refactor(core): Remove all legacy auth middleware code (no-changelog) (#8755)

packages/cli/src/services/user.service.ts

@@ -1,17 +1,15 @@
 import { Container, Service } from 'typedi';
-import { type AssignableRole, User } from '@db/entities/User';
 import type { IUserSettings } from 'n8n-workflow';
+import { ApplicationError, ErrorReporterProxy as ErrorReporter } from 'n8n-workflow';
+
+import { type AssignableRole, User } from '@db/entities/User';
 import { UserRepository } from '@db/repositories/user.repository';
 import type { PublicUser } from '@/Interfaces';
 import type { PostHogClient } from '@/posthog';
-import { type JwtPayload, JwtService } from './jwt.service';
-import { TokenExpiredError } from 'jsonwebtoken';
 import { Logger } from '@/Logger';
-import { createPasswordSha } from '@/auth/jwt';
 import { UserManagementMailer } from '@/UserManagement/email';
 import { InternalHooks } from '@/InternalHooks';
 import { UrlService } from '@/services/url.service';
-import { ApplicationError, ErrorReporterProxy as ErrorReporter } from 'n8n-workflow';
 import type { UserRequest } from '@/requests';
 import { InternalServerError } from '@/errors/response-errors/internal-server.error';
 
@@ -20,7 +18,6 @@ export class UserService {
 	constructor(
 		private readonly logger: Logger,
 		private readonly userRepository: UserRepository,
-		private readonly jwtService: JwtService,
 		private readonly mailer: UserManagementMailer,
 		private readonly urlService: UrlService,
 	) {}
@@ -39,57 +36,6 @@ export class UserService {
 		return await this.userRepository.update(userId, { settings: { ...settings, ...newSettings } });
 	}
 
-	generatePasswordResetToken(user: User, expiresIn = '20m') {
-		return this.jwtService.sign(
-			{ sub: user.id, passwordSha: createPasswordSha(user) },
-			{ expiresIn },
-		);
-	}
-
-	generatePasswordResetUrl(user: User) {
-		const instanceBaseUrl = this.urlService.getInstanceBaseUrl();
-		const url = new URL(`${instanceBaseUrl}/change-password`);
-
-		url.searchParams.append('token', this.generatePasswordResetToken(user));
-		url.searchParams.append('mfaEnabled', user.mfaEnabled.toString());
-
-		return url.toString();
-	}
-
-	async resolvePasswordResetToken(token: string): Promise<User | undefined> {
-		let decodedToken: JwtPayload & { passwordSha: string };
-		try {
-			decodedToken = this.jwtService.verify(token);
-		} catch (e) {
-			if (e instanceof TokenExpiredError) {
-				this.logger.debug('Reset password token expired', { token });
-			} else {
-				this.logger.debug('Error verifying token', { token });
-			}
-			return;
-		}
-
-		const user = await this.userRepository.findOne({
-			where: { id: decodedToken.sub },
-			relations: ['authIdentities'],
-		});
-
-		if (!user) {
-			this.logger.debug(
-				'Request to resolve password token failed because no user was found for the provided user ID',
-				{ userId: decodedToken.sub, token },
-			);
-			return;
-		}
-
-		if (createPasswordSha(user) !== decodedToken.passwordSha) {
-			this.logger.debug('Password updated since this token was generated');
-			return;
-		}
-
-		return user;
-	}
-
 	async toPublic(
 		user: User,
 		options?: {