feat: link transcript participants (#737)

* Sync authentik users * Migrate user_id from uid to id * Fix auth user id * Fix ci migration test * Fix meeting token creation * Move user id migration to a script * Add user on first login * Fix migration chain * Rename uid column to authentik_uid * Fix broken ws test
2025-12-20 20:29:06 +00:00 · 2025-11-25 19:13:19 +01:00
parent 86ac23868b
commit 9bec39808f
11 changed files with 559 additions and 29 deletions
--- a/www/app/lib/authBackend.ts
+++ b/www/app/lib/authBackend.ts
@@ -22,6 +22,27 @@ import { sequenceThrows } from "./errorUtils";
 import { featureEnabled } from "./features";
 import { getNextEnvVar } from "./nextBuild";

+async function getUserId(accessToken: string): Promise<string | null> {
+  try {
+    const apiUrl = getNextEnvVar("SERVER_API_URL");
+    const response = await fetch(`${apiUrl}/v1/me`, {
+      headers: {
+        Authorization: `Bearer ${accessToken}`,
+      },
+    });
+
+    if (!response.ok) {
+      return null;
+    }
+
+    const userInfo = await response.json();
+    return userInfo.sub || null;
+  } catch (error) {
+    console.error("Error fetching user ID from backend:", error);
+    return null;
+  }
+}
+
 const TOKEN_CACHE_TTL = REFRESH_ACCESS_TOKEN_BEFORE;
 const getAuthentikClientId = () => getNextEnvVar("AUTHENTIK_CLIENT_ID");
 const getAuthentikClientSecret = () => getNextEnvVar("AUTHENTIK_CLIENT_SECRET");
@@ -122,13 +143,16 @@ export const authOptions = (): AuthOptions =>
          },
          async session({ session, token }) {
            const extendedToken = token as JWTWithAccessToken;
+
+            const userId = await getUserId(extendedToken.accessToken);
+
            return {
              ...session,
              accessToken: extendedToken.accessToken,
              accessTokenExpires: extendedToken.accessTokenExpires,
              error: extendedToken.error,
              user: {
-                id: assertExists(extendedToken.sub),
+                id: assertExistsAndNonEmptyString(userId, "User ID required"),
                name: extendedToken.name,
                email: extendedToken.email,
              },