31 lines
840 B
TypeScript
31 lines
840 B
TypeScript
import { getHttpRequestContext } from '@adapters/http/RequestContext';
|
|
|
|
export type Actor = {
|
|
userId: string;
|
|
driverId: string;
|
|
role?: string | undefined;
|
|
};
|
|
|
|
type AuthenticatedRequest = {
|
|
user?: { userId: string; role?: string };
|
|
};
|
|
|
|
export function getActorFromRequestContext(): Actor {
|
|
const ctx = getHttpRequestContext();
|
|
const req = ctx.req as unknown as AuthenticatedRequest;
|
|
|
|
if (!req || !req.user) {
|
|
throw new Error('Unauthorized');
|
|
}
|
|
|
|
const userId = req.user.userId;
|
|
if (!userId) {
|
|
throw new Error('Unauthorized');
|
|
}
|
|
|
|
// Current canonical mapping:
|
|
// - The authenticated session identity is `userId`.
|
|
// - In the current system, that `userId` is also treated as the performer `driverId`.
|
|
// - Include role from session if available
|
|
return { userId, driverId: userId, role: req.user.role };
|
|
} |