Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't fill context.session if the session is invalid #6841

Merged
merged 14 commits into from
Oct 28, 2021
Merged

Conversation

dcousens
Copy link
Member

@dcousens dcousens commented Oct 27, 2021

Previously, the auth.*.test.ts tests checked authentication by enforcing that context.session.data exists, not by checking that context.session exists.
This thinking was somewhat proliferated throughout the examples by sometimes checking things like context.session?.data?.isAdmin, but, not necessarily consistently.
Many examples (see auth/schema.ts, examples-staging/ecommerce) actually use context.session?.data.isAdmin, which, previous to this change, could break.

I think the presence of a .session object itself is what indicates the session is valid, as provided by the session strategy.
The .session.data should additionally be guaranteed to exist, not optional depending on whether the user still exists.

This pull request enforces that the .data query succeeds and returns data, as a precondition to whether a .session is valid and provided.

@changeset-bot
Copy link

changeset-bot bot commented Oct 27, 2021

🦋 Changeset detected

Latest commit: b2a2d76

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@keystone-next/auth Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel
Copy link

vercel bot commented Oct 27, 2021

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/keystonejs/keystone-next-docs/7GZrHnc2tv4a7pmESinu3vPvRHxU
✅ Preview: https://keystone-next-docs-git-auth-find-one-keystonejs.vercel.app

@codesandbox-ci
Copy link

codesandbox-ci bot commented Oct 27, 2021

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

@vercel vercel bot temporarily deployed to Preview October 27, 2021 04:16 Inactive
@vercel vercel bot temporarily deployed to Preview October 27, 2021 05:48 Inactive
Copy link
Member

@emmatown emmatown left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs a changeset

@vercel vercel bot temporarily deployed to Preview October 28, 2021 00:25 Inactive
@vercel vercel bot temporarily deployed to Preview October 28, 2021 00:29 Inactive
@vercel vercel bot temporarily deployed to Preview October 28, 2021 00:32 Inactive
@vercel vercel bot temporarily deployed to Preview October 28, 2021 00:36 Inactive
@vercel vercel bot temporarily deployed to Preview October 28, 2021 00:39 Inactive
@dcousens dcousens merged commit 36174f8 into main Oct 28, 2021
@dcousens dcousens deleted the auth-find-one branch October 28, 2021 00:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants