[HOLD for payment 2023-09-11] [$1000] Images blinks on click on Got it button

[m-natarajan]

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

---

Action Performed:

1. Go to any chat
2. send images
3. go to Settings > Security > Two-factor authentication
4. complete 2FA process
5. click on Disable two-factor authentication
6. click on disable button
7. which will navigates to Disable two-factor
8. click on got it button

Expected Result:

images should not blinks

Actual Result:

images blinks on click on Got it button

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android / native
• Android / Chrome
• iOS / native
• iOS / Safari
• MacOS / Chrome / Safari
• MacOS / Desktop

Version Number: 1.3.57-5
Reproducible in staging?: Yes
Reproducible in production?: Yes
If this was caught during regression testing, add the test name, ID and link from TestRail:
Email or phone of affected tester (no customers):
Logs: https://stackoverflow.com/c/expensify/questions/4856
Notes/Photos/Videos: Any additional supporting documentation

Screen.Recording.2023-08-19.at.12.31.28.PM.mov

Recording.410.mp4

Expensify/Expensify Issue URL:
Issue reported by: @gadhiyamanan
Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1692429279843929

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~011b882428c04f1629
• Upwork Job ID: 1696199843097894912
• Last Price Increase: 2023-08-28
• Automatic offers:
• cubuspl42 | Reviewer | 26416973
• b4s36t4 | Contributor | 26416975
• gadhiyamanan | Reporter | 26416976

[melvin-bot]

Triggered auto assignment to @garrettmknight (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~011b882428c04f1629

[melvin-bot]

Current assignee @garrettmknight is eligible for the External assigner, not assigning anyone new.

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @cubuspl42 (External)

[garrettmknight]

Reproduced on staging - really niche, but I'd agree that it's unexpected.

[b4s36t4]

Proposal

Please re-state the problem that we are trying to solve in this issue.

Images blinks on click on Got it button

What is the root cause of that problem?

Whenever we click on Disable Two factor auth we're calling this function

App/src/pages/settings/Security/TwoFactorAuth/Steps/EnabledStep.js

Line 50 in c169952

Session.toggleTwoFactorAuth(false);

which will do an API call for DisableTwoFactorAuth for the first time maybe because of security purposes backend is requesting re-auth by sending a 407 request.

Due to this 407 code we're calling Authenticate API call here in this function

App/src/libs/Authentication.js

Line 55 in 5b4dee8

function reauthenticate(command = '') {

.

Once we have the response we're setting ONYXKEYS.SESSION value here in this function

App/src/libs/actions/Session/updateSessionAuthTokens.js

Line 8 in 6673ba4

export default function updateSessionAuthTokens(authToken, encryptedAuthToken) {

.

So by clicking on Disable 2FA we're resetting SESSION value in onyx.

So why only Image flickering?

We use Image component to render the images which has subscribed to the SESSION key here in this block.

App/src/components/Image/index.js

Lines 61 to 68 in 5b4dee8

	const ImageWithOnyx = React.memo(
	withOnyx({
	session: {
	key: ONYXKEYS.SESSION,
	},
	})(Image),
	imagePropsAreEqual,
	);

.

And in this snippet

App/src/components/Image/index.js

Line 16 in 5b4dee8

const source = useMemo(() => {

we're updating the RNImage's source prop whenever we see a change in SESSION.

So because of that API call SESSION is key getting updated, because of session key getting update RNImage is updating it's source which causing the reload for the Image.

What changes do you think we should make in order to solve the problem?

We can safely remove the session inside useMemo dependencies which keeps the image to previous version even the session token is changed.

Once image is rendered I don't think there is a need for re-rendering.

At any point user leaves and comes back to same report, Image component also would be re-rendered which ensures that SESSION values are updated and Image would also be having the secured image with latest auth token.

What alternative solutions did you explore? (Optional)

NA

Result

Kapture.2023-08-28.at.23.13.00.mp4

[b4s36t4]

@cubuspl42 Please review my proposal when you get a chance. Thanks!

[cubuspl42]

After giving it a thought, I also can't see a reason to reload images when the auth token changes. It's not like we expect the content to differ.

We can go with @b4s36t4 proposal.

C+ reviewed 🎀 👀 🎀

[melvin-bot]

Triggered auto assignment to @yuwenmemon, see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[melvin-bot]

📣 @cubuspl42 🎉 An offer has been automatically sent to your Upwork account for the Reviewer role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job

[melvin-bot]

📣 @b4s36t4 🎉 An offer has been automatically sent to your Upwork account for the Contributor role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job
Please accept the offer and leave a comment on the Github issue letting us know when we can expect a PR to be ready for review 🧑‍💻
Keep in mind: Code of Conduct | Contributing 📖

[melvin-bot]

📣 @gadhiyamanan 🎉 An offer has been automatically sent to your Upwork account for the Reporter role 🎉 Thanks for contributing to the Expensify app!

Offer link
Upwork job

[yuwenmemon]

Melvin answers the call!

[b4s36t4]

@yuwenmemon @cubuspl42 #26365 here's the PR. Also had some questions too. Please answer them as well.

[melvin-bot]

🎯 ⚡️ Woah @cubuspl42 / @b4s36t4, great job pushing this forwards! ⚡️

The pull request got merged within 3 working days of assignment, so this job is eligible for a 50% #urgency bonus 🎉

• when @b4s36t4 got assigned: 2023-08-30 17:45:44 Z
• when the PR got merged: 2023-09-01 20:31:10 UTC

On to the next one 🚀

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.62-4 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• fix image reload on session change #26365

If no regressions arise, payment will be issued on 2023-09-11. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

• @cubuspl42 requires payment offer (Reviewer)
• @b4s36t4 requires payment offer (Contributor)
• @gadhiyamanan requires payment offer (Reporter)

As a reminder, here are the bonuses/penalties that should be applied for any External issue:

• Merged PR within 3 business days of assignment - 50% bonus
• Merged PR more than 9 business days after assignment - 50% penalty

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@cubuspl42] The PR that introduced the bug has been identified. Link to the PR:
• [@cubuspl42] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@cubuspl42] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@cubuspl42] Determine if we should create a regression test for this bug.
• [@cubuspl42] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@garrettmknight] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[cubuspl42]

• The PR that introduced the bug has been identified. Link to the PR:
  • It seems that the bug was present in the relevant components since they were introduced
• The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
  • N/A
• A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
  • No need for additional discussion
• Determine if we should create a regression test for this bug.
  • No need for a new regression test
• If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
  • N/A

[garrettmknight]

Summary of payments

• urgency bonus: yes
• Reporter: @gadhiyamanan $250 paid in Upwork
• Contributor: @b4s36t4 $1500 paid in Upwork
• Contributor+: @cubuspl42 $1500 paid in Upwork