From 5f5eedc7989111ce835b64d23bed03ccd1c2f878 Mon Sep 17 00:00:00 2001
From: Tom Butcher <thomasbutcher15@gmail.com>
Date: Sat, 7 Mar 2026 19:22:32 +0000
Subject: [PATCH] Enhanced user management in auth.js by ensuring user data is
 returned with expanded object IDs, updated user retrieval to use lean queries
 for performance, and added profile image support in user info response.

---
 src/services/misc/auth.js | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/services/misc/auth.js b/src/services/misc/auth.js
index 6b2f331..99ef1db 100644
--- a/src/services/misc/auth.js
+++ b/src/services/misc/auth.js
@@ -13,6 +13,7 @@ import {
   updateSessionKeycloakTokens,
   deleteSession,
 } from './sessionStore.js';
+import { expandObjectIds } from '../../utils.js';
 
 const logger = log4js.getLogger('Auth');
 logger.level = config.server.logLevel;
@@ -116,7 +117,7 @@ const fetchAndStoreUser = async (keycloakTokenData) => {
   };
 
   const user = await createOrUpdateUser(userInfo);
-  return { ...userInfo, _id: user._id };
+  return { ...userInfo, ...user };
 };
 
 // Exchange auth code for tokens, create Redis session, return our session token to client
@@ -244,7 +245,7 @@ export const loginCallbackRouteHandler = async (req, res, redirectType = 'web')
 const createOrUpdateUser = async (userInfo) => {
   try {
     const { username, email, name, firstName, lastName } = userInfo;
-    const existingUser = await userModel.findOne({ username });
+    const existingUser = await userModel.findOne({ username }).lean();
 
     if (existingUser) {
       const hasChanges =
@@ -266,9 +267,10 @@ const createOrUpdateUser = async (userInfo) => {
             },
           }
         );
-        return await userModel.findOne({ username });
+        return expandObjectIds(await userModel.findOne({ username }).lean());
       }
-      return existingUser;
+
+      return expandObjectIds(existingUser);
     }
 
     const newUser = new userModel({
@@ -279,21 +281,21 @@ const createOrUpdateUser = async (userInfo) => {
       lastName,
     });
     await newUser.save();
-    return newUser;
+    return expandObjectIds(newUser);
   } catch (error) {
     logger.error('Error creating/updating user:', error);
     throw error;
   }
 };
 
-export const userRouteHandler = (req, res) => {
+export const userRouteHandler = async (req, res) => {
   if (req.user) {
     const authHeader = req.headers.authorization || req.headers.Authorization;
     const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
     return res.json({
       access_token: token,
       expires_at: req.session?.expiresAt,
-      user: req.user,
+      user,
     });
   }
   res.status(401).json({ error: 'Not authenticated' });
@@ -371,6 +373,7 @@ export const getUserInfoHandler = (req, res) => {
     const userInfo = {
       id: req.user._id,
       email: req.user.email,
+      profileImage: req.user?.profileImage || null,
       name: req.user.name || `${req.user.firstName || ''} ${req.user.lastName || ''}`.trim(),
       roles: req.user.roles || [],
     };