refactor: user authuser 2

[mikeallisonJS]

Summary by CodeRabbit

• Refactor

  • Restructured user types to separate authenticated and anonymous users; API queries and mutations now return the authenticated user type.
  • Playlist owner references updated to use the authenticated user type.

• New Features

  • Added an AnonymousUser public type and a UserInvite type to represent invites and anonymous participants.

[coderabbitai]

Walkthrough

Replaces the public/federated User surface with AuthenticatedUser, introduces AnonymousUser and UserInvite, updates federation extensions and references, and adjusts exports, implementations, tests, and mocks across multiple GraphQL services and modules.

Changes

Cohort / File(s)	Summary
API Gateway schema apis/api-gateway/schema.graphql	Changed mutation/query return types from User→AuthenticatedUser; added AnonymousUser and UserInvite; updated Playlist.owner and references to use AuthenticatedUser.
api-journeys-modern schema & builder apis/api-journeys-modern/schema.graphql, apis/api-journeys-modern/src/schema/builder.ts	Added AnonymousUser public type; removed User public type; removed unused env import.
api-journeys-modern user refs apis/api-journeys-modern/src/schema/user/index.ts, apis/api-journeys-modern/src/schema/user/user.ts	Replaced UserRef export with AnonymousUserRef; introduced AuthenticatedUserRef (external) and local, shareable AnonymousUserRef (objectRef); updated implementations.
api-journeys service extensions apis/api-journeys/schema.graphql, apis/api-journeys/src/app/modules/user/user.graphql, apis/api-journeys/src/app/modules/userTeam/userTeam.graphql	Added/relocated federation extensions for AuthenticatedUser and AnonymousUser; removed duplicate AuthenticatedUser extensions; added AnonymousUser to _Entity union.
api-media user & playlist apis/api-media/schema.graphql, apis/api-media/src/schema/user/*, apis/api-media/src/schema/playlist/playlist.ts, apis/api-media/src/schema/user/user.spec.ts	Removed public User entity and UserRef; exported AuthenticatedUserRef only; updated Playlist.owner to AuthenticatedUserRef; adjusted tests to use AuthenticatedUser.
api-users user objects & entity apis/api-users/schema.graphql, apis/api-users/src/schema/user/objects/index.ts, apis/api-users/src/schema/user/objects/user.ts, apis/api-users/src/schema/user/user.ts	Removed public User; added AnonymousUser and AuthenticatedUser entities; migrated resolver/export logic to AuthenticatedUser; changed AuthenticatedUser.email to explicit resolver with fallback; simplified AnonymousUser resolveReference.
Journeys-admin tests & mocks apps/journeys-admin/src/components/.../NavigationDrawer.*, apps/journeys-admin/src/components/.../UserMenu.spec.tsx, apps/journeys-admin/src/libs/useCurrentUserLazyQuery/*	Updated mock/test fixtures and default placeholders: __typename changed from User → AuthenticatedUser across stories, specs, and mock/default return values.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

• refactor: journeys return authenticated user #8723 — Refactors replacing User with AuthenticatedUser across schemas and resolver implementations (highly overlapping changes).
• feat: extend authuser 4 #8690 — Modifies federated AuthenticatedUser surface and references in api-media and api-gateway (shared affected modules).
• feat: extend authuser 1 #8681 — Updates AuthenticatedUser federation declarations and cross-service schema extensions (related federation adjustments).

Suggested reviewers

• csiyang

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The PR title 'refactor: user authuser 2' is vague and lacks specificity about the actual changes made. While it hints at refactoring user-related code with AuthenticatedUser, it fails to clearly communicate the main objective of replacing the generic User type with AuthenticatedUser across multiple APIs and GraphQL schemas.	Revise the title to be more specific, such as 'refactor: replace User type with AuthenticatedUser across APIs' or 'refactor: split User type into AuthenticatedUser and AnonymousUser', to clearly convey the primary change.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 00-00-MA-refactor-user-authuser-2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 29fa606

Command	Status	Duration	Result
nx run short-links-e2e:e2e	✅ Succeeded	6s	View ↗
nx run journeys-admin-e2e:e2e	✅ Succeeded	31s	View ↗
nx run journeys-e2e:e2e	✅ Succeeded	22s	View ↗
nx run watch-e2e:e2e	✅ Succeeded	29s	View ↗
nx run resources-e2e:e2e	✅ Succeeded	24s	View ↗
nx run player-e2e:e2e	✅ Succeeded	4s	View ↗
nx run videos-admin-e2e:e2e	✅ Succeeded	4s	View ↗
nx run-many --target=vercel-alias --projects=jo...	✅ Succeeded	2s	View ↗
Additional runs (20)	✅ Succeeded	...	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-02-18 21:13:48 UTC

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
short-links	✅ Ready	short-links preview	Thu Feb 19 10:06:28 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
journeys	✅ Ready	journeys preview	Thu Feb 19 10:06:08 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
player	✅ Ready	player preview	Thu Feb 19 10:05:58 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
videos-admin	✅ Ready	videos-admin preview	Thu Feb 19 10:07:01 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
watch	✅ Ready	watch preview	Thu Feb 19 10:06:53 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
resources	✅ Ready	resources preview	Thu Feb 19 10:07:04 NZDT 2026

[github-actions]

The latest updates on your projects.

Name	Status	Preview	Updated (UTC)
journeys-admin	✅ Ready	journeys-admin preview	Thu Feb 19 10:08:15 NZDT 2026

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apis/api-users/src/schema/user/user.ts (1)

39-44: ⚠️ Potential issue | 🟡 Minor

Log message references old type name "User" instead of "AuthenticatedUser".

