Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fix] ctx value persists to next request after mutating ctx object #1795

Closed
3 tasks done
BenMaGit opened this issue Jan 9, 2024 · 3 comments
Closed
3 tasks done

[fix] ctx value persists to next request after mutating ctx object #1795

BenMaGit opened this issue Jan 9, 2024 · 3 comments
Labels
bug

Comments

@BenMaGit
Copy link

BenMaGit commented Jan 9, 2024
edited

Describe the bug

Node.js version: 18

Description:

When mutating the ctx object within a middleware, the changes made to the ctx should be limited to the current request and should not persist to the next request. However, it appears that there is an issue where the mutated values in ctx persist to the next request, causing unintended side effects.

I know I should probably use Koa state for this kind of info, but still wondering if the is a expected behavior ?

Actual behavior

Changes made to the ctx object within a middleware persist to the next request, leading to unexpected behavior and potential bugs in applications.

Expected behavior

Mutations to the ctx object should be isolated to the current request and should not affect subsequent requests.

Code to reproduce

To replicate the issue, follow these steps by sending two consecutive requests to different API routes:

Initiate the first request to trigger the authenticate function, resulting in the mutation of the ctx object with an appended field.
Subsequently, send the second request that should bypass the logic in the authentication function.
Upon examination, you will notice that both request logs display the same userId, despite the second request being expected to have nothing

  app.use(logRequest()); -> Will log request metadata after await next()
  app.use(handleError());
  app.use(authenticate()); -> Will mutate the ctx object and append a userId field to it if the path is not in the whitelist
  app.use(myFirstRoute.routes());
  app.use(mySecondRoute.routes());

Checklist

  • I have searched through GitHub issues for similar issues.
  • I have completely read through the README and documentation.
  • I have tested my code with the latest version of Node.js and this package and confirmed it is still not working.
@BenMaGit BenMaGit added the bug label Jan 9, 2024
@siakc
Copy link

siakc commented Jan 9, 2024

You may send the code for authenticate() at least. I guess somehow your code is retaining values.

@BenMaGit
Copy link
Author

BenMaGit commented Jan 9, 2024

I am mutating the ctx object directly in that function like this, nothing special.
All the other default fields (host, method, path, headers, ip) all have the correct value (request data for the 2nd request), only the appended object persists from the last request, which won't be a problem if the consecutive request is another request that needs to be authenticated first, which will replace the user value with the token that comes with the request

const user = await getUserById(id)
ctx.user = user

@BenMaGit
Copy link
Author

BenMaGit commented Jan 9, 2024

nvm, I think I found the culprit, ill close the issue for now.

@BenMaGit BenMaGit closed this as completed Jan 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@siakc @BenMaGit