Skip to content

Commit

Permalink
Merge pull request #404 from supertokens/remove-combination-recipe/ro…
Browse files Browse the repository at this point in the history
…uting-change

makes change to middleware routing logic
  • Loading branch information
rishabhpoddar authored Apr 14, 2024
2 parents 957f7eb + c079e94 commit 3e8d529
Show file tree
Hide file tree
Showing 22 changed files with 1,095 additions and 77 deletions.
24 changes: 24 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,30 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [unreleased]


## Breaking change

- Removed ThirdPartyEmailPassword and ThirdPartyPasswordless recipes. Instead, you should use ThirdParty + EmailPassword or ThirdParty + Passwordless recipes separately in your recipe list.
- Removed `rid` query param from:
- email verification links
- passwordless magic links
- password reset links

## Changes

- If `rid` header is present in an API call, the routing no only only depends on that. If the SDK cannot resolve a request handler based on the `rid`, request path and method, it will try to resolve a request handler only based on the request path and method (therefore ignoring the `rid` header).
- New API handlers are:
- `GET /emailpassword/email/exists` => email password, does email exist API (used to be `GET /signup/email/exists` with `rid` of `emailpassword` or `thirdpartyemailpassword` which is now deprecated)
- `GET /passwordless/email/exists` => email password, does email exist API (used to be `GET /signup/email/exists` with `rid` of `passwordless` or `thirdpartypasswordless` which is now deprecated)
- `GET /passwordless/phonenumber/exists` => email password, does email exist API (used to be `GET /signup/phonenumber/exists` which is now deprecated)
- Support for FDI 2.0

## Migration guide

- If you were using `ThirdPartyEmailPassword`, you should now init `ThirdParty` and `EmailPassword` recipes separately. The config for the individual recipes are mostly the same, except the syntax may be different. Check our recipe guides for [ThirdParty](https://supertokens.com/docs/thirdparty/introduction) and [EmailPassword](https://supertokens.com/docs/emailpassword/introduction) for more information.

- If you were using `ThirdPartyPasswordless`, you should now init `ThirdParty` and `Passwordless` recipes separately. The config for the individual recipes are mostly the same, except the syntax may be different. Check our recipe guides for [ThirdParty](https://supertokens.com/docs/thirdparty/introduction) and [Passwordless](https://supertokens.com/docs/passwordless/introduction) for more information.


## [0.17.5] - 2024-03-14
- Adds a type uint64 to the `accessTokenCookiesExpiryDurationMillis` local variable in `recipe/session/utils.go`. It also removes the redundant `uint64` type forcing needed because of the untyped variable.
- Fixes the passing of `tenantId` in `getAllSessionHandlesForUser` and `revokeAllSessionsForUser` based on `fetchAcrossAllTenants` and `revokeAcrossAllTenants` inputs respectively.
Expand Down
1 change: 0 additions & 1 deletion recipe/emailpassword/api/implementation.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ func MakeAPIImplementation() epmodels.APIInterface {

passwordResetLink, err := GetPasswordResetLink(
options.AppInfo,
options.RecipeID,
response.OK.Token,
tenantId,
options.Req,
Expand Down
5 changes: 2 additions & 3 deletions recipe/emailpassword/api/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -126,17 +126,16 @@ func validateFormOrThrowError(configFormFields []epmodels.NormalisedFormField, i
return nil
}

func GetPasswordResetLink(appInfo supertokens.NormalisedAppinfo, recipeID string, token string, tenantId string, request *http.Request, userContext supertokens.UserContext) (string, error) {
func GetPasswordResetLink(appInfo supertokens.NormalisedAppinfo, token string, tenantId string, request *http.Request, userContext supertokens.UserContext) (string, error) {
websiteDomain, err := appInfo.GetOrigin(request, userContext)
if err != nil {
return "", err
}
return fmt.Sprintf(
"%s%s/reset-password?token=%s&rid=%s&tenantId=%s",
"%s%s/reset-password?token=%s&tenantId=%s",
websiteDomain.GetAsStringDangerous(),
appInfo.WebsiteBasePath.GetAsStringDangerous(),
token,
recipeID,
tenantId,
), nil
}
107 changes: 107 additions & 0 deletions recipe/emailpassword/authFlow_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,10 +32,117 @@ import (
"github.com/supertokens/supertokens-golang/recipe/emailpassword/epmodels"
"github.com/supertokens/supertokens-golang/recipe/session"
"github.com/supertokens/supertokens-golang/recipe/session/sessmodels"
"github.com/supertokens/supertokens-golang/recipe/thirdparty"
"github.com/supertokens/supertokens-golang/recipe/thirdparty/tpmodels"
"github.com/supertokens/supertokens-golang/supertokens"
"github.com/supertokens/supertokens-golang/test/unittesting"
)

