Rework user types: create AuthenticatedUser and AnonymousUser class

Both are subclasses of an abstract User class which contains almost everything interesting.
2026-01-17 17:45:36 -06:00
parent 350bf7c865
commit d921679058
9 changed files with 102 additions and 62 deletions
--- a/express/auth/service.ts
+++ b/express/auth/service.ts
@@ -4,7 +4,12 @@
 // password reset, and email verification.

 import type { Request as ExpressRequest } from "express";
-import { AnonymousUser, type User, type UserId } from "../user";
+import {
+    type AnonymousUser,
+    anonymousUser,
+    type User,
+    type UserId,
+} from "../user";
 import { hashPassword, verifyPassword } from "./password";
 import type { AuthStore } from "./store";
 import {
@@ -27,7 +32,7 @@ type SimpleResult = { success: true } | { success: false; error: string };
 // Result of validating a request/token - contains both user and session
 export type AuthResult =
    | { authenticated: true; user: User; session: SessionData }
-    | { authenticated: false; user: typeof AnonymousUser; session: null };
+    | { authenticated: false; user: AnonymousUser; session: null };

 export class AuthService {
    constructor(private store: AuthStore) {}
@@ -83,7 +88,7 @@ export class AuthService {
        }

        if (!token) {
-            return { authenticated: false, user: AnonymousUser, session: null };
+            return { authenticated: false, user: anonymousUser, session: null };
        }

        return this.validateToken(token);
@@ -94,16 +99,16 @@ export class AuthService {
        const session = await this.store.getSession(tokenId);

        if (!session) {
-            return { authenticated: false, user: AnonymousUser, session: null };
+            return { authenticated: false, user: anonymousUser, session: null };
        }

        if (session.tokenType !== "session") {
-            return { authenticated: false, user: AnonymousUser, session: null };
+            return { authenticated: false, user: anonymousUser, session: null };
        }

        const user = await this.store.getUserById(session.userId as UserId);
        if (!user || !user.isActive()) {
-            return { authenticated: false, user: AnonymousUser, session: null };
+            return { authenticated: false, user: anonymousUser, session: null };
        }

        // Update last used (fire and forget)