outline/app/stores/AuthStore.js

// @flow
import { observable, action, computed, autorun, runInAction } from 'mobx';
import invariant from 'invariant';
import { getCookie, setCookie, removeCookie } from 'tiny-cookie';
import { client } from 'utils/ApiClient';
import { stripSubdomain } from 'shared/utils/domains';
import RootStore from 'stores/RootStore';
import User from 'models/User';
import Team from 'models/Team';

const AUTH_STORE = 'AUTH_STORE';

export default class AuthStore {
  @observable user: ?User;
  @observable team: ?Team;
  @observable token: ?string;
  @observable isSaving: boolean = false;
  @observable isSuspended: boolean = false;
  @observable suspendedContactEmail: ?string;
  rootStore: RootStore;

  constructor(rootStore: RootStore) {
    // Rehydrate
    let data = {};
    try {
      data = JSON.parse(localStorage.getItem(AUTH_STORE) || '{}');
    } catch (_) {
      // no-op Safari private mode
    }

    this.rootStore = rootStore;
    this.user = data.user;
    this.team = data.team;
    this.token = getCookie('accessToken');

    if (this.token) setImmediate(() => this.fetch());

    autorun(() => {
      try {
        localStorage.setItem(AUTH_STORE, this.asJson);
      } catch (_) {
        // no-op Safari private mode
      }
    });
  }

  @computed
  get authenticated(): boolean {
    return !!this.token;
  }

  @computed
  get asJson(): string {
    return JSON.stringify({
      user: this.user,
      team: this.team,
    });
  }

  @action
  fetch = async () => {
    try {
      const res = await client.post('/auth.info');
      invariant(res && res.data, 'Auth not available');

      runInAction('AuthStore#fetch', () => {
        const { user, team } = res.data;
        this.user = user;
        this.team = team;

        if (window.Bugsnag) {
          Bugsnag.user = {
            id: user.id,
            name: user.name,
            teamId: team.id,
            team: team.name,
          };
        }
      });
    } catch (err) {
      if (err.error === 'user_suspended') {
        this.isSuspended = true;
        this.suspendedContactEmail = err.data.adminEmail;
      }
    }
  };

  @action
  deleteUser = async () => {
    await client.post(`/users.delete`, { confirmation: true });

    runInAction('AuthStore#updateUser', () => {
      this.user = null;
      this.team = null;
      this.token = null;
    });
  };

  @action
  updateUser = async (params: { name?: string, avatarUrl: ?string }) => {
    this.isSaving = true;

    try {
      const res = await client.post(`/users.update`, params);
      invariant(res && res.data, 'User response not available');

      runInAction('AuthStore#updateUser', () => {
        this.user = res.data;
      });
    } finally {
      this.isSaving = false;
    }
  };

  @action
  updateTeam = async (params: {
    name?: string,
    avatarUrl?: ?string,
    sharing?: boolean,
  }) => {
    this.isSaving = true;

    try {
      const res = await client.post(`/team.update`, params);
      invariant(res && res.data, 'Team response not available');

      runInAction('AuthStore#updateTeam', () => {
        this.team = res.data;
      });
    } finally {
      this.isSaving = false;
    }
  };

  @action
  logout = async () => {
    this.user = null;
    this.token = null;

    // remove authentication token itself
    removeCookie('accessToken', { path: '/' });

    // remove session record on apex cookie
    const team = this.team;
    if (team) {
      const sessions = JSON.parse(getCookie('sessions') || '{}');
      delete sessions[team.id];

      setCookie('sessions', JSON.stringify(sessions), {
        domain: stripSubdomain(window.location.hostname),
      });
      this.team = null;
    }

    // add a timestamp to force reload from server
    window.location.href = `${BASE_URL}?done=${new Date().getTime()}`;
  };
}
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`// @flow`
Request auth on first load with existing token 2017-11-27 06:26:02 +00:00			`import { observable, action, computed, autorun, runInAction } from 'mobx';`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`import invariant from 'invariant';`
Fixes: Unexpected token parsing sessions cookie (#905) 2019-03-02 22:58:56 +00:00			`import { getCookie, setCookie, removeCookie } from 'tiny-cookie';`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`import { client } from 'utils/ApiClient';`
accessToken per subdomain 2018-11-10 07:40:33 +00:00			`import { stripSubdomain } from 'shared/utils/domains';`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			`import RootStore from 'stores/RootStore';`
			`import User from 'models/User';`
			`import Team from 'models/Team';`
Separated user and auth stores 2017-05-30 02:08:03 +00:00
			`const AUTH_STORE = 'AUTH_STORE';`

Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			`export default class AuthStore {`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`@observable user: ?User;`
			`@observable team: ?Team;`
			`@observable token: ?string;`
Toast type (success/warning/etc) 2018-05-31 19:07:49 +00:00			`@observable isSaving: boolean = false;`
UI to prevent suspended users viewing the application 2018-03-05 06:18:23 +00:00			`@observable isSuspended: boolean = false;`
added suspending admin email to error screen 2018-03-07 07:38:52 +00:00			`@observable suspendedContactEmail: ?string;`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			`rootStore: RootStore;`
Separated user and auth stores 2017-05-30 02:08:03 +00:00
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			`constructor(rootStore: RootStore) {`
			`// Rehydrate`
			`let data = {};`
			`try {`
			`data = JSON.parse(localStorage.getItem(AUTH_STORE) \|\| '{}');`
			`} catch (_) {`
			`// no-op Safari private mode`
			`}`

			`this.rootStore = rootStore;`
			`this.user = data.user;`
			`this.team = data.team;`
Fixes: Unexpected token parsing sessions cookie (#905) 2019-03-02 22:58:56 +00:00			`this.token = getCookie('accessToken');`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00
			`if (this.token) setImmediate(() => this.fetch());`

			`autorun(() => {`
			`try {`
			`localStorage.setItem(AUTH_STORE, this.asJson);`
			`} catch (_) {`
			`// no-op Safari private mode`
			`}`
			`});`
			`}`
Separated user and auth stores 2017-05-30 02:08:03 +00:00
Upgrade prettier 2017-11-10 22:14:30 +00:00			`@computed`
			`get authenticated(): boolean {`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`return !!this.token;`
			`}`

Upgrade prettier 2017-11-10 22:14:30 +00:00			`@computed`
			`get asJson(): string {`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`return JSON.stringify({`
			`user: this.user,`
			`team: this.team,`
			`});`
			`}`

Request auth on first load with existing token 2017-11-27 06:26:02 +00:00			`@action`
			`fetch = async () => {`
			`try {`
			`const res = await client.post('/auth.info');`
			`invariant(res && res.data, 'Auth not available');`

			`runInAction('AuthStore#fetch', () => {`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			`const { user, team } = res.data;`
			`this.user = user;`
			`this.team = team;`

			`if (window.Bugsnag) {`
			`Bugsnag.user = {`
			`id: user.id,`
			`name: user.name,`
			`teamId: team.id,`
			`team: team.name,`
			`};`
			`}`
Request auth on first load with existing token 2017-11-27 06:26:02 +00:00			`});`
In my testing this fixes the redirect loop on logout 2018-02-13 06:44:43 +00:00			`} catch (err) {`
Fixes: Error when user is suspended by deleted user Fixes: Suspended user interface never displayed 2019-02-16 05:49:48 +00:00			`if (err.error === 'user_suspended') {`
UI to prevent suspended users viewing the application 2018-03-05 06:18:23 +00:00			`this.isSuspended = true;`
Fixes: Error when user is suspended by deleted user Fixes: Suspended user interface never displayed 2019-02-16 05:49:48 +00:00			`this.suspendedContactEmail = err.data.adminEmail;`
UI to prevent suspended users viewing the application 2018-03-05 06:18:23 +00:00			`}`
Request auth on first load with existing token 2017-11-27 06:26:02 +00:00			`}`
			`};`
Separated user and auth stores 2017-05-30 02:08:03 +00:00
Done. Needs testing once back online 2018-07-07 23:09:39 +00:00			`@action`
			`deleteUser = async () => {`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			await client.post(`/users.delete`, { confirmation: true });
Done. Needs testing once back online 2018-07-07 23:09:39 +00:00
			`runInAction('AuthStore#updateUser', () => {`
			`this.user = null;`
			`this.team = null;`
			`this.token = null;`
			`});`
			`};`

Merge ErrorsStore into UiStore 2018-05-31 18:42:39 +00:00			`@action`
Fixes: Save profile picture automatically after upload Fix jank when cropping large photos 2018-11-18 02:25:10 +00:00			`updateUser = async (params: { name?: string, avatarUrl: ?string }) => {`
Toast type (success/warning/etc) 2018-05-31 19:07:49 +00:00			`this.isSaving = true;`
Merge ErrorsStore into UiStore 2018-05-31 18:42:39 +00:00
Toast type (success/warning/etc) 2018-05-31 19:07:49 +00:00			`try {`
Base model refactor (#810) * Big upgrades * WIP: Stash * Stash, 30 flow errors left * Downgrade mobx * WIP * When I understand the difference between class and instance methods * :green_heart: * Fixes: File import Model saving edge cases pinning and starring docs Collection editing Upgrade mobx devtools * Notification settings saving works * Disabled settings * Document mailer * Working notifications * Colletion created notification Ensure not notified for own actions * Tidy up * Document updated event only for document creation Add indexes Notification setting on user creation * Commentary * Fixed: Notification setting on signup * Fix document move / duplicate stale data Add BaseModel.refresh method * Fixes: Title in sidebar not updated after editing document * :green_heart: * Improve / restore error handling Better handle offline errors * :shirt: 2018-12-05 06:24:30 +00:00			const res = await client.post(`/users.update`, params);
Toast type (success/warning/etc) 2018-05-31 19:07:49 +00:00			`invariant(res && res.data, 'User response not available');`

			`runInAction('AuthStore#updateUser', () => {`
			`this.user = res.data;`
Team details settings page 2018-05-31 19:44:32 +00:00			`});`
			`} finally {`
			`this.isSaving = false;`
			`}`
			`};`

			`@action`
Share Permissions (#761) * Share restrictions * Tweak language, add spec 2018-08-19 23:06:39 +00:00			`updateTeam = async (params: {`
			`name?: string,`
			`avatarUrl?: ?string,`
			`sharing?: boolean,`
			`}) => {`
Team details settings page 2018-05-31 19:44:32 +00:00			`this.isSaving = true;`

			`try {`
			const res = await client.post(`/team.update`, params);
			`invariant(res && res.data, 'Team response not available');`

			`runInAction('AuthStore#updateTeam', () => {`
			`this.team = res.data;`
Toast type (success/warning/etc) 2018-05-31 19:07:49 +00:00			`});`
			`} finally {`
			`this.isSaving = false;`
			`}`
Merge ErrorsStore into UiStore 2018-05-31 18:42:39 +00:00			`};`

Upgrade prettier 2017-11-10 22:14:30 +00:00			`@action`
In my testing this fixes the redirect loop on logout 2018-02-13 06:44:43 +00:00			`logout = async () => {`
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`this.user = null;`
			`this.token = null;`
In my testing this fixes the redirect loop on logout 2018-02-13 06:44:43 +00:00
Iterate, iterate 2018-11-11 22:23:31 +00:00			`// remove authentication token itself`
Fixes: Unexpected token parsing sessions cookie (#905) 2019-03-02 22:58:56 +00:00			`removeCookie('accessToken', { path: '/' });`
accessToken per subdomain 2018-11-10 07:40:33 +00:00
Iterate, iterate 2018-11-11 22:23:31 +00:00			`// remove session record on apex cookie`
			`const team = this.team;`
			`if (team) {`
Fixes: Unexpected token parsing sessions cookie (#905) 2019-03-02 22:58:56 +00:00			`const sessions = JSON.parse(getCookie('sessions') \|\| '{}');`
Fixes: handling of www subdomain in production Hanging sessions when subdomain changes 2018-11-14 07:08:27 +00:00			`delete sessions[team.id];`
accessToken per subdomain 2018-11-10 07:40:33 +00:00
Fixes: Unexpected token parsing sessions cookie (#905) 2019-03-02 22:58:56 +00:00			`setCookie('sessions', JSON.stringify(sessions), {`
accessToken per subdomain 2018-11-10 07:40:33 +00:00			`domain: stripSubdomain(window.location.hostname),`
			`});`
			`this.team = null;`
			`}`
Fix logout loop 2018-05-30 05:18:11 +00:00
			`// add a timestamp to force reload from server`
			window.location.href = `${BASE_URL}?done=${new Date().getTime()}`;
Separated user and auth stores 2017-05-30 02:08:03 +00:00			`};`
			`}`