From 041f2bcef7511a255443ffdefd6dcb29fd75c8c0 Mon Sep 17 00:00:00 2001
From: Max Peintner <max@caos.ch>
Date: Wed, 4 Dec 2024 15:49:49 +0100
Subject: [PATCH 1/3] updateSession error handling

---
 .../src/app/(login)/otp/[method]/page.tsx     |  2 ++
 apps/login/src/components/login-otp.tsx       | 21 ++++++++++++--
 apps/login/src/components/login-passkey.tsx   | 10 +++++++
 apps/login/src/lib/cookies.ts                 |  2 +-
 apps/login/src/lib/server/session.ts          | 28 +++++++++++--------
 5 files changed, 49 insertions(+), 14 deletions(-)

diff --git a/apps/login/src/app/(login)/otp/[method]/page.tsx b/apps/login/src/app/(login)/otp/[method]/page.tsx
index 1c0904ce..ccccf072 100644
--- a/apps/login/src/app/(login)/otp/[method]/page.tsx
+++ b/apps/login/src/app/(login)/otp/[method]/page.tsx
@@ -33,6 +33,8 @@ export default async function Page(props: {
 
   const host = (await headers()).get("host");
 
+  console.log("host", host);
+
   return (
     <DynamicTheme branding={branding}>
       <div className="flex flex-col items-center space-y-4">
diff --git a/apps/login/src/components/login-otp.tsx b/apps/login/src/components/login-otp.tsx
index 262541eb..02f698a4 100644
--- a/apps/login/src/components/login-otp.tsx
+++ b/apps/login/src/components/login-otp.tsx
@@ -76,6 +76,13 @@ export function LoginOTP({
   async function updateSessionForOTPChallenge() {
     let challenges;
 
+    if (host) {
+      console.log(
+        `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` +
+          (authRequestId ? `&authRequestId=${authRequestId}` : ""),
+      );
+    }
+
     if (method === "email") {
       challenges = create(RequestChallengesSchema, {
         otpEmail: {
@@ -107,14 +114,19 @@ export function LoginOTP({
       challenges,
       authRequestId,
     })
-      .catch((error) => {
-        setError(error.message ?? "Could not request OTP challenge");
+      .catch(() => {
+        setError("Could not request OTP challenge");
         return;
       })
       .finally(() => {
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 
@@ -167,6 +179,11 @@ export function LoginOTP({
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 
diff --git a/apps/login/src/components/login-passkey.tsx b/apps/login/src/components/login-passkey.tsx
index d72749e7..2f1cd533 100644
--- a/apps/login/src/components/login-passkey.tsx
+++ b/apps/login/src/components/login-passkey.tsx
@@ -110,6 +110,11 @@ export function LoginPasskey({
         setLoading(false);
       });
 
+    if (session && "error" in session && session.error) {
+      setError(session.error);
+      return;
+    }
+
     return session;
   }
 
@@ -132,6 +137,11 @@ export function LoginPasskey({
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 
diff --git a/apps/login/src/lib/cookies.ts b/apps/login/src/lib/cookies.ts
index 00540653..4d29b9e7 100644
--- a/apps/login/src/lib/cookies.ts
+++ b/apps/login/src/lib/cookies.ts
@@ -142,7 +142,7 @@ export async function removeSessionFromCookie<T>(
   }
 }
 
-export async function getMostRecentSessionCookie<T>(): Promise<any> {
+export async function getMostRecentSessionCookie<T>(): Promise<Cookie> {
   const cookiesList = await cookies();
   const stringifiedCookie = cookiesList.get("sessions");
 
diff --git a/apps/login/src/lib/server/session.ts b/apps/login/src/lib/server/session.ts
index 9726ce84..6c2b6ceb 100644
--- a/apps/login/src/lib/server/session.ts
+++ b/apps/login/src/lib/server/session.ts
@@ -132,21 +132,23 @@ export async function updateSession(options: UpdateSessionCommand) {
     challenges,
   } = options;
   const recentSession = sessionId
-    ? await getSessionCookieById({ sessionId }).catch((error) => {
-        return Promise.reject(error);
-      })
+    ? await getSessionCookieById({ sessionId })
     : loginName
-      ? await getSessionCookieByLoginName({ loginName, organization }).catch(
-          (error) => {
-            return Promise.reject(error);
-          },
-        )
-      : await getMostRecentSessionCookie().catch((error) => {
-          return Promise.reject(error);
-        });
+      ? await getSessionCookieByLoginName({ loginName, organization })
+      : await getMostRecentSessionCookie();
+
+  if (!recentSession) {
+    return {
+      error: "Could not find session",
+    };
+  }
 
   const host = (await headers()).get("host");
 
+  if (!host) {
+    return { error: "Could not get host" };
+  }
+
   if (
     host &&
     challenges &&
@@ -174,6 +176,10 @@ export async function updateSession(options: UpdateSessionCommand) {
     lifetime,
   );
 
+  if (!session) {
+    return { error: "Could not update session" };
+  }
+
   // if password, check if user has MFA methods
   let authMethods;
   if (checks && checks.password && session.factors?.user?.id) {

From eaeb4db19c1ea8de872e7bc1a05b1745cee07cc8 Mon Sep 17 00:00:00 2001
From: Max Peintner <max@caos.ch>
Date: Wed, 4 Dec 2024 18:05:29 +0100
Subject: [PATCH 2/3] rm org from temp

---
 apps/login/src/components/login-otp.tsx | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/apps/login/src/components/login-otp.tsx b/apps/login/src/components/login-otp.tsx
index 02f698a4..015190d9 100644
--- a/apps/login/src/components/login-otp.tsx
+++ b/apps/login/src/components/login-otp.tsx
@@ -76,13 +76,6 @@ export function LoginOTP({
   async function updateSessionForOTPChallenge() {
     let challenges;
 
-    if (host) {
-      console.log(
-        `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` +
-          (authRequestId ? `&authRequestId=${authRequestId}` : ""),
-      );
-    }
-
     if (method === "email") {
       challenges = create(RequestChallengesSchema, {
         otpEmail: {
@@ -91,7 +84,7 @@ export function LoginOTP({
             value: host
               ? {
                   urlTemplate:
-                    `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` +
+                    `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}` +
                     (authRequestId ? `&authRequestId=${authRequestId}` : ""),
                 }
               : {},

From a780233f2f40bdfa9a1bab99eb6176ffcdbca427 Mon Sep 17 00:00:00 2001
From: Max Peintner <max@caos.ch>
Date: Wed, 4 Dec 2024 18:12:57 +0100
Subject: [PATCH 3/3] rm log

---
 apps/login/src/app/(login)/otp/[method]/page.tsx | 2 --
 1 file changed, 2 deletions(-)

diff --git a/apps/login/src/app/(login)/otp/[method]/page.tsx b/apps/login/src/app/(login)/otp/[method]/page.tsx
index ccccf072..1c0904ce 100644
--- a/apps/login/src/app/(login)/otp/[method]/page.tsx
+++ b/apps/login/src/app/(login)/otp/[method]/page.tsx
@@ -33,8 +33,6 @@ export default async function Page(props: {
 
   const host = (await headers()).get("host");
 
-  console.log("host", host);
-
   return (
     <DynamicTheme branding={branding}>
       <div className="flex flex-col items-center space-y-4">