fix(destory-session): testing destroy session for all devices using s…

…upabase
rockingrohit9639 · Mar 7, 2024 · f0262ea · f0262ea
1 parent 4ce99da
commit f0262ea
Show file tree

Hide file tree

Showing 69 changed files with 164 additions and 130 deletions.
diff --git a/app/integrations/supabase/client.ts b/app/integrations/supabase/client.ts
@@ -1,13 +1,26 @@
+import { createCookieSessionStorage } from "@remix-run/node";
 import { createClient } from "@supabase/supabase-js";
 
 import {
   SUPABASE_SERVICE_ROLE,
   SUPABASE_URL,
   SUPABASE_ANON_PUBLIC,
+  env,
 } from "~/utils/env";
 import { ShelfStackError } from "~/utils/error";
 import { isBrowser } from "~/utils/is-browser";
 
+const sessionStorage = createCookieSessionStorage({
+  cookie: {
+    name: "__authSession",
+    httpOnly: true,
+    path: "/",
+    sameSite: "lax",
+    secrets: [env.SESSION_SECRET],
+    secure: env.NODE_ENV === "production",
+  },
+});
+
 // ⚠️ cloudflare needs you define fetch option : https://github.com/supabase/supabase-js#custom-fetch-implementation
 // Use Remix fetch polyfill for node (See https://remix.run/docs/en/v1/other-api/node)
 function getSupabaseClient(supabaseKey: string, accessToken?: string) {
@@ -23,8 +36,8 @@ function getSupabaseClient(supabaseKey: string, accessToken?: string) {
 
   return createClient(SUPABASE_URL, supabaseKey, {
     auth: {
-      autoRefreshToken: false,
-      persistSession: false,
+      // autoRefreshToken: false,
+      // persistSession: false,
     },
     ...global,
   });

diff --git a/app/modules/auth/service.server.ts b/app/modules/auth/service.server.ts
@@ -1,5 +1,5 @@
 import type { AuthSession } from "server/session";
-import { getSupabaseAdmin } from "~/integrations/supabase";
+import { getSupabaseAdmin, supabaseClient } from "~/integrations/supabase";
 import { SERVER_URL } from "~/utils/env";
 
 import { ShelfStackError } from "~/utils/error";
@@ -67,6 +67,8 @@ export async function signInWithEmail(email: string, password: string) {
     return { status: "error", message: "something went wrong try login again" };
   }
 
+  await supabaseClient.auth.setSession(data.session);
+
   const mappedSession = await mapAuthSession(data.session);
 
   if (!mappedSession) {

diff --git a/app/routes/_auth+/login.tsx b/app/routes/_auth+/login.tsx
@@ -111,7 +111,7 @@ export async function action({ context, request }: ActionFunctionArgs) {
     });
 
     // Set the auth session and redirect to the assets page
-    context.setSession({ ...authSession });
+    // context.setSession({ ...authSession });
 
     return redirect(safeRedirect(redirectTo || "/assets"), {
       headers: [

diff --git a/app/routes/_auth+/logout.tsx b/app/routes/_auth+/logout.tsx
@@ -5,7 +5,7 @@ import { assertIsPost } from "~/utils";
 
 export async function action({ context, request }: ActionFunctionArgs) {
   assertIsPost(request);
-  context.destroySession();
+  await context.destroySession();
   return redirect("/login");
 }
 

diff --git a/app/routes/_layout+/_layout.tsx b/app/routes/_layout+/_layout.tsx
@@ -31,7 +31,7 @@ import { canUseBookings } from "~/utils/subscription";
 export const links: LinksFunction = () => [{ rel: "stylesheet", href: styles }];
 
 export const loader = async ({ context, request }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   // @TODO - we need to look into doing a select as we dont want to expose all data always
   const user = authSession
     ? await db.user.findUnique({

diff --git a/app/routes/_layout+/admin-dashboard+/$userId.tsx b/app/routes/_layout+/admin-dashboard+/$userId.tsx
@@ -21,7 +21,7 @@ export type UserWithQrCodes = User & {
 };
 
 export const loader = async ({ context, params }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
   const userId = params.userId as string;
   const user = (await db.user.findUnique({
@@ -60,7 +60,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
   /** ID of the target user we are generating codes for */
   const userId = params.userId as string;