Line 41 still reads "Federation: Error resolving User entity for userId: …". Since this entity is now AuthenticatedUser, the log should match for grep-ability and consistency.

Proposed fix

-        `Federation: Error resolving User entity for userId: ${id}`,
+        `Federation: Error resolving AuthenticatedUser entity for userId: ${id}`,

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apis/api-users/src/schema/user/user.ts` around lines 39 - 44, Log message in
the catch block for resolving the federated user entity still uses the old type
name "User"; update the string used in the console.error within the
resolveReference (or equivalent) function so it references "AuthenticatedUser"
(e.g., change `"Federation: Error resolving User entity for userId: ${id}"` to
use "AuthenticatedUser") and scan for any other console.error/log occurrences in
the same file (user.ts) that still mention "User" to make them consistent for
grep-ability.

🧹 Nitpick comments (1)

apis/api-journeys-modern/src/schema/user/user.ts (1)

9-15: Remove the redundant empty fields block in AuthenticatedUserRef.implement().

The empty fields: (t) => ({}) is unnecessary — implement() for an external ref only requires externalFields. This also makes the comment inside vacuous.

♻️ Proposed fix

 AuthenticatedUserRef.implement({
-  externalFields: (t) => ({ id: t.id({ nullable: false }) }),
-  fields: (t) => ({
-    // No additional fields needed - this is just the external reference
-  })
+  externalFields: (t) => ({ id: t.id({ nullable: false }) })
 })

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apis/api-journeys-modern/src/schema/user/user.ts` around lines 9 - 15, Remove
the redundant empty fields block inside AuthenticatedUserRef.implement(): keep
only the externalFields definition (externalFields: (t) => ({ id: t.id({
nullable: false }) })) and delete the fields: (t) => ({ /* ... */ }) entry and
its comment so the implementation is just the externalFields for the external
reference.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apis/api-gateway/schema.graphql`:
- Around line 2189-2191: AnonymousUser is defined only as an extension in
API_JOURNEYS and other subgraphs lack a primary `@key` owner, so pick one subgraph
to own the entity: remove extension: true from the chosen subgraph’s
AnonymousUser declaration and add a non-extension `@key`(fields: "id") to that
type (e.g., in API_USERS or API_JOURNEYS_MODERN), or alternatively ensure
AnonymousUser is never referenced across subgraphs; update the type declarations
for AnonymousUser and the `@join__type` annotations accordingly so one subgraph is
the primary owner with a `@key` on id while others remain extensions or shareable.

In `@apis/api-journeys/src/app/modules/user/user.graphql`:
- Around line 5-7: The AnonymousUser type extension incorrectly adds
`@key`(fields: "id") without marking the id field `@external` or providing a
__resolveReference resolver; remove the `@key` directive from the AnonymousUser
extension in this module unless you intend to make it a federated entity, in
which case mark the id field with `@external` and implement a __resolveReference
resolver for AnonymousUser that delegates to the owning service (matching the
entity resolution pattern used for AuthenticatedUser) so federation composition
stays consistent.

---

Outside diff comments:
In `@apis/api-users/src/schema/user/user.ts`:
- Around line 39-44: Log message in the catch block for resolving the federated
user entity still uses the old type name "User"; update the string used in the
console.error within the resolveReference (or equivalent) function so it
references "AuthenticatedUser" (e.g., change `"Federation: Error resolving User
entity for userId: ${id}"` to use "AuthenticatedUser") and scan for any other
console.error/log occurrences in the same file (user.ts) that still mention
"User" to make them consistent for grep-ability.

---

Duplicate comments:
In `@apis/api-journeys/schema.graphql`:
- Around line 2701-2711: The AnonymousUser extension erroneously declares `@key`
without marking its id as `@external`, which causes this subgraph to declare
AnonymousUser as a federation entity; update the AnonymousUser block to match
AuthenticatedUser by marking id as `@external` (i.e., change "id: ID!" to "id: ID!
`@external`") or remove the `@key` directive entirely if this subgraph should not
own the key; target the AnonymousUser type, its `@key`(fields: \"id\") directive,
and the id field in the schema definition to make the fix.

---

Nitpick comments:
In `@apis/api-journeys-modern/src/schema/user/user.ts`:
- Around line 9-15: Remove the redundant empty fields block inside
AuthenticatedUserRef.implement(): keep only the externalFields definition
(externalFields: (t) => ({ id: t.id({ nullable: false }) })) and delete the
fields: (t) => ({ /* ... */ }) entry and its comment so the implementation is
just the externalFields for the external reference.

[coderabbitai]

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@apis/api-gateway/schema.graphql`:
- Around line 2189-2191: The API_JOURNEYS_MODERN `@join__type` for AnonymousUser
currently has no key so it should not be resolving entity references; inspect
the api-journeys-modern schema and resolver code for any fields that return
AnonymousUser and if you find any, add a proper `@join__type`(..., key: "id") on
AnonymousUser in the api-journeys-modern subgraph and implement a
__resolveReference resolver in that service to return the entity (or
alternatively change those fields to return a type the subgraph already owns);
if no such fields exist, leave the join__type as extension-only and no resolver
is required.

[stage-branch-merger]

I see you added the "on stage" label, I'll get this merged to the stage branch!

[stage-branch-merger]

Merge conflict attempting to merge this into stage. Please fix manually.