pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-20 11:11:16 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
348ab23d26fa00be834f5cbdfa1868c4676456d9
thrilltrack-explorer/supabase/functions/cancel-email-change/index.ts
gpt-engineer-app[bot] 19804ea9bd Migrate Admin Admin Functions to wrapEdgeFunction 
Migrate Phase 3 administrative functions to use the wrapEdgeFunction wrapper:
- cancel-account-deletion
- cancel-email-change
- create-novu-subscriber
- update-novu-subscriber
- trigger-notification
- remove-novu-subscriber
- manage-moderator-topic
- migrate-novu-users
- sync-all-moderators-to-topic
- update-novu-preferences
- notify-system-announcement

This update standardizes error handling, tracing, auth, and logging across admin endpoints, removes manual serve/CORS boilerplate, and prepares for consistent monitoring and testing.
2025-11-11 03:49:54 +00:00

103 lines
3.4 KiB
TypeScript
Raw Blame History

import { createClient } from 'https://esm.sh/@supabase/supabase-js@2.57.4';
import { corsHeaders } from '../_shared/cors.ts';
import { edgeLogger } from '../_shared/logger.ts';
import { createEdgeFunction } from '../_shared/edgeFunctionWrapper.ts';
export default createEdgeFunction(
{
name: 'cancel-email-change',
requireAuth: true,
corsHeaders: corsHeaders
},
async (req, context) => {
context.span.setAttribute('action', 'cancel_email_change');
edgeLogger.info('Cancelling email change for user', {
action: 'cancel_email_change',
requestId: context.requestId,
userId: context.userId
});
// SECURITY: Service Role Key Usage
// ---------------------------------
// This function uses the service role key to bypass RLS and access auth.users table.
// This is required because:
// 1. The cancel_user_email_change() database function has SECURITY DEFINER privileges
// 2. It needs to modify auth.users table which is not accessible with regular user tokens
// 3. User authentication is verified via the wrapper's requireAuth
// Scope: Limited to cancelling the authenticated user's own email change
const supabaseUrl = Deno.env.get('SUPABASE_URL');
const supabaseServiceKey = Deno.env.get('SUPABASE_SERVICE_ROLE_KEY');
if (!supabaseUrl || !supabaseServiceKey) {
throw new Error('Missing Supabase configuration');
}
const supabaseAdmin = createClient(supabaseUrl, supabaseServiceKey, {
auth: {
autoRefreshToken: false,
persistSession: false
}
});
// Call the database function to clear email change fields
// This function has SECURITY DEFINER privileges to access auth.users
const { data: cancelled, error: cancelError } = await supabaseAdmin
.rpc('cancel_user_email_change', { _user_id: context.userId });
if (cancelError || !cancelled) {
edgeLogger.error('Error cancelling email change', {
error: cancelError?.message,
userId: context.userId,
requestId: context.requestId
});
throw new Error('Unable to cancel email change: ' + (cancelError?.message || 'Unknown error'));
}
edgeLogger.info('Successfully cancelled email change', { userId: context.userId, requestId: context.requestId });
// Log the cancellation in admin_audit_log
const { error: auditError } = await supabaseAdmin
.from('admin_audit_log')
.insert({
admin_user_id: context.userId,
target_user_id: context.userId,
action: 'email_change_cancelled',
details: {
cancelled_at: new Date().toISOString(),
},
});
if (auditError) {
edgeLogger.error('Error logging audit', {
error: auditError.message,
requestId: context.requestId
});
// Don't fail the request if audit logging fails
}
edgeLogger.info('Successfully cancelled email change', {
action: 'cancel_email_change',
requestId: context.requestId,
userId: context.userId
});
return new Response(
JSON.stringify({
success: true,
message: 'Email change cancelled successfully',
user: {
id: context.userId,
email: null,
new_email: null,
},
}),
{
headers: {
'Content-Type': 'application/json'
},
status: 200,
}
);
}
);
Reference in New Issue View Git Blame Copy Permalink