chore: New Builder Auth #4010

istarkov · 2024-08-25T11:04:04Z

Description

Full track

https://github.com/webstudio-is/webstudio-saas/issues/317#issuecomment-2289241819

So thoughts about session
https://github.com/webstudio-is/webstudio-saas/issues/317#issuecomment-2314515772

Some explanations what is fixed and how
https://github.com/webstudio-is/webstudio-saas/issues/317#issue-2465048823

Next PR:

- Old share links auto redirect
- Try make better error message having that current PR will logout all users.

Steps for reproduction

Login using google login or dev login try to open projects on dahsboard, create new, clone delete etc.
Try to open projects on dahboard, see each is on it's own domain and work
Try to open project link (without share token) with other user - should fail.
Try publish/clone any links and operations.
Share project from userA:

try to open it with other userB
- see userB is not logged in to that project
- try to get using fetch from console anything about userB or userA i.e rest etc endpoints on apps.webstudio.is domain
try to open incognito, check it works.

Open few project, then logout from dashboard, reload project page

See login page
Try to login as same uer - see it works
Or try to login as another user - see auth error

Code Review

hi @kof, I need you to do
- conceptual review (architecture, feature-correctness)
- detailed review (read every line)
- test it on preview

Before requesting a review

made a self-review
added inline comments where things may be not obvious (the "why", not "what")

Before merging

tested locally and on preview environment (preview dev login: 5de6)
updated test cases document
added tests
if any new env variables are added, added them to .env file

istarkov · 2024-08-26T16:01:44Z

Tests:

Login via google
Create new Project, created, Im redirected to a new project.
Clone project using project menu. Cloned/redirected.
Edit text - working
Create new page and links - preview working.
Publish - working
create custom domain - working, publish working https://hello.poke-method.work/
goto dahsboard
Delete - working
clone template working - got error on canvas Cannot read properties of undefined (reading 'get') (Same on Main)
clone anouther template - Sheet error - (Same on main)

Make builder the root path cleanups Add everything Remove tmp Remove Fix Fix layout Fix Fix url Add cross-origin check Fix stale data dashboardPath Fix canvas-url path Improve logout Add bloom filter Commit projects to the session Add leak Change templates Trigger Build rename throw to prevent any cross origin Add log Change session cookie Add comments cleanup + comments Fix Test delete deployments Test call Try delete all fix Trigger Build Fix Add cleanup after r2 potpone after test

apps/builder/app/builder/features/workspace/canvas-iframe.tsx

apps/builder/app/routes/leak.ts

@kof

## Description ### Full track webstudio-is/webstudio-saas#317 (comment) So thoughts about session webstudio-is/webstudio-saas#317 (comment) Some explanations what is fixed and how webstudio-is/webstudio-saas#317 (comment) Next PR: - [x] - Old share links auto redirect - [x] - Try make better error message having that current PR will logout all users. ## Steps for reproduction 1. Login using `google login` or `dev login` try to open projects on dahsboard, create new, clone delete etc. 2. Try to open projects on dahboard, see each is on it's own domain and work 3. Try to open project link (without share token) with other user - should fail. 4. Try publish/clone any links and operations. 5. Share project from `userA`: - try to open it with other `userB` - see `userB` is not logged in to that project - try to get using fetch from console anything about `userB` or `userA` i.e rest etc endpoints on apps.webstudio.is domain - try to open incognito, check it works. 6. Open few project, then logout from dashboard, reload project page - See login page - Try to login as same uer - see it works - Or try to login as another user - see auth error ## Code Review - [ ] hi @kof, I need you to do - conceptual review (architecture, feature-correctness) - detailed review (read every line) - test it on preview ## Before requesting a review - [ ] made a self-review - [ ] added inline comments where things may be not obvious (the "why", not "what") ## Before merging - [ ] tested locally and on preview environment (preview dev login: 5de6) - [ ] updated [test cases](https://github.com/webstudio-is/webstudio/blob/main/apps/builder/docs/test-cases.md) document - [ ] added tests - [ ] if any new env variables are added, added them to `.env` file

istarkov force-pushed the auth.staging branch 2 times, most recently from 981d263 to f2a1a3b Compare August 27, 2024 05:34

istarkov force-pushed the auth.staging branch from fc83f87 to afa2d1a Compare August 27, 2024 06:25

istarkov added 4 commits August 27, 2024 09:14

Add context helpers for logout support

0411ac4

Add logout router

678609f

Logout

8145ef4

Progress

3786282

istarkov marked this pull request as ready for review August 27, 2024 20:55

istarkov requested review from kof and TrySound August 27, 2024 20:55

istarkov added 6 commits August 27, 2024 21:04

onFinish

8052e8a

Remove

993a52a

Improve comments and namings

d8ddda9

Make 404 explicit

221b98c

Fix

8f6bd07

Simplify

aeed200

TrySound reviewed Aug 28, 2024

View reviewed changes

apps/builder/app/builder/features/workspace/canvas-iframe.tsx Outdated Show resolved Hide resolved

TrySound reviewed Aug 28, 2024

View reviewed changes

apps/builder/app/routes/leak.ts Show resolved Hide resolved

TrySound approved these changes Aug 28, 2024

View reviewed changes

istarkov added 9 commits August 28, 2024 18:34

Only userId in session

985b06d

Move logout to POST

e84fd8d

Remove apple warnings

d66485c

Enforce relogin

912d9ec

Fix authorization error

8dc0b36

Support older clients

7b8d1ef

Add redirect

d1e0d51

Trigger Build

fae1f30

Update credentialless

fec2d50

Remove useless keys

340a1d6

istarkov merged commit f7487fd into main Aug 29, 2024
24 of 26 checks passed

istarkov deleted the auth.staging branch August 29, 2024 09:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: New Builder Auth #4010

chore: New Builder Auth #4010

istarkov commented Aug 25, 2024 •

edited

Loading

istarkov commented Aug 26, 2024 •

edited

Loading

chore: New Builder Auth #4010

chore: New Builder Auth #4010

Conversation

istarkov commented Aug 25, 2024 • edited Loading

Description

Full track

Steps for reproduction

Code Review

Before requesting a review

Before merging

istarkov commented Aug 26, 2024 • edited Loading

istarkov commented Aug 25, 2024 •

edited

Loading

istarkov commented Aug 26, 2024 •

edited

Loading