Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(dbAuth): Refactor dbAuthHandler to support WebAPI Request events #9835

Merged
merged 45 commits into from
Jan 25, 2024
Merged

feat(dbAuth): Refactor dbAuthHandler to support WebAPI Request events #9835

merged 45 commits into from
Jan 25, 2024

Conversation

dac09
Copy link
Collaborator

@dac09 dac09 commented Jan 16, 2024
edited
Loading

Context

I'm attampting to break down the SSR-Auth work into smaller, more managable, pieces.

This PR refactors mainly the dbAuthHandler to support both Lambda events and WebAPI Request. Key things to note:

  • this PR on it's own does not enable SSR-Auth
  • changes are non breaking, in SPA mode dbAuth should continue to work as normal
  • Fetch/WebAPI support is incomplete in this PR, because in order to complete it we will need to make breaking changes. However with LambdaRequest it should continue to work (as if nothing changed)
  • it does remove the extra check that compares that the userId in the cookie matches the one sent into the token. I will discuss the implications of this with @cannikin ✅ Cannikin approved
  • The dbAuthHandler does support Fetch API Request, but..... lambda's base64 encoded body still needs to be handled outside - see https://github.com/ardatan/whatwg-node/tree/master/packages/server#aws-lambda

However this does break auth provider impersonation in RW studio - which is technically still experimental - so we're ok to do. See issue here: #9801

Todos

  • Fix outstanding unit tests
  • Review edgecases in test project with Rob
  • Figure out what we're doing about auth impersonation

@dac09
Simple auth state parsing with middleware in entry server
9e86135
@dac09
NOT WORKING: try extracting session passed into a cookie
5f1deed
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into try/dbauth-ssr
bb0b36e 
* 'main' of github.com:redwoodjs/redwood: (26 commits)
  fix(api-server): copy fallback fix from redwoodjs#9272 (redwoodjs#9369)
  fix(deps): update dependency concurrently to v8.2.2 (redwoodjs#9361)
  chore(k6): Fix function context test (redwoodjs#9368)
  feat(cli): Setup command for mailer (redwoodjs#9335)
  feature: Support defer and stream GraphQL Directives in RedwoodRealtime (redwoodjs#9235)
  chore(deps): update dependency rimraf to v5.0.5 (redwoodjs#9360)
  chore(k6): Fix function context test (redwoodjs#9358)
  chore(deps): bump undici from 5.22.1 to 5.26.3 (redwoodjs#9307)
  fix(babel): Fix opentelemetry api wrapping and allow it to be disabled (redwoodjs#9298)
  chore(api-server): remove server survey tests in CI (redwoodjs#9348)
  chore(deps): update babel monorepo to v7.23.2 (redwoodjs#9344)
  chore(deps): bump @babel/traverse from 7.18.9 to 7.23.2 in /docs (redwoodjs#9311)
  chore(deps): update dependency @tsconfig/docusaurus to v2 (redwoodjs#9347)
  fix(deps): update dependency react-player to v2.13.0 (redwoodjs#9346)
  fix(deps): update docusaurus monorepo to v2.4.3 (redwoodjs#9345)
  fix(deps): update dependency @babel/traverse to v7.23.2 [security] (redwoodjs#9322)
  chore: increase server test timeout, fix `yarn build:clean` (redwoodjs#9336)
  feature: Adds utility functions to add envars and update Redwood toml for plugin packages to cli helpers for use in simplifying CLI setup commands (redwoodjs#9324)
  fix(cli): Tailwind setup updates `scaffold.css` when needed (redwoodjs#9290)
  fix(cli): Exit with non-zero exit code when `yarn rw g types` has errors (redwoodjs#9280)
  ...
@dac09
SHIP IT
9fafcf8
@dac09
Get it building again
2b66173
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into try/dbauth-s…
4bb543a 
…sr-updated

