Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3379503
D11502.id38615.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
1 KB
Referenced Files
None
Subscribers
None
D11502.id38615.diff
View Options
diff --git a/lib/shared/session-utils.js b/lib/shared/session-utils.js
--- a/lib/shared/session-utils.js
+++ b/lib/shared/session-utils.js
@@ -84,6 +84,12 @@
);
}
+// actionCurrentUserInfo can either be the CurrentUserInfo at the time the
+// recovery began (preRequestUserInfo), or the CurrentUserInfo in the action.
+// We expect that for a recovery they should be the same. The intention is to
+// make sure that the CurrentUserInfo in Redux at the time this action is
+// processed is the same as the user from whom the recovery was attempted. If
+// that user has since logged out, we should ignore the result of the recovery.
function invalidSessionRecovery(
currentReduxState: AppState,
actionCurrentUserInfo: ?CurrentUserInfo,
@@ -92,15 +98,23 @@
if (
authActionSource !==
recoveryActionSources.cookieInvalidationResolutionAttempt &&
- authActionSource !== recoveryActionSources.socketAuthErrorResolutionAttempt
+ authActionSource !==
+ recoveryActionSources.socketAuthErrorResolutionAttempt &&
+ authActionSource !==
+ recoveryActionSources.appStartCookieLoggedInButInvalidRedux &&
+ authActionSource !==
+ recoveryActionSources.appStartReduxLoggedInButInvalidCookie &&
+ authActionSource !==
+ recoveryActionSources.refetchUserDataAfterAcknowledgment &&
+ authActionSource !== recoveryActionSources.socketNotLoggedIn
) {
return false;
}
+ invariant(authActionSource, 'authActionSource should be set');
invariant(
actionCurrentUserInfo,
- 'currentUserInfo (preRequestUserInfo) should be defined when ' +
- 'COOKIE_INVALIDATION_RESOLUTION_ATTEMPT or ' +
- 'SOCKET_AUTH_ERROR_RESOLUTION_ATTEMPT login is dispatched',
+ 'actionCurrentUserInfo should be passed to invalidSessionRecovery for ' +
+ `${authActionSource} login`,
);
if (actionCurrentUserInfo.anonymous) {
// It's not a session recovery if the CurrentUserInfo is anonymous
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Nov 28, 4:36 PM (22 h, 32 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2594446
Default Alt Text
D11502.id38615.diff (1 KB)
Attached To
Mode
D11502: [lib] Make invalidSessionRecovery work with all recoveryActionSources handled by KeyserverConnectionHandler
Attached
Detach File
Event Timeline
Log In to Comment