header_sso: adaptions for changed internals

backend/internal/core/services/service_user.go

@@ -204,18 +204,6 @@ func (svc *UserService) LoginWithoutPassword(ctx context.Context, username strin
 	return svc.createSessionToken(ctx, usr.ID, extendedSession)
 }
 
-func (svc *UserService) LoginWithoutPassword(ctx context.Context, username string) (UserAuthTokenDetail, error) {
-	usr, err := svc.repos.Users.GetOneEmail(ctx, username)
-
-	if err != nil {
-		// SECURITY: Perform hash to ensure response times are the same
-		hasher.CheckPasswordHash("not-a-real-password", "not-a-real-password")
-		return UserAuthTokenDetail{}, ErrorInvalidLogin
-	}
-
-	return svc.createSessionToken(ctx, usr.ID)
-}
-
 func (svc *UserService) Logout(ctx context.Context, token string) error {
 	hash := hasher.HashToken(token)
 	err := svc.repos.AuthTokens.DeleteToken(ctx, hash)

frontend/composables/use-auth-context.ts

@@ -122,6 +122,18 @@ class AuthContext implements IAuthContext {
     return r;
   }
 
+  async login_sso_header(api: PublicApi) {
+    const r = await api.login_sso_header();
+
+    if (!r.error) {
+      this._token.value = r.data.token;
+      this._expiresAt.value = r.data.expiresAt as string;
+      this._attachmentToken.value = r.data.attachmentToken;
+    }
+
+    return r;
+  }
+
   async logout(api: UserClient) {
     const r = await api.user.logout();
 

frontend/pages/index.vue

@@ -32,16 +32,9 @@
     }
   });
 
-  const { data, error } = await api.login_sso_header();
+  const { error } = await ctx.login_sso_header(api);
 
   if (!error) {
-    // @ts-expect-error - expires is either a date or a string, need to figure out store typing
-    authStore.$patch({
-      token: data.token,
-      expires: data.expiresAt,
-      attachmentToken: data.attachmentToken,
-    });
-
     navigateTo("/home");
   }