stack icon indicating copy to clipboard operation
stack copied to clipboard
verified publisher icon stack-auth

primary_email_auth_enabled defaults to true when trying to set as false via api

Open Stack-Auth-Bot opened this issue 7 months ago • 3 comments

Original Forum Post

Author: jeffboird (Discord ID: 376874815270944771) Created: 2025-05-14T19:41:36.790Z

Content

Hello! I am trying to modify the primary_email_auth_enabled prop in patch user. i send it false but it does not update 😦 It returns 200. i am able to change other props but this one doesnt for some reason, is there a known bug?

This issue was automatically created from a Discord forum post using the stack-auth-bot.

Stack-Auth-Bot avatar May 15 '25 18:05 Stack-Auth-Bot

The user is using the API to try to change the value of primary_email_auth_enabled:

import { NextResponse } from "next/server";

// Stack Auth API URL
const STACK_AUTH_API_URL =
  process.env.STACK_AUTH_API_URL || "https://api.stack-auth.com/api/v1";

// Helper function to patch user data
async function patchUser(id, updateFields) {
  const response = await fetch(`${STACK_AUTH_API_URL}/users/${id}`, {
    method: "PATCH",
    headers: {
      "Content-Type": "application/json",
      "x-stack-access-type": "server",
      "x-stack-project-id": process.env.NEXT_PUBLIC_STACK_PROJECT_ID,
      "X-Stack-Secret-Server-Key": process.env.STACK_SECRET_SERVER_KEY,
    },
    body: JSON.stringify(updateFields), // Send as a JSON object, not a string
  });

  const data = await response.json();
  console.log("Stack Auth API Response:", data);

  if (!response.ok) {
    console.error("Error response from Stack Auth:", data);
    throw new Error("Failed to update user.");
  }

  return data; // Return the updated user data or response
}

export async function PATCH(request, context) {
  const { id } = await context.params;
  console.log("Request received to disable login for user:", id);

  try {
    const data = await patchUser(id, {
      primary_email_auth_enabled: false, // Send as an object
    });

    return NextResponse.json({
      message: "User login disabled successfully.",
      data,
    });
  } catch (error) {
    console.error("Error in disabling user login:", error);
    return NextResponse.json(
      { error: "Failed to disable user login." },
      { status: 500 }
    );
  }
}

They are getting a 200 response, but the value does not change to false.

Upon investigation, the issue seems to be within the API implementation:

apps>backend>src>app>api>latest>users>crud.tsx, line 725

const primaryEmailAuthEnabled = data.primary_email_auth_enabled || !!primaryEmailContactChannel?.usedForAuth;

Stack-Auth-Bot avatar May 15 '25 18:05 Stack-Auth-Bot

Potential fix via #697

Waiting on PR review

madster456 avatar May 23 '25 21:05 madster456

Test cases implemented for #697

Stack-Auth-Bot avatar May 28 '25 20:05 Stack-Auth-Bot