coop-cloud-chaos-patchs/outline
coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixes: Unexpected token parsing sessions cookie (#905)

Browse Source
This commit is contained in:
Tom Moor 2019-03-02 14:58:56 -08:00 committed by GitHub
parent e3b105d1c0
commit fa38ab60eb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 27 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.flowconfig
View File

@ -4,6 +4,7 @@
.*/shared/.* .*/shared/.*
[ignore] [ignore]
.*/node_modules/tiny-cookie/flow/.*
.*/node_modules/styled-components/.* .*/node_modules/styled-components/.*
.*/node_modules/polished/.* .*/node_modules/polished/.*
.*/node_modules/react-side-effect/.* .*/node_modules/react-side-effect/.*

10
app/stores/AuthStore.js
View File

@ -1,7 +1,7 @@
// @flow // @flow
import { observable, action, computed, autorun, runInAction } from 'mobx'; import { observable, action, computed, autorun, runInAction } from 'mobx';
import invariant from 'invariant'; import invariant from 'invariant';
import Cookie from 'js-cookie'; import { getCookie, setCookie, removeCookie } from 'tiny-cookie';
import { client } from 'utils/ApiClient'; import { client } from 'utils/ApiClient';
import { stripSubdomain } from 'shared/utils/domains'; import { stripSubdomain } from 'shared/utils/domains';
import RootStore from 'stores/RootStore'; import RootStore from 'stores/RootStore';
@ -31,7 +31,7 @@ export default class AuthStore {
this.rootStore = rootStore; this.rootStore = rootStore;
this.user = data.user; this.user = data.user;
this.team = data.team; this.team = data.team;
this.token = Cookie.get('accessToken'); this.token = getCookie('accessToken');
if (this.token) setImmediate(() => this.fetch()); if (this.token) setImmediate(() => this.fetch());
@ -138,15 +138,15 @@ export default class AuthStore {
this.token = null; this.token = null;
// remove authentication token itself // remove authentication token itself
Cookie.remove('accessToken', { path: '/' }); removeCookie('accessToken', { path: '/' });
// remove session record on apex cookie // remove session record on apex cookie
const team = this.team; const team = this.team;
if (team) { if (team) {
const sessions = Cookie.getJSON('sessions') || {}; const sessions = JSON.parse(getCookie('sessions') || '{}');
delete sessions[team.id]; delete sessions[team.id];
Cookie.set('sessions', JSON.stringify(sessions), { setCookie('sessions', JSON.stringify(sessions), {
domain: stripSubdomain(window.location.hostname), domain: stripSubdomain(window.location.hostname),
}); });
this.team = null; this.team = null;

2
package.json
View File

@ -105,7 +105,6 @@
"imports-loader": "0.6.5", "imports-loader": "0.6.5",
"invariant": "^2.2.2", "invariant": "^2.2.2",
"isomorphic-fetch": "2.2.1", "isomorphic-fetch": "2.2.1",
"js-cookie": "^2.2.0",
"js-search": "^1.4.2", "js-search": "^1.4.2",
"json-loader": "0.5.4", "json-loader": "0.5.4",
"jsonwebtoken": "7.0.1", "jsonwebtoken": "7.0.1",
@ -163,6 +162,7 @@
"styled-components-breakpoint": "^2.1.1", "styled-components-breakpoint": "^2.1.1",
"styled-components-grid": "^2.2.1", "styled-components-grid": "^2.2.1",
"styled-normalize": "^8.0.4", "styled-normalize": "^8.0.4",
"tiny-cookie": "^2.3.1",
"tmp": "0.0.33", "tmp": "0.0.33",
"uglifyjs-webpack-plugin": "1.2.5", "uglifyjs-webpack-plugin": "1.2.5",
"url-loader": "^0.6.2", "url-loader": "^0.6.2",

22
server/middlewares/authentication.js
View File

@ -115,15 +115,19 @@ export default function auth(options?: { required?: boolean } = {}) {
// to the teams subdomain if subdomains are enabled // to the teams subdomain if subdomains are enabled
if (process.env.SUBDOMAINS_ENABLED === 'true' && team.subdomain) { if (process.env.SUBDOMAINS_ENABLED === 'true' && team.subdomain) {
// get any existing sessions (teams signed in) and add this team // get any existing sessions (teams signed in) and add this team
const existing = JSON.parse(ctx.cookies.get('sessions') || '{}'); const existing = JSON.parse(
const sessions = JSON.stringify({ decodeURIComponent(ctx.cookies.get('sessions') || '') || '{}'
...existing, );
[team.id]: { const sessions = encodeURIComponent(
name: encodeURIComponent(team.name), JSON.stringify({
logoUrl: team.logoUrl, ...existing,
url: encodeURIComponent(team.url), [team.id]: {
}, name: team.name,
}); logoUrl: team.logoUrl,
url: team.url,
},
})
);
ctx.cookies.set('sessions', sessions, { ctx.cookies.set('sessions', sessions, {
httpOnly: false, httpOnly: false,
expires, expires,

4
server/utils/renderpage.js
View File

@ -15,7 +15,9 @@ const sheet = new ServerStyleSheet();
export default function renderpage(ctx: Object, children: React.Node) { export default function renderpage(ctx: Object, children: React.Node) {
let sessions = {}; let sessions = {};
try { try {
sessions = JSON.parse(ctx.cookies.get('sessions') || '{}'); sessions = JSON.parse(
decodeURIComponent(ctx.cookies.get('sessions') || '') || '{}'
);
} catch (err) { } catch (err) {
console.error(`Sessions cookie could not be parsed: ${err}`); console.error(`Sessions cookie could not be parsed: ${err}`);
} }

8
yarn.lock
View File

@ -5468,10 +5468,6 @@ js-beautify@^1.6.11:
mkdirp "~0.5.0" mkdirp "~0.5.0"
nopt "~3.0.1" nopt "~3.0.1"
js-cookie@^2.2.0:
version "2.2.0"
resolved "https://registry.yarnpkg.com/js-cookie/-/js-cookie-2.2.0.tgz#1b2c279a6eece380a12168b92485265b35b1effb"
js-search@^1.4.2: js-search@^1.4.2:
version "1.4.2" version "1.4.2"
resolved "https://registry.yarnpkg.com/js-search/-/js-search-1.4.2.tgz#59a91e117d6badb20bf0d7643ba7577d5a81d7e2" resolved "https://registry.yarnpkg.com/js-search/-/js-search-1.4.2.tgz#59a91e117d6badb20bf0d7643ba7577d5a81d7e2"
@ -9637,6 +9633,10 @@ timers-ext@0.1, timers-ext@^0.1.2:
es5-ext "~0.10.14" es5-ext "~0.10.14"
next-tick "1" next-tick "1"
tiny-cookie@^2.3.1:
version "2.3.1"
resolved "https://registry.yarnpkg.com/tiny-cookie/-/tiny-cookie-2.3.1.tgz#f0ea9fa194f2aed631dcd5e69ac0d6587be928c8"
tiny-emitter@^2.0.0: tiny-emitter@^2.0.0:
version "2.0.2" version "2.0.2"
resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.0.2.tgz#82d27468aca5ade8e5fd1e6d22b57dd43ebdfb7c" resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.0.2.tgz#82d27468aca5ade8e5fd1e6d22b57dd43ebdfb7c"