Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trim auth params before sending to the API (not while typing) #1546

Merged
merged 5 commits into from
Nov 13, 2018
Merged

Trim auth params before sending to the API (not while typing) #1546

merged 5 commits into from
Nov 13, 2018

Conversation

luisrudge
Copy link
Contributor

fix #1537

Changes

Instead of trimming email/username/phoneNumber while the user is typing, we're now trimming them when we send them to the server.

References

#1537

Testing

  • This change adds unit test coverage

@luisrudge luisrudge added this to the v11.12.0 milestone Nov 12, 2018
@cocojoe
Copy link
Member

cocojoe commented Nov 13, 2018

@luisrudge can you clarify your description please, you trim on submission of the field or it's only trimmed when an API request is made?

@luisrudge
Copy link
Contributor Author

@cocojoe I only trim the value being sent to the API. The input value is left untouched.

lbalmaceda
lbalmaceda reviewed Nov 13, 2018
View reviewed changes
Copy link
Contributor

@lbalmaceda lbalmaceda left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I found the MFA case is missing. That aside, could you edit the tests to show that spaces in between are not getting removed as well?

e.g. change " email@me.com " to " email @me .com " which should always end up in "email @me .com"

src/core/web_api/helper.js Outdated

export function trimAuthParams(params = {}) {
const { ...p } = params;
['username', 'email', 'phoneNumber'].forEach(k => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about MFA code?

joshcanhelp
joshcanhelp reviewed Nov 13, 2018
View reviewed changes
src/core/web_api/p2_api.js
...this.authOpt,
...authParams
});
const loginOptions = trimAuthParams(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function wrap feels ... wrong. Can trimAuthParams be a part of normalizeAuthParams? What if we need to do another transform here? Maybe there should be a prepareParams or similar to handle everything?

joshcanhelp
joshcanhelp reviewed Nov 13, 2018
View reviewed changes
src/core/web_api/p2_api.js
}

resetPassword(options, cb) {
this.client.changePassword(options, cb);
this.client.changePassword(trimAuthParams(options), cb);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar feedback here ... there might be another transform in the future, in which case this starts to get really hard to read.

joshcanhelp
joshcanhelp previously approved these changes Nov 13, 2018
View reviewed changes
Copy link
Contributor

@joshcanhelp joshcanhelp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have a few comments on clarity but functionality is a pass.

@luisrudge luisrudge merged commit 4aaefa4 into master Nov 13, 2018
@luisrudge luisrudge deleted the fix/trim-params-before-sending-to-a0js branch November 13, 2018 17:36
luisrudge added a commit that referenced this pull request Nov 13, 2018
@luisrudge
Revert "Trim auth params before sending to the API (not while typing) (
476a4da 
…#1546)"

This reverts commit 4aaefa4.
luisrudge added a commit that referenced this pull request Nov 13, 2018
@luisrudge
Revert "Trim auth params before sending to the API (not while typing) (
75d88b5 
…#1546)"

This reverts commit 4aaefa4.
@luisrudge luisrudge mentioned this pull request Nov 19, 2018
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbalmaceda lbalmaceda lbalmaceda approved these changes

@joshcanhelp joshcanhelp joshcanhelp left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v11.12.0
Development

Successfully merging this pull request may close these issues.

Lock 11.4 prevents sign in for custom db usernames including a space
4 participants
@luisrudge @cocojoe @joshcanhelp @lbalmaceda