[lib][web] Fix set_new_session action corrupting keyserverStore
ClosedPublic
Actions

Authored by inka on Jan 3 2024, 1:38 AM.

Details

Reviewers

michal
kamil
ginsu
ashoat

Commits

rCOMM1f59a307dfef: [lib][web] Fix set_new_session action corrupting keyserverStore

Summary

issue: https://linear.app/comm/issue/ENG-6097/set-new-session-action-for-new-keyserver-corrupts-keyserverstore
When the client calls the version or verifyInviteLink they may not yet be authenticated with that keyserver, and not have it in the store. The keyserver would send them a session change, resulting in setNewSessionActionType being dispatched, and the reducer would add the keyserver to the store but with incomplete data.
Because this action only sets a cookie and/or removes queuedActivityUpdates, we don't really need to do anything for a keyserver that is not in our store - the cookie sent by a keyserver the client is not connected to is an anonymous cookie, and we plan to remove anonymous cookies anyway, because they don't really do anything (ENG-4653).

A second change was needed in web, because the reducer in web is run before the reducers in lib, and it would also add the keyserver while trying to set a sessionID (which is just null in this case, so we also don't need to remeber it for anything).

Test Plan

Tested that adding a keyserver on web and native doesn't result in an error anymore, and that the setNewSessionActionType doesn't add the keyserver anymore
Tested that registration flow is not broken anymore
I tested all of those by reverting D10441 and connecting to my local keyserver as the second keyserver

Diff Detail

Repository

rCOMM Comm

Branch

inka/2_set_new_session

Lint

No Lint Coverage

Unit

No Test Coverage

Event Timeline

inka created this revision.Jan 3 2024, 1:38 AM

Herald added a subscriber: tomek. · View Herald TranscriptJan 3 2024, 1:38 AM

Harbormaster completed remote builds in B25444: Diff 35149.Jan 3 2024, 1:58 AM

inka requested review of this revision.Jan 3 2024, 1:58 AM

inka mentioned this in D10505: [lib][web][native] Check if keyserver is present in store when adding it, unmark temporary.Jan 3 2024, 2:59 AM

There is no reason to ever break the Redux state and crash the app. We don't expect to ever get a SET_NEW_SESSION with a user cookie when calling version or verify_invite_link, but if we do for some reason, we should print a warning instead of breaking the Redux state and crashing the app...

lib/reducers/keyserver-reducer.js
79–84 ↗	(On Diff #35149)	I think it's pretty much always a bad idea to set `cookie` when `!state.keyserverInfos[keyserverID]`. Here's what I would do instead
web/redux/redux-setup.js
168–173 ↗	(On Diff #35149)	Same thing here – if we get a user cookie, we should still avoid breaking the state. We can do a `console.log` here in that case