finally put #3 to bed with state. also introduce email/password signup and login

2023-04-13 20:11:18 +10:00
parent 028a7dda45
commit 6a7e7ec9ac
9 changed files with 105 additions and 32 deletions
--- a/server/trpc/routers/account.router.ts
+++ b/server/trpc/routers/account.router.ts
@@ -8,19 +8,19 @@ import { MembershipWithAccount } from '~~/lib/services/service.types';
  Note on proliferation of Bang syntax... adminProcedure throws if either the ctx.dbUser or the ctx.activeAccountId is not available but the compiler can't figure that out so bang quiesces the null warning
 */
 export const accountRouter = router({
-  getDBUser: protectedProcedure
+  getDBUser: publicProcedure
    .query(({ ctx }) => {
      return {
        dbUser: ctx.dbUser,
      }
    }),
-  getActiveAccountId: protectedProcedure
+  getActiveAccountId: publicProcedure
    .query(({ ctx }) => {
      return {
        activeAccountId: ctx.activeAccountId,
      }
    }),
-  changeActiveAccount: adminProcedure
+  changeActiveAccount: protectedProcedure
    .input(z.object({ account_id: z.number() }))
    .mutation(async ({ ctx, input }) => {
      ctx.activeAccountId = input.account_id;
--- a/server/trpc/trpc.ts
+++ b/server/trpc/trpc.ts
@@ -36,7 +36,7 @@ const isAdminForInputAccountId = t.middleware(({ next, rawInput, ctx }) => {
  }
  const activeMembership = ctx.dbUser.memberships.find(membership => membership.account_id == ctx.activeAccountId);
  if(!activeMembership || (activeMembership?.access !== ACCOUNT_ACCESS.ADMIN && activeMembership?.access !== ACCOUNT_ACCESS.OWNER)) {
-    throw new TRPCError({ code: 'UNAUTHORIZED' });
+    throw new TRPCError({ code: 'UNAUTHORIZED', message:`activeMembership ${activeMembership?.id} is only ${activeMembership?.access}` });
  }
  
  return next({ ctx });