improvement from code-review

HugoRCD · HugoRCD · commit 9221ddd00335 · 2026-04-15T19:34:47.000+01:00
diff --git a/bun.lock b/bun.lock
diff --git a/package.json b/package.json
@@ -76,7 +76,8 @@
     "vue-demi"
   ],
   "overrides": {
-    "vue": "3.5.32"
+    "vue": "3.5.32",
+    "@noble/hashes": "^1.7.2"
   },
   "patchedDependencies": {
     "vaul-vue@0.4.1": "patches/vaul-vue@0.4.1.patch"
diff --git a/packages/evlog/src/better-auth/index.ts b/packages/evlog/src/better-auth/index.ts
@@ -125,7 +125,12 @@ function extractUserData(
   const fields = options?.fields ?? DEFAULT_USER_FIELDS
   const data: Record<string, unknown> = {}
 
+  if (user.id !== undefined && user.id !== null) {
+    data.id = user.id
+  }
+
   for (const field of fields) {
+    if (field === 'id') continue
     const value = user[field]
     if (value === undefined || value === null) continue
 
@@ -297,7 +302,10 @@ export function createAuthMiddleware(
       if (options?.onAnonymous) await options.onAnonymous(log)
       return false
     } catch (err) {
+      const resolvedIn = Date.now() - start
+      log.set({ auth: { resolvedIn, identified: false, error: true } } as Record<string, unknown>)
       if (isDev) console.warn('[evlog/better-auth] Session resolution failed:', err)
+      if (options?.onAnonymous) await options.onAnonymous(log)
       return false
     }
   }
diff --git a/packages/evlog/test/better-auth/better-auth.test.ts b/packages/evlog/test/better-auth/better-auth.test.ts
@@ -159,6 +159,16 @@ describe('identifyUser', () => {
     expect(user.emailVerified).toBeUndefined()
   })
 
+  it('always includes id even when fields omits it', () => {
+    const log = createMockLogger()
+    identifyUser(log, createMockSession(), { fields: ['name', 'email'] })
+
+    const user = log.setCalls[0].user as Record<string, unknown>
+    expect(user.id).toBe('usr_123')
+    expect(user.name).toBe('Hugo Richard')
+    expect(user.email).toBe('hugo@example.com')
+  })
+
   it('handles string dates in session', () => {
     const log = createMockLogger()
     const session = createMockSession({
@@ -270,7 +280,7 @@ describe('createAuthMiddleware', () => {
     expect(authData.identified).toBe(false)
   })
 
-  it('catches errors silently', async () => {
+  it('catches errors and sets auth metadata with error flag', async () => {
     const log = createMockLogger()
     const auth = {
       api: {
@@ -281,6 +291,27 @@ describe('createAuthMiddleware', () => {
 
     const result = await identify(log, new Headers())
     expect(result).toBe(false)
+    const authData = log.setCalls.find(c => c.auth)?.auth as Record<string, unknown>
+    expect(authData).toBeDefined()
+    expect(authData.identified).toBe(false)
+    expect(authData.error).toBe(true)
+    expect(typeof authData.resolvedIn).toBe('number')
+  })
+
+  it('calls onAnonymous on error path', async () => {
+    const log = createMockLogger()
+    const auth = {
+      api: {
+        getSession: vi.fn(() => Promise.reject(new Error('DB down'))),
+      },
+    }
+    const onAnonymous = vi.fn()
+    const identify = createAuthMiddleware(auth, { onAnonymous })
+
+    await identify(log, new Headers())
+
+    expect(onAnonymous).toHaveBeenCalledOnce()
+    expect(onAnonymous).toHaveBeenCalledWith(log)
   })
 
   it('passes identify options through', async () => {