* 'main' of github.com:redwoodjs/redwood: (80 commits)
  fix(deps): update dependency @fastify/http-proxy to v9.3.0 (redwoodjs#9451)
  fix(deps): update dependency @fastify/static to v6.12.0 (redwoodjs#9452)
  chore: migrate type tests to TSTyche (redwoodjs#9394)
  fix(deps): update dependency @testing-library/user-event to v14.5.1 (redwoodjs#9455)
  fix(deps): update dependency @vitejs/plugin-react to v4.1.1 (redwoodjs#9456)
  fix(deps): update dependency pino to v8.16.1 (redwoodjs#9459)
  fix(deps): update dependency firebase-admin to v11.11.0 (redwoodjs#9458)
  chore(deps): update dependency firebase to v10.6.0 (redwoodjs#9449)
  fix(deps): update dependency @fastify/url-data to v5.4.0 (redwoodjs#9453)
  fix(deps): update dependency @simplewebauthn/browser to v7.4.0 (redwoodjs#9454)
  chore(deps): update actions/setup-node action to v4 (redwoodjs#9461)
  chore(deps): update actions/checkout action to v4 (redwoodjs#9460)
  fix(deps): update dependency @graphql-yoga/plugin-graphql-sse to v2.0.5 (redwoodjs#9440)
  fix(deps): update prisma monorepo to v5.6.0 (redwoodjs#9447)
  fix(deps): update dependency nodemailer to v6.9.7 (redwoodjs#9444)
  chore(deps): update dependency esbuild to v0.19.5 (redwoodjs#9359)
  fix(deps): update dependency @envelop/on-resolve to v3.0.3 (redwoodjs#9436)
  fix(deps): update dependency semver to v7.5.4 (redwoodjs#9445)
  fix(deps): update dependency jsonwebtoken to v9.0.2 (redwoodjs#9443)
  fix(deps): update dependency systeminformation to v5.21.17 (redwoodjs#9446)
  ...
@dac09
Fix some merged changes
a8f0e33
@dac09
Make it forward cookies from authState
37adfa5
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into try/dbauth-s…
0542ca7 
…sr-updated-forward-cookies

* 'main' of github.com:redwoodjs/redwood: (163 commits)
  chore(deps): update dependency @clerk/clerk-react to v4.28.3 (redwoodjs#9643)
  fix(deps): update prisma monorepo to v5.7.0 (redwoodjs#9642)
  fix(CLI): merge NODE_OPTIONS in `yarn rw dev` (redwoodjs#9585)
  chore(release): configure aloglia to index docs
  chore(release): handle OTP for lerna publish
  RSC: No need to patch Vite anymore (redwoodjs#9636)
  RSC: Remove unused code. Improve code organization (redwoodjs#9631)
  chore(release): improve tooling
  chore: Linting and disable some console logs (redwoodjs#9635)
  chore: Update Testing documentation to link to How to Test Email/Mailer (redwoodjs#9634)
  chore(release): fix open answer
  Add vscode web debugger and compound (redwoodjs#9567)
  RSC: Use Routes.tsx for (client-side) routing (redwoodjs#9630)
  RSC: Add RW env var definitions to Vite config and include FatalErrorBoundary (redwoodjs#9622)
  chore(release): add notes on redwoodjs#9624
  chore(release): add release:notes scripts, fix docs
  chore(deps): update dependency @clerk/clerk-react to v4.28.2 (redwoodjs#9625)
  fix(deps): update dependency @vitejs/plugin-react to v4.2.1 (redwoodjs#9626)
  fix(deps): update dependency vite to v4.5.1 (redwoodjs#9627)
  fix(deps): update storybook monorepo to v7.6.3 (redwoodjs#9628)
  ...
@dac09
Fix building!
b275d9f
@dac09
I think I have it working with failing tests
67c4ace
@dac09
Fix authContext tests and dbauth handler
82badfd
@dac09
Fix more tests
3f0a32b 
Normalize request differently to be more compatible
@dac09
Get it working with middleware!
0979725
@dac09
Undo decoder type changes
1a3cbd4
@dac09
Cleanup isFetchRequest
fe40f61
@dac09
Change detection of fetch event
5e0c1c2
@dac09
Refactor and reuse getEventHeader
4e268aa 
Improve Fetch Request detection
@dac09
Add nx to gitignore
e05a906
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
9b1affd 
…cookie+generic-handler

