chore: Auth plugin and admin guard UUID migration (#206) #212

New Issue

egullickson · 2026-02-16T15:01:35Z

egullickson commented

2026-02-16 15:01:35 +00:00

Relates to #206

Milestone 2: Auth plugin and admin guard

Update the auth plugin to use profile.id UUID as userContext.userId instead of raw JWT sub. Update admin guard to query by user_profile_id.

Files

backend/src/core/plugins/auth.plugin.ts
backend/src/core/plugins/admin-guard.plugin.ts

Key Changes

auth.plugin.ts: Rename userId to auth0Sub for JWT sub. After getOrCreate, set userId = profile.id
admin-guard.plugin.ts: Query WHERE user_profile_id = $1 instead of WHERE auth0_sub = $1

Acceptance Criteria

userContext.userId contains UUID format after authentication
Admin guard correctly identifies admin users by UUID
Auth0 Management API calls still work (use raw JWT sub)

Relates to #206 ## Milestone 2: Auth plugin and admin guard Update the auth plugin to use profile.id UUID as userContext.userId instead of raw JWT sub. Update admin guard to query by user_profile_id. ### Files - `backend/src/core/plugins/auth.plugin.ts` - `backend/src/core/plugins/admin-guard.plugin.ts` ### Key Changes - auth.plugin.ts: Rename `userId` to `auth0Sub` for JWT sub. After getOrCreate, set `userId = profile.id` - admin-guard.plugin.ts: Query `WHERE user_profile_id = $1` instead of `WHERE auth0_sub = $1` ### Acceptance Criteria - [ ] userContext.userId contains UUID format after authentication - [ ] Admin guard correctly identifies admin users by UUID - [ ] Auth0 Management API calls still work (use raw JWT sub)

egullickson added the

labels 2026-02-16 15:02:03 +00:00

egullickson added this to the Sprint 2026-02-02 milestone 2026-02-16 15:02:07 +00:00

egullickson referenced this issue

2026-02-16 15:55:46 +00:00

chore: Migrate user identity from auth0_sub to MVP-generated UUID #206

egullickson referenced this issue

2026-02-16 16:21:45 +00:00