Investigate auth issues

api/authentication.js

@@ -46,6 +46,9 @@ const GITHUB_OAUTH_CLIENT_ID = IS_PROD
   ? '208a2e8684d88883eded'
   : 'ed3e924f4a599313c83b';
 
+const isSerializedJSON = (str: string) =>
+  str[0] === '{' && str[str.length - 1] === '}';
+
 const init = () => {
   // Setup use serialization
   passport.serializeUser((user, done) => {
@@ -56,19 +59,21 @@ const init = () => {
   // to avoid having to go to the db on every single request. We have to handle both
   // cases here, as more and more users use Spectrum again we go to the db less and less
   passport.deserializeUser((data, done) => {
-    // Fast path: try to JSON.parse the data if it works, we got the user data, yay!
-    try {
-      const user = JSON.parse(data);
-      // Make sure more than the user ID is in the data by checking any other required
-      // field for existance
-      if (user.id && user.createdAt) {
+    // Fast path: we got the full user data in the cookie
+    if (isSerializedJSON(data)) {
+      let user;
+      // Ignore errors if our isSerializedJSON heuristic is wrong and `data` isn't serialized JSON
+      try {
+        user = JSON.parse(data);
+      } catch (err) {}
+
+      if (user && user.id && user.createdAt) {
         return done(null, user);
       }
-      // Ignore JSON parsing errors
-    } catch (err) {}
+    }
 
     // Slow path: data is just the userID (legacy), so we have to go to the db to get the full data
-    getUser({ id: data })
+    return getUser({ id: data })
       .then(user => {
         done(null, user);
       })