* 'main' of github.com:redwoodjs/redwood: (125 commits)
  chore(release-tooling): Reminder to update Algolia
  chore(release-tooling): Add note about generating release notes
  chore(release-tooling): Add more detailed instructions for after releasing
  chore(release-tooling): Fix PR count message
  fix(crwa): use `fs.renameSync` instead of `fs.rename` (redwoodjs#9787)
  chore(release-tooling): Update to node 20 in version check
  chore(deps): bump @adobe/css-tools from 4.3.1 to 4.3.2 in /__fixtures__/example-todo-main (redwoodjs#9785)
  chore(crwa): add e2e tests for create-redwood-app (redwoodjs#9783)
  chore(release-tooling): fetch -> pull (redwoodjs#9784)
  feat(scaffold/cell): Adds TypedDocument Support to Cell and Scaffold Generators (redwoodjs#9693)
  fix: Support Custom Id Field Names in when generating Cells (redwoodjs#9778)
  chore(framework-tools): .gitignore (redwoodjs#9782)
  Use build:pack for dbauth when rebuilding the test project (redwoodjs#9781)
  chore(test-project): Fix test-project generation script, and regenerate fixture (redwoodjs#9779)
  Fix dbAuth allowUserFields initialization syntax (redwoodjs#9780)
  chore(framework-tools): add `project:tarsync` script (redwoodjs#9766)
  fix(otel): Fix OTel sdk loading (redwoodjs#9777)
  fix: Fixes way OpenTelemetry setup template uses project-config for port setting (redwoodjs#9775)
  chore(router): Miniscule fixes
  chore(router): Move useMatch to its own file (redwoodjs#9770)
  ...
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
d25ed51 
…cookie+generic-handler

* 'main' of github.com:redwoodjs/redwood:
  chore: yarn install to update `yarn.lock` (follow up to redwoodjs#9669)
  chore(deps): update dependency @envelop/core to v5 (redwoodjs#9669)
  Use regex to make test pass in VSCode (redwoodjs#9791)
  fix(dbAuth): Correct hardcoded DB column (redwoodjs#9788)
  fix(deps): update dependency graphql-yoga to v5 (redwoodjs#9688)
@dac09
ServerAuthState types and stuff
0d62479 
Inject initial server auth state on ssr
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
5ce1870 
…cookie+generic-handler

* 'main' of github.com:redwoodjs/redwood:
  chore: Improved Possible Types DX and Framework integration for GraphQL Fragments with Union and Interface support (redwoodjs#9594)
  fix(server): error early on incompatible config (apiHost and apiUrl) (redwoodjs#9808)
  chore(esm): convert crwa to esm and bundle (redwoodjs#9786)
  chore(cli): More robust isAwaitable (redwoodjs#9806)
  chore(ci): Update task names to say "node 20" (redwoodjs#9805)
  Use TS for rebuild-test-project-fixture script (redwoodjs#9804)
  chore: bump TSTyche (redwoodjs#9803)
  docs(fragments): Typo, grammar and formatting fixes (redwoodjs#9802)
  Revert accidental changes to test-project
  chore(deps): update dependency @apollo/experimental-nextjs-app-support to v0.5.2 (redwoodjs#9716)
  fix(deps): update dependency react-helmet-async to v2 (redwoodjs#9697)
  fix(deps): update dependency sqlite to v5 (redwoodjs#9698)
  data migrate: Clean up upHandler test (redwoodjs#9796)
  chore(data-migration): Fix test exit code (redwoodjs#9795)
  Add routeParams to useMatch (redwoodjs#9793)
  fix(fastify): Prevent duplicate `@fastify/url-data` registration (redwoodjs#9794)
  useRoutePath(): Get the path for the current route by default (redwoodjs#9790)
  Router: Use a single RouterContext (redwoodjs#9792)
@dac09
Restore unneeded changes
be84ace
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
c3a2ebb 
…fetch-handler

* 'main' of github.com:redwoodjs/redwood:
  Add missing cli-helpers test file (redwoodjs#9833)
  Add cli-helpers util to update redwood.toml (redwoodjs#9832)
  Tweak graphiql setup messages (redwoodjs#9831)
  exp setup sentry: Fix file extension (redwoodjs#9829)
  Fastify config: Use exact file extension in log message (redwoodjs#9828)
  Remove unused Fastify plugin (redwoodjs#9827)
  Add trusted-documents to fragments CI smoke-test (redwoodjs#9826)
  prerender: Enable Trusted Documents support (redwoodjs#9825)
  trustedDocuments.test.ts: Format source
  cli: add missing dep jscodeshift (redwoodjs#9823)
  graphql setup fragments: Move telemetry to main handler (redwoodjs#9819)
  feat: Adds Setup CLI Command to Configure GraphQL Trusted Documents (redwoodjs#9800)
  Update cli tsconfig to reference used packages (redwoodjs#9822)
  fragments setup: newline fix + refactor->rename (redwoodjs#9821)
  yarn rw setup graphql fragments (redwoodjs#9811)
@dac09
Just keep the dbAuth fetch-api related changes, revert everything else
6a31c00
@dac09 dac09 added the release:feature This PR introduces a new feature label Jan 16, 2024
@Tobbe Tobbe mentioned this pull request Jan 16, 2024
Merged
@dac09
Copy link
Collaborator Author

dac09 commented Jan 19, 2024

Ready for final review @cannikin! Thanks ✌️

@dac09
Merge branch 'main' into feat/dbauth-fetch-handler
7491bdf
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
5900629 
…fetch-handler

