diff --git a/integration-tests/http/__tests__/auth/admin/auth.spec.ts b/integration-tests/http/__tests__/auth/admin/auth.spec.ts index c312b6977eae1..6c96e3314ce0f 100644 --- a/integration-tests/http/__tests__/auth/admin/auth.spec.ts +++ b/integration-tests/http/__tests__/auth/admin/auth.spec.ts @@ -12,7 +12,8 @@ medusaIntegrationTestRunner({ await createAdminUser(dbConnection, adminHeaders, getContainer()) }) - it.only("test the entire authentication flow", async () => { + // TODO: This test won't work since we don't allow creating a user through HTTP. We need to have the invite flow plugged in here. + it.skip("test the entire authentication flow", async () => { // BREAKING: `/admin/auth` changes to `/auth/user/emailpass` const signup = await api.post("/auth/user/emailpass", { email: "newadmin@medusa.js", diff --git a/packages/medusa/src/api/admin/users/middlewares.ts b/packages/medusa/src/api/admin/users/middlewares.ts index 68f05967e266f..70be5773fde59 100644 --- a/packages/medusa/src/api/admin/users/middlewares.ts +++ b/packages/medusa/src/api/admin/users/middlewares.ts @@ -1,7 +1,6 @@ import * as QueryConfig from "./query-config" import { - AdminCreateUser, AdminGetUserParams, AdminGetUsersParams, AdminUpdateUser, @@ -26,18 +25,6 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [ ), ], }, - { - method: ["POST"], - matcher: "/admin/users", - middlewares: [ - authenticate("user", ["bearer", "session"], { allowUnregistered: true }), - validateAndTransformBody(AdminCreateUser), - validateAndTransformQuery( - AdminGetUserParams, - QueryConfig.retrieveTransformQueryConfig - ), - ], - }, { method: ["GET"], matcher: "/admin/users/:id", diff --git a/packages/medusa/src/api/admin/users/route.ts b/packages/medusa/src/api/admin/users/route.ts index 8cd8d411318aa..48c23c54cf813 100644 --- a/packages/medusa/src/api/admin/users/route.ts +++ b/packages/medusa/src/api/admin/users/route.ts @@ -1,15 +1,12 @@ -import { createUserAccountWorkflow } from "@medusajs/core-flows" -import { CreateUserDTO, HttpTypes } from "@medusajs/types" +import { HttpTypes } from "@medusajs/types" import { ContainerRegistrationKeys, - MedusaError, remoteQueryObjectFromString, } from "@medusajs/utils" import { AuthenticatedMedusaRequest, MedusaResponse, } from "../../../types/routing" -import { refetchUser } from "./helpers" export const GET = async ( req: AuthenticatedMedusaRequest, @@ -35,34 +32,4 @@ export const GET = async ( }) } -export const POST = async ( - req: AuthenticatedMedusaRequest, - res: MedusaResponse -) => { - // If `actor_id` is present, the request carries authentication for an existing user - if (req.auth_context.actor_id) { - throw new MedusaError( - MedusaError.Types.INVALID_DATA, - "Request carries authentication for an existing user" - ) - } - - const input = { - input: { - userData: req.validatedBody, - authIdentityId: req.auth_context.auth_identity_id, - }, - } - - const { result } = await createUserAccountWorkflow(req.scope).run(input) - - const user = await refetchUser( - result.id, - req.scope, - req.remoteQueryConfig.fields - ) - - res.status(200).json({ user }) -} - export const AUTHENTICATE = false