Merged in fix/getProfile (pull request #2945)

fix(mypages): do not fetch SAS data on overview page and use correct mfa value when masking personal data * fix(mypages): do not fetch SAS data on overview page and use correct mfa value when masking personal data Approved-by: Anton Gunnarsson
2025-10-10 07:45:06 +00:00
parent eba6319ebe
commit f70d4d7c7f
2 changed files with 41 additions and 17 deletions
--- a/packages/trpc/lib/routers/user/query/index.ts
+++ b/packages/trpc/lib/routers/user/query/index.ts
@@ -54,21 +54,46 @@ export const userQueryRouter = router({

      return parsedUser(data.data, ctx.isMFA)
    }),
-  getSafely: safeProtectedProcedure.query(async function getUser({ ctx }) {
-    if (!isValidSession(ctx.session)) {
-      return null
-    }
+  getSafely: safeProtectedProcedure
+    .use(async function (opts) {
+      return opts.next({
+        ctx: {
+          ...opts.ctx,
+          isMFA:
+            !!opts.ctx.session &&
+            !!opts.ctx.session.token.mfa_scope &&
+            !!opts.ctx.session.token.mfa_expires_at &&
+            opts.ctx.session.token.mfa_expires_at > Date.now(),
+        },
+      })
+    })
+    .query(async function getUser({ ctx }) {
+      if (!isValidSession(ctx.session)) {
+        return null
+      }

-    const data = await getVerifiedUser({ session: ctx.session })
+      const data = await getVerifiedUser({ session: ctx.session })

-    if (!data || "error" in data) {
-      return null
-    }
+      if (!data || "error" in data) {
+        return null
+      }

-    return parsedUser(data.data, true)
-  }),
-  getWithExtendedPartnerData: safeProtectedProcedure.query(
-    async function getUser({ ctx }) {
+      return parsedUser(data.data, ctx.isMFA)
+    }),
+  getWithExtendedPartnerData: safeProtectedProcedure
+    .use(async function (opts) {
+      return opts.next({
+        ctx: {
+          ...opts.ctx,
+          isMFA:
+            !!opts.ctx.session &&
+            !!opts.ctx.session.token.mfa_scope &&
+            !!opts.ctx.session.token.mfa_expires_at &&
+            opts.ctx.session.token.mfa_expires_at > Date.now(),
+        },
+      })
+    })
+    .query(async function getUser({ ctx }) {
      if (!isValidSession(ctx.session)) {
        return null
      }
@@ -82,9 +107,8 @@ export const userQueryRouter = router({
        return null
      }

-      return parsedUser(data.data, true)
-    }
-  ),
+      return parsedUser(data.data, ctx.isMFA)
+    }),
  name: safeProtectedProcedure.query(async function ({ ctx }) {
    if (!isValidSession(ctx.session)) {
      return null