fix2

2026-05-23 00:21:31 +02:00
parent f313410770
commit 29918f2a8a
5 changed files with 187 additions and 85 deletions
--- a/server/services/appwriteClient.js
+++ b/server/services/appwriteClient.js
@@ -1,4 +1,5 @@
-import { createUserClient } from './appwriteAdmin.js'
+import { config } from '../config.js'
+import { deleteUserSession, getUserById } from './appwriteAdmin.js'

 const DEBUG_LOG = (location, message, data, hypothesisId) => {
  // #region agent log
@@ -17,54 +18,94 @@ const DEBUG_LOG = (location, message, data, hypothesisId) => {
  // #endregion
 }

-export async function loginWithAppwrite(email, password) {
-  const { client, account } = createUserClient()
+function appwriteHeaders() {
+  return {
+    'Content-Type': 'application/json',
+    'X-Appwrite-Project': config.appwrite.projectId,
+  }
+}

-  let session
-  try {
-    session = await account.createEmailPasswordSession(email, password)
-    DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession ok', {
-      hasSecret: Boolean(session?.secret),
-      sessionId: session?.$id || null,
-    }, 'H1')
-  } catch (err) {
-    DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession fail', {
-      code: err?.code,
-      type: err?.type,
-      message: err?.message?.slice(0, 120),
-    }, 'H1')
-    const message = err?.message || 'Anmeldung fehlgeschlagen'
-    const error = new Error(message)
-    error.status = 401
+async function appwriteFetch(path, { method = 'GET', body } = {}) {
+  const url = `${config.appwrite.endpoint}${path}`
+  const response = await fetch(url, {
+    method,
+    headers: appwriteHeaders(),
+    body: body ? JSON.stringify(body) : undefined,
+  })
+
+  let data = null
+  const text = await response.text()
+  if (text) {
+    try {
+      data = JSON.parse(text)
+    } catch {
+      data = { message: text }
+    }
+  }
+
+  if (!response.ok) {
+    const error = new Error(data?.message || `Appwrite ${response.status}`)
+    error.status = response.status === 401 ? 401 : response.status >= 500 ? 500 : 401
+    error.code = data?.code
+    error.type = data?.type
    throw error
  }

-  if (session?.secret) {
-    client.setSession(session.secret)
-    DEBUG_LOG('appwriteClient.js:setSession', 'setSession applied', { hasSessionHeader: true }, 'H2')
-  } else {
-    DEBUG_LOG('appwriteClient.js:setSession', 'no session.secret', {}, 'H2')
+  return data
+}
+
+/**
+ * Appwrite Auth per native fetch (Node 26 + node-appwrite-Agent ist inkompatibel).
+ * Session.secret wird serverseitig oft nicht zurückgegeben – userId aus Session nutzen.
+ */
+export async function loginWithAppwrite(email, password) {
+  let session
+  try {
+    session = await appwriteFetch('/account/sessions/email', {
+      method: 'POST',
+      body: { email, password },
+    })
+    DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession ok', {
+      hasSecret: Boolean(session?.secret),
+      hasUserId: Boolean(session?.userId),
+      sessionId: session?.$id || null,
+    }, 'H6')
+  } catch (err) {
+    DEBUG_LOG('appwriteClient.js:session', 'createEmailPasswordSession fail', {
+      message: err?.message?.slice(0, 120),
+      code: err?.code,
+    }, 'H1')
+    const error = new Error(err.message || 'Anmeldung fehlgeschlagen')
+    error.status = err.status || 401
+    throw error
+  }
+
+  if (!session?.userId) {
+    DEBUG_LOG('appwriteClient.js:session', 'no userId in session', {
+      sessionKeys: session ? Object.keys(session).filter((k) => !k.startsWith('provider')) : [],
+    }, 'H6')
+    const error = new Error('Appwrite-Session ohne userId.')
+    error.status = 500
+    throw error
  }

  let user
  try {
-    user = await account.get()
-    DEBUG_LOG('appwriteClient.js:get', 'account.get ok', { userId: user?.$id || null }, 'H2')
+    user = await getUserById(session.userId)
+    DEBUG_LOG('appwriteClient.js:getUser', 'users.get ok', { userId: user?.$id || null }, 'H6')
  } catch (err) {
-    DEBUG_LOG('appwriteClient.js:get', 'account.get fail', {
-      code: err?.code,
-      message: err?.message?.slice(0, 120),
-    }, 'H2')
-    const message = err?.message || 'Anmeldung fehlgeschlagen'
-    const error = new Error(message)
-    error.status = err?.message?.includes('scopes') ? 401 : 500
-    throw error
+    DEBUG_LOG('appwriteClient.js:getUser', 'users.get fail, fallback', {
+      message: err?.message?.slice(0, 80),
+    }, 'H6')
+    user = { $id: session.userId, email, name: '' }
  }

-  try {
-    await account.deleteSession('current')
-  } catch {
-    // Portal nutzt eigene Session; Appwrite-Session wird nicht persistiert
+  if (session.$id) {
+    try {
+      await deleteUserSession(session.userId, session.$id)
+    } catch {
+      // Portal nutzt eigene Session; Appwrite-Session optional aufräumen
+    }
  }

  return user