Fixed server crash bug when tokens not found in db #230
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cherylli
reviewed
Dec 8, 2024
… db check during access token validation, and added additional test for refactoring
cherylli
reviewed
Dec 10, 2024
There was a problem hiding this comment.
Tested manually and ran all the tests, all good.
I'm glad you figured out how to reproduce the error I've completed forgotten to put that in and I've also forgotten how to trigger the error to test it 😂
Just need a small change on the changelog, since this didn't get merged before the release.
| @@ -39,6 +39,7 @@ | |||
| - revised tech selections route to update only one tech per request([#221](https://github.com/chingu-x/chingu-dashboard-be/pull/221)) | |||
|
|
|||
| ### Fixed | |||
| - Bug when user attempts to access a non-public endpoint after database reseed ([#230])(https://github.com/chingu-x/chingu-dashboard-be/pull/230) | |||
There was a problem hiding this comment.
This will need to be under unreleased like the previous PR
JoshuaHinman
approved these changes
Dec 10, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fix for bug: cannot read properties of undefined when user is logged in but database re-seeded, and user is still logged in (still has access and refresh tokens) and tries to access non public endpoints.
Issue link
Fixes bug
Type of change
How Has This Been Tested?
Before fix, I log in with a user and have an access & refresh token.
If I shut down server and reseed the database, then I try to access a non public endpoint (like get forms by id) using the access & refresh token, I received an http 500 Internal Server Error. In logs there is a 'cannot read properties of undefined'(reading 'map')...After some time, when the token expires, I get the usual 403 error. This error occurs because when treating the JWT token, we were retrieving the roles of a user even though the user id no longer existed in the db (after reseed). As such, the roles were undefined which caused issues when calculating the abilities of user.
After fix, If i reseed and use old access & refresh token I just get a 403.
Checklist: