diff --git a/src/app/api/auth/admin/login/route.ts b/src/app/api/auth/admin/login/route.ts index 13de4e2..46310c5 100644 --- a/src/app/api/auth/admin/login/route.ts +++ b/src/app/api/auth/admin/login/route.ts @@ -92,7 +92,6 @@ export async function POST(request: NextRequest) { // Generate JWT tokens const accessToken = generateAccessToken({ sub: user.id, - id: user.id, plexId: user.plexId, username: user.plexUsername, role: user.role, diff --git a/src/app/api/auth/plex/callback/route.ts b/src/app/api/auth/plex/callback/route.ts index 311dbc1..b33c1cb 100644 --- a/src/app/api/auth/plex/callback/route.ts +++ b/src/app/api/auth/plex/callback/route.ts @@ -239,7 +239,6 @@ export async function GET(request: NextRequest) { // Generate JWT tokens const accessToken = generateAccessToken({ sub: user.id, - id: user.id, plexId: user.plexId, username: user.plexUsername, role: user.role, diff --git a/src/app/api/auth/plex/switch-profile/route.ts b/src/app/api/auth/plex/switch-profile/route.ts index 5d7cf8e..cb3891f 100644 --- a/src/app/api/auth/plex/switch-profile/route.ts +++ b/src/app/api/auth/plex/switch-profile/route.ts @@ -167,7 +167,6 @@ export async function POST(request: NextRequest) { // Generate JWT tokens const accessToken = generateAccessToken({ sub: user.id, - id: user.id, plexId: user.plexId, username: user.plexUsername, role: user.role, diff --git a/src/app/api/auth/refresh/route.ts b/src/app/api/auth/refresh/route.ts index 15763e6..f5875c0 100644 --- a/src/app/api/auth/refresh/route.ts +++ b/src/app/api/auth/refresh/route.ts @@ -60,7 +60,6 @@ export async function POST(request: NextRequest) { // Generate new access token const accessToken = generateAccessToken({ sub: user.id, - id: user.id, plexId: user.plexId, username: user.plexUsername, role: user.role, diff --git a/src/app/api/setup/complete/route.ts b/src/app/api/setup/complete/route.ts index 709a229..637e0da 100644 --- a/src/app/api/setup/complete/route.ts +++ b/src/app/api/setup/complete/route.ts @@ -163,7 +163,6 @@ export async function POST(request: NextRequest) { // Generate JWT tokens for auto-login accessToken = generateAccessToken({ sub: adminUser.id, - id: adminUser.id, plexId: adminUser.plexId, username: adminUser.plexUsername, role: adminUser.role, diff --git a/src/lib/middleware/auth.ts b/src/lib/middleware/auth.ts index 70ca414..7f6efd5 100644 --- a/src/lib/middleware/auth.ts +++ b/src/lib/middleware/auth.ts @@ -13,7 +13,7 @@ import { API_TOKEN_PREFIX, isEndpointAllowed } from '../constants/api-tokens'; const logger = RMABLogger.create('Auth'); export interface AuthenticatedRequest extends NextRequest { - user?: TokenPayload; + user?: TokenPayload & { id: string }; } /** @@ -89,7 +89,6 @@ async function authenticateApiToken(token: string): Promise // Use the token's target user (userId), not the creator (createdById) return { sub: user.id, - id: user.id, plexId: user.plexId, username: user.plexUsername, role: apiToken.role, @@ -149,7 +148,7 @@ export async function requireAuth( } const authenticatedRequest = request as AuthenticatedRequest; - authenticatedRequest.user = apiUser; + authenticatedRequest.user = { ...apiUser, id: apiUser.sub }; return handler(authenticatedRequest); } @@ -191,7 +190,7 @@ export async function requireAuth( const authenticatedRequest = request as AuthenticatedRequest; authenticatedRequest.user = { ...payload, - id: user.id, + id: payload.sub, }; return handler(authenticatedRequest); diff --git a/src/lib/services/auth/LocalAuthProvider.ts b/src/lib/services/auth/LocalAuthProvider.ts index 6fd09ef..c3dddb6 100644 --- a/src/lib/services/auth/LocalAuthProvider.ts +++ b/src/lib/services/auth/LocalAuthProvider.ts @@ -250,7 +250,6 @@ export class LocalAuthProvider implements IAuthProvider { private async generateTokens(userInfo: UserInfo & { plexId: string }): Promise { const tokenPayload = { sub: userInfo.id, - id: userInfo.id, plexId: userInfo.plexId, username: userInfo.username, role: userInfo.role || 'user', diff --git a/src/lib/services/auth/OIDCAuthProvider.ts b/src/lib/services/auth/OIDCAuthProvider.ts index e6ebfd5..aec98ef 100644 --- a/src/lib/services/auth/OIDCAuthProvider.ts +++ b/src/lib/services/auth/OIDCAuthProvider.ts @@ -516,7 +516,6 @@ export class OIDCAuthProvider implements IAuthProvider { private async generateTokens(userInfo: UserInfo): Promise { const accessToken = generateAccessToken({ sub: userInfo.id, - id: userInfo.id, plexId: userInfo.id, // For backwards compatibility username: userInfo.username, role: userInfo.role || 'user', diff --git a/src/lib/services/auth/PlexAuthProvider.ts b/src/lib/services/auth/PlexAuthProvider.ts index 49b8d6e..487ba0c 100644 --- a/src/lib/services/auth/PlexAuthProvider.ts +++ b/src/lib/services/auth/PlexAuthProvider.ts @@ -250,7 +250,6 @@ export class PlexAuthProvider implements IAuthProvider { private async generateTokens(userInfo: UserInfo): Promise { const accessToken = generateAccessToken({ sub: userInfo.id, - id: userInfo.id, plexId: userInfo.id, // For backwards compatibility username: userInfo.username, role: userInfo.role || 'user', diff --git a/src/lib/utils/jwt.ts b/src/lib/utils/jwt.ts index 14e84ed..657423e 100644 --- a/src/lib/utils/jwt.ts +++ b/src/lib/utils/jwt.ts @@ -17,7 +17,6 @@ const REFRESH_TOKEN_EXPIRY = '7d'; // 7 days export interface TokenPayload { sub: string; // User ID - id: string; // User ID (alias for sub, used by req.user.id throughout the codebase) plexId: string; username: string; role: string; diff --git a/tests/utils/jwt.test.ts b/tests/utils/jwt.test.ts index 7f5ca3f..91cdea8 100644 --- a/tests/utils/jwt.test.ts +++ b/tests/utils/jwt.test.ts @@ -17,7 +17,6 @@ describe('JWT utilities', () => { it('generates and verifies access tokens', () => { const token = generateAccessToken({ sub: 'user-1', - id: 'user-1', plexId: 'plex-1', username: 'user', role: 'admin', @@ -58,7 +57,6 @@ describe('JWT utilities', () => { it('decodes tokens without verification', () => { const token = generateAccessToken({ sub: 'user-4', - id: 'user-4', plexId: 'plex-4', username: 'user', role: 'user',