Use set_config() to set 'uniphant.user_id' to the authenticated user

FUNCTIONS/auth.sql

@@ -6,7 +6,24 @@ SET search_path TO public, pg_temp
 AS $$
 DECLARE
 _resource_id integer;
+_user_id bigint;
 BEGIN
+
+SELECT access_tokens.user_id
+INTO _user_id
+FROM access_tokens
+WHERE access_tokens.access_token = NULLIF(current_setting('request.cookie.access_token', TRUE),'')::uuid
+AND (access_tokens.expire_at > now()) IS NOT FALSE;
+IF NOT FOUND THEN
+  _user_id := 1; -- anonymous
+END IF;
+
+IF set_config('uniphant.user_id',_user_id::text,TRUE) = _user_id::text THEN
+  -- Assert OK
+ELSE
+  RAISE EXCEPTION 'Bug! set_config() did not return the value';
+END IF;
+
 SELECT resource_id
 INTO  _resource_id
 FROM resources

FUNCTIONS/user_id.sql

@@ -5,11 +5,5 @@ LANGUAGE sql
 SECURITY DEFINER
 SET search_path TO public, pg_temp
 AS $$
-SELECT COALESCE(
-  (SELECT access_tokens.user_id
-  FROM access_tokens
-  WHERE access_tokens.access_token = NULLIF(current_setting('request.cookie.access_token', TRUE),'')::uuid
-  AND (access_tokens.expire_at > now()) IS NOT FALSE),
-  1 -- anonymous
-)
+SELECT current_setting('uniphant.user_id',FALSE)::bigint
 $$;

demo/index.html

@@ -392,12 +392,12 @@ <h1 class="pre">🦄🐘uniphant</h1>
   }
 
   function generate_key_from_challenge() {
-    if (document.getElementById("challenge").value === "") {
+    let challenge = document.getElementById("challenge");
+    if (challenge.value === "") {
       document.getElementById("log").innerHTML += "please enter the challenge\n";
-      document.getElementById("challenge").focus();
+      challenge.focus();
       return;
     }
-    let challenge = document.getElementById("challenge");
     get_credential_creation_options(challenge.value);
     challenge.value = "";
     refresh();