifiedUser = cache(
  async ({
-    session,
+    token,
    includeExtendedPartnerData,
  }: {
-    session: Session
+    token: { expires_at?: number; access_token: string }
    includeExtendedPartnerData?: boolean
  }) => {
    const getVerifiedUserCounter = createCounter("user", "getVerifiedUser")
@@ -20,16 +23,16 @@ export const getVerifiedUser = cache(
    metricsGetVerifiedUser.start()

    const now = Date.now()
-    if (session.token.expires_at && session.token.expires_at < now) {
+    if (token.expires_at && token.expires_at < now) {
      metricsGetVerifiedUser.dataError(`Token expired`)
-      return { error: true, cause: "token_expired" } as const
+      throw sessionExpiredError()
    }

    const apiResponse = await api.get(
      api.endpoints.v2.Profile.profile,
      {
        headers: {
-          Authorization: `Bearer ${session.token.access_token}`,
+          Authorization: `Bearer ${token.access_token}`,
        },
      },
      includeExtendedPartnerData
@@ -40,19 +43,7 @@ export const getVerifiedUser = cache(
    if (!apiResponse.ok) {
      await metricsGetVerifiedUser.httpError(apiResponse)

-      if (apiResponse.status === 401) {
-        return { error: true, cause: "unauthorized" } as const
-      } else if (apiResponse.status === 403) {
-        return { error: true, cause: "forbidden" } as const
-      } else if (apiResponse.status === 404) {
-        return { error: true, cause: "notfound" } as const
-      }
-
-      return {
-        error: true,
-        cause: "unknown",
-        status: apiResponse.status,
-      } as const
+      throw serverErrorByStatus(apiResponse.status, apiResponse)
    }

    const apiJson = await apiResponse.json()
@@ -63,17 +54,17 @@ export const getVerifiedUser = cache(
          data: apiJson,
        }
      )
-      return null
+      throw internalServerError("Missing data attributes in API response")
    }

    const verifiedData = getUserSchema.safeParse(apiJson)
    if (!verifiedData.success) {
      metricsGetVerifiedUser.validationError(verifiedData.error)
-      return null
+      throw verifiedData.error
    }

    metricsGetVerifiedUser.success()

-    return verifiedData
+    return verifiedData.data
  }
 )
--- a/packages/trpc/lib/routers/user/utils/updateStaysBookingUrl.ts
+++ b/packages/trpc/lib/routers/user/utils/updateStaysBookingUrl.ts
@@ -1,6 +1,7 @@
 import "server-only"

 import { myStay } from "@scandic-hotels/common/constants/routes/myStay"
+import { safeTry } from "@scandic-hotels/common/utils/safeTry"

 import { env } from "../../../../env/server"
 import { encrypt } from "../../../utils/encryption"
@@ -28,42 +29,47 @@ export async function updateStaysBookingUrl(
  session: Session,
  lang: Lang
 ) {
-  const user = await getVerifiedUser({
-    session,
-  })
-
-  if (user && !("error" in user)) {
-    return data.map((d) => {
-      const originalString =
-        d.attributes.confirmationNumber.toString() + "," + user.data.lastName
-      const encryptedBookingValue = encrypt(originalString)
-
-      // Get base URL with fallback for ephemeral environments (like deploy previews).
-      const baseUrl = env.PUBLIC_URL || "https://www.scandichotels.com"
-
-      // Construct Booking URL.
-      const bookingUrl = new URL(myStay[lang], baseUrl)
-
-      // Add search parameters.
-      if (encryptedBookingValue) {
-        bookingUrl.searchParams.set("RefId", encryptedBookingValue)
-      } else {
-        bookingUrl.searchParams.set("lastName", user.data.lastName)
-        bookingUrl.searchParams.set(
-          "bookingId",
-          d.attributes.confirmationNumber.toString()
-        )
-      }
-
-      return {
-        ...d,
-        attributes: {
-          ...d.attributes,
-          bookingUrl: bookingUrl.toString(),
-        },
-      }
+  const [user, error] = await safeTry(
+    getVerifiedUser({
+      token: {
+        access_token: session.token.access_token,
+        expires_at: session.token.expires_at ?? 0,
+      },
    })
+  )
+
+  if (error || !user) {
+    return data
  }

-  return data
+  return data.map((d) => {
+    const originalString =
+      d.attributes.confirmationNumber.toString() + "," + user.lastName
+    const encryptedBookingValue = encrypt(originalString)
+
+    // Get base URL with fallback for ephemeral environments (like deploy previews).
+    const baseUrl = env.PUBLIC_URL || "https://www.scandichotels.com"
+
+    // Construct Booking URL.
+    const bookingUrl = new URL(myStay[lang], baseUrl)
+
+    // Add search parameters.
+    if (encryptedBookingValue) {
+      bookingUrl.searchParams.set("RefId", encryptedBookingValue)
+    } else {
+      bookingUrl.searchParams.set("lastName", user.lastName)
+      bookingUrl.searchParams.set(
+        "bookingId",
+        d.attributes.confirmationNumber.toString()
+      )
+    }
+
+    return {
+      ...d,
+      attributes: {
+        ...d.attributes,
+        bookingUrl: bookingUrl.toString(),
+      },
+    }
+  })
 }