diff --git a/app/routes/_layout+/admin-dashboard+/_layout.tsx b/app/routes/_layout+/admin-dashboard+/_layout.tsx
@@ -6,7 +6,7 @@ import HorizontalTabs from "~/components/layout/horizontal-tabs";
 import { requireAdmin } from "~/utils/roles.server";
 
 export async function loader({ context }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
 
   return null;

diff --git a/app/routes/_layout+/admin-dashboard+/announcements.new.tsx b/app/routes/_layout+/admin-dashboard+/announcements.new.tsx
@@ -9,14 +9,14 @@ import { db } from "~/database";
 import { requireAdmin } from "~/utils/roles.server";
 
 export const loader = async ({ context }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
 
   return json({});
 };
 
 export const action = async ({ context, request }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
 
   const formData = await request.formData();

diff --git a/app/routes/_layout+/admin-dashboard+/announcements.tsx b/app/routes/_layout+/admin-dashboard+/announcements.tsx
@@ -10,7 +10,7 @@ import { parseMarkdownToReact } from "~/utils/md.server";
 import { requireAdmin } from "~/utils/roles.server";
 
 export const loader = async ({ context }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
 
   const announcements = await db.announcement.findMany({
@@ -28,7 +28,7 @@ export const loader = async ({ context }: LoaderFunctionArgs) => {
 };
 
 export const action = async ({ context, request }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
   const formData = await request.formData();
   const published = formData.get("published") === "on";

diff --git a/app/routes/_layout+/admin-dashboard+/org.$organizationId.tsx b/app/routes/_layout+/admin-dashboard+/org.$organizationId.tsx
@@ -13,7 +13,7 @@ import { ShelfStackError } from "~/utils/error";
 import { requireAdmin } from "~/utils/roles.server";
 
 export const loader = async ({ context, params }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
 
   const organization = await db.organization.findUnique({
@@ -39,7 +39,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
   const organizationId = params.organizationId as string;
   const formData = await request.formData();

diff --git a/app/routes/_layout+/admin-dashboard+/users.tsx b/app/routes/_layout+/admin-dashboard+/users.tsx
@@ -11,7 +11,7 @@ import { getPaginatedAndFilterableUsers } from "~/modules/user";
 import { requireAdmin } from "~/utils/roles.server";
 
 export const loader = async ({ context, request }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requireAdmin(authSession.userId);
   const { search, totalUsers, perPage, page, users, totalPages } =
     await getPaginatedAndFilterableUsers({

diff --git a/app/routes/_layout+/assets.$assetId.duplicate.tsx b/app/routes/_layout+/assets.$assetId.duplicate.tsx
@@ -28,7 +28,7 @@ export const loader = async ({
   request,
   params,
 }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   await requirePermision({
     userId,
@@ -63,7 +63,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,

diff --git a/app/routes/_layout+/assets.$assetId.give-custody.tsx b/app/routes/_layout+/assets.$assetId.give-custody.tsx
@@ -28,7 +28,7 @@ export const loader = async ({
   request,
   params,
 }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,
@@ -89,7 +89,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   await requirePermision({
     userId,

diff --git a/app/routes/_layout+/assets.$assetId.note.tsx b/app/routes/_layout+/assets.$assetId.note.tsx
@@ -17,7 +17,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   await requirePermision({

diff --git a/app/routes/_layout+/assets.$assetId.qr.tsx b/app/routes/_layout+/assets.$assetId.qr.tsx
@@ -16,7 +16,7 @@ import { requirePermision } from "~/utils/roles.server";
 type SizeKeys = "cable" | "small" | "medium" | "large";
 
 export async function loader({ context, request, params }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,

diff --git a/app/routes/_layout+/assets.$assetId.release-custody.tsx b/app/routes/_layout+/assets.$assetId.release-custody.tsx
@@ -19,7 +19,7 @@ export const loader = async ({
   request,
   params,
 }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   await requirePermision({
     userId,
@@ -58,7 +58,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   await requirePermision({
     userId,

diff --git a/app/routes/_layout+/assets.$assetId.tsx b/app/routes/_layout+/assets.$assetId.tsx
@@ -58,7 +58,7 @@ export const AvailabilityForBookingFormSchema = z.object({
 });
 
 export async function loader({ context, request, params }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId } = await requirePermision({
@@ -126,7 +126,7 @@ export async function loader({ context, request, params }: LoaderFunctionArgs) {
 }
 
 export async function action({ context, request, params }: ActionFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const formData = await request.formData();

diff --git a/app/routes/_layout+/assets.$assetId.update-location.tsx b/app/routes/_layout+/assets.$assetId.update-location.tsx
@@ -20,7 +20,7 @@ export const loader = async ({
   request,
   params,
 }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,
@@ -46,7 +46,7 @@ export const loader = async ({
 
 export async function action({ context, request, params }: ActionFunctionArgs) {
   assertIsPost(request);
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   await requirePermision({
     userId,

diff --git a/app/routes/_layout+/assets.$assetId_.edit.tsx b/app/routes/_layout+/assets.$assetId_.edit.tsx
@@ -36,7 +36,7 @@ import { PermissionAction, PermissionEntity } from "~/utils/permissions";
 import { requirePermision } from "~/utils/roles.server";
 
 export async function loader({ context, request, params }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,
@@ -98,7 +98,7 @@ export const handle = {
 
 export async function action({ context, request, params }: ActionFunctionArgs) {
   assertIsPost(request);
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId } = await requirePermision({

diff --git a/app/routes/_layout+/assets._index.tsx b/app/routes/_layout+/assets._index.tsx
@@ -73,7 +73,7 @@ export const links: LinksFunction = () => [
 ];
 
 export async function loader({ context, request }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId, organizations, currentOrganization, role } =

diff --git a/app/routes/_layout+/assets.export.$fileName[.csv].tsx b/app/routes/_layout+/assets.export.$fileName[.csv].tsx
@@ -5,7 +5,7 @@ import { PermissionAction, PermissionEntity } from "~/utils/permissions";
 import { requirePermision } from "~/utils/roles.server";
 
 export const loader = async ({ context, request }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
 
   const { organizationId, organizations } = await requirePermision({
     userId: authSession.userId,

diff --git a/app/routes/_layout+/assets.import.tsx b/app/routes/_layout+/assets.import.tsx
@@ -26,7 +26,7 @@ import { PermissionAction, PermissionEntity } from "~/utils/permissions";
 import { requirePermision } from "~/utils/roles.server";
 
 export const action = async ({ context, request }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId, organizations } = await requirePermision({
@@ -88,7 +88,7 @@ export const action = async ({ context, request }: ActionFunctionArgs) => {
 };
 
 export const loader = async ({ context, request }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId, organizations } = await requirePermision({

diff --git a/app/routes/_layout+/assets.new.tsx b/app/routes/_layout+/assets.new.tsx
@@ -30,7 +30,7 @@ import { requirePermision } from "~/utils/roles.server";
 const title = "New Asset";
 
 export async function loader({ context, request }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
 
   const { organizationId, currentOrganization } = await requirePermision({
@@ -87,7 +87,7 @@ export const handle = {
 };
 
 export async function action({ context, request }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { userId } = authSession;
   const { organizationId } = await requirePermision({
     userId,

diff --git a/app/routes/_layout+/bookings.$bookingId.add-assets.tsx b/app/routes/_layout+/bookings.$bookingId.add-assets.tsx
@@ -40,7 +40,7 @@ export const loader = async ({
   request,
   params,
 }: LoaderFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { organizationId } = await requirePermision({
     userId: authSession?.userId,
     request,
@@ -98,7 +98,7 @@ export const action = async ({
   request,
   params,
 }: ActionFunctionArgs) => {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   await requirePermision({
     userId: authSession?.userId,
 

diff --git a/app/routes/_layout+/bookings.$bookingId.tsx b/app/routes/_layout+/bookings.$bookingId.tsx
@@ -46,7 +46,7 @@ import { requirePermision } from "~/utils/roles.server";
 import { bookingStatusColorMap } from "./bookings";
 
 export async function loader({ context, request, params }: LoaderFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
   const { organizationId, role } = await requirePermision({
     userId: authSession?.userId,
     request,
@@ -212,7 +212,7 @@ export const handle = {
 };
 
 export async function action({ context, request, params }: ActionFunctionArgs) {
-  const authSession = context.getSession();
+  const authSession = await context.getSession();
 
   const formData = await request.formData();
   const intent = formData.get("intent") as