bigbuffet/bigbuffet-rw
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'fix-mismatched-auth-users' into 'develop'

Browse source 
Delete mismatched auth users, fixes #613

Closes #613

See merge request soapbox-pub/soapbox-fe!475
This commit is contained in:
Alex Gleason 2021-04-13 17:22:43 +00:00
commit 82ed60e14f
2 changed files with 33 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
app/soapbox/reducers/__tests__/auth-test.js
View file

@ -154,6 +154,28 @@ describe('auth reducer', () => {
const result = reducer(state, action); const result = reducer(state, action);
expect(result.get('me')).toEqual('5678'); expect(result.get('me')).toEqual('5678');
}); });
it('deletes mismatched users', () => {
const action = {
type: VERIFY_CREDENTIALS_SUCCESS,
token: 'ABCDEFG',
account: { id: '1234' },
};
const state = fromJS({
users: { '4567': { id: '4567', access_token: 'ABCDEFG' } },
users: { '8901': { id: '1234', access_token: 'ABCDEFG' } },
users: { '5432': { id: '5432', access_token: 'HIJKLMN' } },
});
const expected = fromJS({
'1234': { id: '1234', access_token: 'ABCDEFG' },
'5432': { id: '5432', access_token: 'HIJKLMN' },
});
const result = reducer(state, action);
expect(result.get('users')).toEqual(expected);
});
}); });
describe('VERIFY_CREDENTIALS_FAIL', () => { describe('VERIFY_CREDENTIALS_FAIL', () => {

11
app/soapbox/reducers/auth.js
View file

@ -103,6 +103,16 @@ const upgradeLegacyId = (state, account) => {
// By this point it's probably safe, but we'll leave it just in case. // By this point it's probably safe, but we'll leave it just in case.
}; };
// Returns a predicate function for filtering a mismatched user/token
const userMismatch = (token, account) => {
return (user, id) => {
const sameToken = user.get('access_token') === token;
const differentId = id !== account.id || user.get('id') !== account.id;
return sameToken && differentId;
};
};
const importCredentials = (state, token, account) => { const importCredentials = (state, token, account) => {
return state.withMutations(state => { return state.withMutations(state => {
state.setIn(['users', account.id], ImmutableMap({ state.setIn(['users', account.id], ImmutableMap({
@ -110,6 +120,7 @@ const importCredentials = (state, token, account) => {
access_token: token, access_token: token,
})); }));
state.setIn(['tokens', token, 'account'], account.id); state.setIn(['tokens', token, 'account'], account.id);
state.update('users', ImmutableMap(), users => users.filterNot(userMismatch(token, account)));
state.update('me', null, me => me || account.id); state.update('me', null, me => me || account.id);
upgradeLegacyId(state, account); upgradeLegacyId(state, account);
}); });