From 6c6004b58f941b08065ef5fc3cab7711aea52bd7 Mon Sep 17 00:00:00 2001
From: Nicolas Burtey <nb@galoy.io>
Date: Wed, 27 Sep 2023 18:45:03 +0100
Subject: [PATCH] fix: crash on error in sessionPublicContext

---
 src/servers/graphql-main-server.ts | 10 ++++++++++
 src/servers/middlewares/session.ts |  8 +++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/servers/graphql-main-server.ts b/src/servers/graphql-main-server.ts
index 2e934dcdc2..a6449363e6 100644
--- a/src/servers/graphql-main-server.ts
+++ b/src/servers/graphql-main-server.ts
@@ -15,6 +15,7 @@ import {
   ACCOUNT_USERNAME,
   SemanticAttributes,
   addAttributesToCurrentSpanAndPropagate,
+  recordExceptionInCurrentSpan,
 } from "@services/tracing"
 
 import { NextFunction, Request, Response } from "express"
@@ -45,6 +46,15 @@ const setGqlContext = async (
     ip,
   })
 
+  if (gqlContext instanceof Error) {
+    recordExceptionInCurrentSpan({
+      error: gqlContext,
+      fallbackMsg: "error executing sessionPublicContext",
+    })
+    next(gqlContext)
+    return
+  }
+
   req.gqlContext = gqlContext
 
   return addAttributesToCurrentSpanAndPropagate(
diff --git a/src/servers/middlewares/session.ts b/src/servers/middlewares/session.ts
index 921c6eac9b..7cabafd2f4 100644
--- a/src/servers/middlewares/session.ts
+++ b/src/servers/middlewares/session.ts
@@ -4,8 +4,6 @@ import { Accounts, Transactions } from "@app"
 import { recordExceptionInCurrentSpan } from "@services/tracing"
 import jsonwebtoken from "jsonwebtoken"
 
-import { mapError } from "@graphql/error-map"
-
 import { maybeExtendSession } from "@app/authentication"
 import { checkedToUserId } from "@domain/accounts"
 import { ValidationError } from "@domain/shared"
@@ -18,7 +16,7 @@ export const sessionPublicContext = async ({
 }: {
   tokenPayload: jsonwebtoken.JwtPayload
   ip: IpAddress | undefined
-}): Promise<GraphQLPublicContext> => {
+}): Promise<GraphQLPublicContext | Error> => {
   const logger = baseLogger.child({ tokenPayload })
 
   let domainAccount: Account | undefined
@@ -35,7 +33,7 @@ export const sessionPublicContext = async ({
     const userId = maybeUserId
     const account = await Accounts.getAccountFromUserId(userId)
     if (account instanceof Error) {
-      throw mapError(account)
+      return account
     } else {
       domainAccount = account
       // not awaiting on purpose. just updating metadata
@@ -51,7 +49,7 @@ export const sessionPublicContext = async ({
       }
 
       const userRes = await UsersRepository().findById(account.kratosUserId)
-      if (userRes instanceof Error) throw mapError(userRes)
+      if (userRes instanceof Error) return userRes
       user = userRes
     }
   }