func TestRightRidButRecipeMissingReturns404(t *testing.T) {
configValue := supertokens.TypeInput{
Supertokens: &supertokens.ConnectionInfo{
ConnectionURI: "http://localhost:8080",
},
AppInfo: supertokens.AppInfo{
APIDomain: "api.supertokens.io",
AppName: "SuperTokens",
WebsiteDomain: "supertokens.io",
},
RecipeList: []supertokens.Recipe{
thirdparty.Init(&tpmodels.TypeInput{
SignInAndUpFeature: tpmodels.TypeInputSignInAndUp{
Providers: []tpmodels.ProviderInput{
{
Config: tpmodels.ProviderConfig{
ThirdPartyId: "google",
Clients: []tpmodels.ProviderClientConfig{
{
ClientID: "4398792-test-id",
ClientSecret: "test-secret",
},
},
},
},
},
},
}),
},
}

BeforeEach()
unittesting.StartUpST("localhost", "8080")
defer AfterEach()
err := supertokens.Init(configValue)
if err != nil {
t.Error(err.Error())
}
mux := http.NewServeMux()
testServer := httptest.NewServer(supertokens.Middleware(mux))
defer testServer.Close()

res, err := unittesting.SignInRequest("[email protected]", "validpass123", testServer.URL)

if err != nil {
t.Error(err.Error())
}

assert.NoError(t, err)
assert.Equal(t, 404, res.StatusCode)
}

func TestSignInWorksWithThirdPartyEmailPasswordRid(t *testing.T) {
configValue := supertokens.TypeInput{
Supertokens: &supertokens.ConnectionInfo{
ConnectionURI: "http://localhost:8080",
},
AppInfo: supertokens.AppInfo{
APIDomain: "api.supertokens.io",
AppName: "SuperTokens",
WebsiteDomain: "supertokens.io",
},
RecipeList: []supertokens.Recipe{
thirdparty.Init(&tpmodels.TypeInput{
SignInAndUpFeature: tpmodels.TypeInputSignInAndUp{
Providers: []tpmodels.ProviderInput{
{
Config: tpmodels.ProviderConfig{
ThirdPartyId: "google",
Clients: []tpmodels.ProviderClientConfig{
{
ClientID: "4398792-test-id",
ClientSecret: "test-secret",
},
},
},
},
},
},
}),
Init(nil),
},
}

BeforeEach()
unittesting.StartUpST("localhost", "8080")
defer AfterEach()
err := supertokens.Init(configValue)
if err != nil {
t.Error(err.Error())
}
mux := http.NewServeMux()
testServer := httptest.NewServer(supertokens.Middleware(mux))
defer testServer.Close()

res, err := unittesting.SignInRequestWithThirdpartyemailpasswordRid("[email protected]", "validpass123", testServer.URL)

if err != nil {
t.Error(err.Error())
}

assert.NoError(t, err)
assert.Equal(t, 200, res.StatusCode)
}

// SigninFeature Tests
func TestDisablingAPIDefaultSigninDoesNotWork(t *testing.T) {
configValue := supertokens.TypeInput{
Expand Down
3 changes: 2 additions & 1 deletion recipe/emailpassword/constants/constants.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,6 @@ const (
SignInAPI = "/signin"
GeneratePasswordResetTokenAPI = "/user/password/reset/token"
PasswordResetAPI = "/user/password/reset"
SignupEmailExistsAPI = "/signup/email/exists"
SignupEmailExistsAPIOld = "/signup/email/exists"
SignupEmailExistsAPI = "/emailpassword/email/exists"
)
Loading

0 comments on commit 3e8d529

Please sign in to comment.