Page MenuHomePhabricator

[lib] Log out when invalidating session with authoritative keyserver in useKeyserverRecoveryLogIn
ClosedPublic

Authored by ashoat on Mar 6 2024, 4:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 10, 12:55 AM
Unknown Object (File)
Sat, Dec 28, 1:11 PM
Unknown Object (File)
Sat, Dec 28, 1:11 PM
Unknown Object (File)
Sat, Dec 28, 1:10 PM
Unknown Object (File)
Sat, Dec 28, 1:09 PM
Unknown Object (File)
Dec 5 2024, 3:47 AM
Unknown Object (File)
Dec 5 2024, 3:46 AM
Unknown Object (File)
Dec 5 2024, 3:46 AM
Subscribers
None

Details

Summary

This was discussed in ENG-7133.

Note that on web, keyserver session aren't currently invalidated via useKeyserverRecoveryLogIn, as we aren't able to attempt recovery since it depends on having access to user credentials. This will no longer be the case following the identity service launch, since user credentials will no longer be necessary for attempting keyserver session recovery. As such, I'm not going to bother doing anything special for web, since it will be supported via this mechanism relatively soon.

Depends on D11264

Test Plan
  • I hacked legacy-recover-keyserver-session.js to use the wrong password so the session recovery would fail
  • I started the iOS simulator and logged in using a test user
  • I opened the Redux Dev Tools
  • I deleted the test user's cookie from the MariaDB database: DELETE FROM cookies WHERE user = 6390578 AND platform = 'ios'
  • I sent a message as the test user
  • I confirmed that session recovery was triggered in the Redux dev tools
  • I confirmed that after session recovery failed, the user was logged out in the UI
  • Via Redux dev tools, I confirmed that after session recovery failed, LOG_OUT_STARTED and LOG_OUT_SUCCESS were dispatched

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

ashoat retitled this revision from t log[lib] Log out when invalidating session with authoritative keyserver in useKeyserverRecoveryLogIn to [lib] Log out when invalidating session with authoritative keyserver in useKeyserverRecoveryLogIn.Mar 6 2024, 4:26 PM
ashoat added inline comments.
lib/components/keyserver-connection-handler.js
92

Snuck this fix in

ashoat requested review of this revision.Mar 6 2024, 4:41 PM
lib/keyserver-conn/recovery-utils.js
184–191

Why do we want to dispatch this even if logout is dispatched?

lib/keyserver-conn/recovery-utils.js
184–191

It felt like a more risky change to remove this. In some cases, such as keyserver-reducer.js, data is not updated until logOutActionTypes.success is processed, which has some delay. In contrast, setNewSessionActionType is processed immediately

This revision is now accepted and ready to land.Mar 8 2024, 7:24 AM