Skip to content

Commit

Permalink
also move publicData to local storage and use cookiePrefix
Browse files Browse the repository at this point in the history
  • Loading branch information
flybayer committed Oct 2, 2021
1 parent b4561ae commit 235d47c
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 6 deletions.
17 changes: 13 additions & 4 deletions nextjs/packages/next/data-client/auth.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@ import BadBehavior from 'bad-behavior'
import {
COOKIE_CSRF_TOKEN,
COOKIE_PUBLIC_DATA_TOKEN,
LOCALSTORAGE_ANTICSRF,
LOCALSTORAGE_CSRF_TOKEN,
LOCALSTORAGE_PREFIX,
LOCALSTORAGE_PUBLIC_DATA_TOKEN,
} from './constants'
import {
deleteCookie,
Expand Down Expand Up @@ -81,6 +82,7 @@ class PublicDataStore {

clear() {
deleteCookie(COOKIE_PUBLIC_DATA_TOKEN())
localStorage.removeItem(LOCALSTORAGE_PUBLIC_DATA_TOKEN())
this.updateState(emptyPublicData)
}

Expand All @@ -95,7 +97,14 @@ class PublicDataStore {
}

private getToken() {
return readCookie(COOKIE_PUBLIC_DATA_TOKEN())
const cookieValue = readCookie(COOKIE_PUBLIC_DATA_TOKEN())
if (cookieValue) {
localStorage.setItem(LOCALSTORAGE_PUBLIC_DATA_TOKEN(), cookieValue)
deleteCookie(COOKIE_PUBLIC_DATA_TOKEN())
return cookieValue
} else {
return localStorage.getItem(LOCALSTORAGE_PUBLIC_DATA_TOKEN())
}
}
}
export const getPublicDataStore = (): PublicDataStore => {
Expand All @@ -108,11 +117,11 @@ export const getPublicDataStore = (): PublicDataStore => {
export const getAntiCSRFToken = () => {
const cookieValue = readCookie(COOKIE_CSRF_TOKEN())
if (cookieValue) {
localStorage.setItem(LOCALSTORAGE_ANTICSRF, cookieValue)
localStorage.setItem(LOCALSTORAGE_CSRF_TOKEN(), cookieValue)
deleteCookie(COOKIE_CSRF_TOKEN())
return cookieValue
} else {
return localStorage.getItem(LOCALSTORAGE_ANTICSRF)
return localStorage.getItem(LOCALSTORAGE_CSRF_TOKEN())
}
}

Expand Down
4 changes: 3 additions & 1 deletion nextjs/packages/next/data-client/constants.ts
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,6 @@ export const HEADER_SESSION_REVOKED = 'session-revoked'
export const HEADER_CSRF_ERROR = 'csrf-error'

export const LOCALSTORAGE_PREFIX = '_blitz-'
export const LOCALSTORAGE_ANTICSRF = `${LOCALSTORAGE_PREFIX}anticsrf`
export const LOCALSTORAGE_CSRF_TOKEN = () => `${prefix()}_sAntiCsrfToken`
export const LOCALSTORAGE_PUBLIC_DATA_TOKEN = () =>
`${prefix()}_sPublicDataToken`
3 changes: 2 additions & 1 deletion nextjs/packages/next/data-client/rpc.ts
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,8 @@ export function buildRpcClient({
json: payload.error,
meta: payload.meta?.error,
}) as any
// We don't clear the publicDataStore for anonymous users
// We don't clear the publicDataStore for anonymous users,
// because there is not sensitive data
if (
error.name === 'AuthenticationError' &&
getPublicDataStore().getData().userId
Expand Down

0 comments on commit 235d47c

Please sign in to comment.