Merge branch 'main' into main

zitadel · Dec 5, 2024 · ad1731d · ad1731d
2 parents 16902a0 + 7f22c05
commit ad1731d
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 15 deletions.
diff --git a/apps/login/src/components/login-otp.tsx b/apps/login/src/components/login-otp.tsx
@@ -84,7 +84,7 @@ export function LoginOTP({
             value: host
               ? {
                   urlTemplate:
-                    `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` +
+                    `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}` +
                     (authRequestId ? `&authRequestId=${authRequestId}` : ""),
                 }
               : {},
@@ -107,14 +107,19 @@ export function LoginOTP({
       challenges,
       authRequestId,
     })
-      .catch((error) => {
-        setError(error.message ?? "Could not request OTP challenge");
+      .catch(() => {
+        setError("Could not request OTP challenge");
         return;
       })
       .finally(() => {
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 
@@ -167,6 +172,11 @@ export function LoginOTP({
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 

diff --git a/apps/login/src/components/login-passkey.tsx b/apps/login/src/components/login-passkey.tsx
@@ -110,6 +110,11 @@ export function LoginPasskey({
         setLoading(false);
       });
 
+    if (session && "error" in session && session.error) {
+      setError(session.error);
+      return;
+    }
+
     return session;
   }
 
@@ -132,6 +137,11 @@ export function LoginPasskey({
         setLoading(false);
       });
 
+    if (response && "error" in response && response.error) {
+      setError(response.error);
+      return;
+    }
+
     return response;
   }
 

diff --git a/apps/login/src/lib/cookies.ts b/apps/login/src/lib/cookies.ts
@@ -142,7 +142,7 @@ export async function removeSessionFromCookie<T>(
   }
 }
 
-export async function getMostRecentSessionCookie<T>(): Promise<any> {
+export async function getMostRecentSessionCookie<T>(): Promise<Cookie> {
   const cookiesList = await cookies();
   const stringifiedCookie = cookiesList.get("sessions");
 

diff --git a/apps/login/src/lib/server/session.ts b/apps/login/src/lib/server/session.ts
@@ -132,21 +132,23 @@ export async function updateSession(options: UpdateSessionCommand) {
     challenges,
   } = options;
   const recentSession = sessionId
-    ? await getSessionCookieById({ sessionId }).catch((error) => {
-        return Promise.reject(error);
-      })
+    ? await getSessionCookieById({ sessionId })
     : loginName
-      ? await getSessionCookieByLoginName({ loginName, organization }).catch(
-          (error) => {
-            return Promise.reject(error);
-          },
-        )
-      : await getMostRecentSessionCookie().catch((error) => {
-          return Promise.reject(error);
-        });
+      ? await getSessionCookieByLoginName({ loginName, organization })
+      : await getMostRecentSessionCookie();
+
+  if (!recentSession) {
+    return {
+      error: "Could not find session",
+    };
+  }
 
   const host = (await headers()).get("host");
 
+  if (!host) {
+    return { error: "Could not get host" };
+  }
+
   if (
     host &&
     challenges &&
@@ -174,6 +176,10 @@ export async function updateSession(options: UpdateSessionCommand) {
     lifetime,
   );
 
+  if (!session) {
+    return { error: "Could not update session" };
+  }
+
   // if password, check if user has MFA methods
   let authMethods;
   if (checks && checks.password && session.factors?.user?.id) {