* 'main' of github.com:redwoodjs/redwood:
  feat(server file): add `createServer` (redwoodjs#9845)
  chore(crwa): set `REDWOOD_CI` and `REDWOOD_DISABLE_TELEMETRY` (redwoodjs#9857)
  Fix(crwa): Exit 0 after Quit install (redwoodjs#9856)
  chore(crwa): switch to vitest (redwoodjs#9855)
  chore(api): Switch to use vitest over jest (redwoodjs#9853)
  fix(server): ensure consistency between CLI serve entrypoints regarding help and strict (redwoodjs#9809)
  Improve how the api-server watch command works (redwoodjs#9841)
  docs(typo): correct grammar in realtime docs (redwoodjs#9850)
  Add support for Prisma Bytes and GraphQL scalar Byte (redwoodjs#9847)
  packages/cli: Switch from substr (deprecated) to slice (redwoodjs#9849)
@dac09
Fix merge after vitest
b32eca7
@dac09
Merge branch 'feat/dbauth-fetch-handler' of github.com:dac09/redwood …
61d4664 
…into feat/dbauth-fetch-handler

* 'feat/dbauth-fetch-handler' of github.com:dac09/redwood:
@dac09
Merge branch 'main' into feat/dbauth-fetch-handler
8fdbec0
@dac09
Merge branch 'main' into feat/dbauth-fetch-handler
ed74729
@dac09
Merge branch 'main' into feat/dbauth-fetch-handler
d4ce855
cannikin
cannikin requested changes Jan 22, 2024
View reviewed changes
Copy link
Member

@cannikin cannikin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We talked about moving all of the await init() calls to the test file, since that seems to be the only place they're needed (except for invoke()).

@dac09 dac09 mentioned this pull request Jan 23, 2024
Closed
@dac09
Remove this.init from inside class, call them in the tests instead
d35207f
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/dbauth-…
81b787f 
…fetch-handler

* 'main' of github.com:redwoodjs/redwood:
  chore(auth-providers): switch to vitest (mostly) (redwoodjs#9869)
  chore(esm): convert `@redwoodjs/project-config` to ESM (redwoodjs#9870)
  fix(createServer): use addHook instead of ready (redwoodjs#9871)
@dac09
Also convert fetch handler test to vitest
616bd22
@dac09
Copy link
Collaborator Author

dac09 commented Jan 25, 2024

Dankeschone @cannikin ✌️

@dac09 dac09 enabled auto-merge (squash) January 25, 2024 04:44
@dac09 dac09 merged commit 765f585 into redwoodjs:main Jan 25, 2024
38 checks passed
@dac09 dac09 deleted the feat/dbauth-fetch-handler branch January 25, 2024 09:14
dac09 added a commit to dac09/redwood that referenced this pull request Jan 25, 2024
@dac09
Merge branch 'main' of github.com:redwoodjs/redwood into feat/ssr-mid…
7cac8aa 
…dleware

* 'main' of github.com:redwoodjs/redwood:
  chore(structure): switch to vitest (redwoodjs#9878)
  chore(cli): switch to vitest (redwoodjs#9863)
  feat(dbAuth): Refactor dbAuthHandler to support WebAPI Request events (redwoodjs#9835)
  fix(crwa): remove yarn-install option for yarn 1 (redwoodjs#9881)
  chore(esbuild): dedupe esbuild config (redwoodjs#9875)
  chore(esm): convert `@redwoodjs/cli-helpers` to ESM (redwoodjs#9872)
  fix(studio): Add version checks when first running Studio (redwoodjs#9876)
@jtoar jtoar modified the milestones: next-release, v7.0.0 Jan 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cannikin cannikin cannikin approved these changes

Assignees
No one assigned
Labels
release:feature This PR introduces a new feature
Projects
None yet
Milestone
v7.0.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dac09 @cannikin @jtoar