Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔒 fix: Robust Cache Reset on User Logout #1324

Merged
merged 3 commits into from
Dec 10, 2023
Merged

🔒 fix: Robust Cache Reset on User Logout #1324

merged 3 commits into from
Dec 10, 2023

Conversation

danny-avila
Copy link
Owner

Summary

This pull request addresses an issue where the cache was not properly reset upon user logout, potentially allowing the next user on the same browser to access data from the previous session. I implemented a fix that ensures the cache is correctly cleared when a user logs out, enhancing the security and privacy of LibreChat when used between multiple users on the same browser.

Closes #1320

Change Type

  • Bug fix (non-breaking change which fixes an issue)
  • Refactor (code improvements with no change in functionality)

Testing

To verify the fix, I conducted manual tests by logging into the application, performing various actions to populate the cache, and then logging out. Upon logging in with a different user account, I confirmed that no residual data was available from the previous session. I also reviewed the network activity to ensure no unauthorized data requests were made after logging out.

I recommend further testing by:

  1. Logging in and performing a diverse set of actions to ensure various types of data are cached.
  2. Logging out and inspecting the cache storage to confirm it has been reset.
  3. Logging in with a different user on the same browser and checking for any data leak from the previous session.

Test Configuration:

  • Browsers: Chrome, Firefox, Safari
  • Cache inspection tools: Browser DevTools

Checklist

  • My code adheres to this project's style guidelines
  • I have performed a self-review of my own code
  • I have commented in any complex areas of my code
  • My changes do not introduce new warnings
  • I have written tests demonstrating that my changes are effective or that my feature works
  • Local unit tests pass with my changes

@danny-avila danny-avila merged commit 968b8cc into main Dec 10, 2023
1 check passed
@danny-avila danny-avila deleted the fix-logout-cache branch December 10, 2023 22:13
shortpoet pushed a commit to shortpoet/LibreChat that referenced this pull request Dec 30, 2023
@danny-avila @shortpoet
🔒 fix: Robust Cache Reset on User Logout (danny-avila#1324)
fb3e03b 
* refactor(Logout): rely on hooks for mutation behavior

* fix: logging out now correctly resets cache, disallowing any cache mixing between the next logged in user on the same browser

* chore: remove additional localStorage values on logout
cnkang pushed a commit to cnkang/LibreChat that referenced this pull request Feb 6, 2024
@danny-avila
🔒 fix: Robust Cache Reset on User Logout (danny-avila#1324)
1ac39e7 
* refactor(Logout): rely on hooks for mutation behavior

* fix: logging out now correctly resets cache, disallowing any cache mixing between the next logged in user on the same browser

* chore: remove additional localStorage values on logout
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: Preset not re-loaded upon login, had to refresh the page
1 participant
@danny-avila