[FIX] Google OAuth triggering cookies logic (#3244)

* Remove checkCookiesAndLogout * Add loginEmailPassword to loginOAuthOrSso * Add isFromWebView field * Fix migrations * Minor tweak * Fix OAuth for other services * Fix migrations * Stop persisting loginEmailPassword Co-authored-by: Diego Mello <diegolmello@gmail.com>
RocketChat · Jul 5, 2021 · f42c914 · f42c914
1 parent 300c1f9
commit f42c914
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 22 deletions.
diff --git a/app/actions/login.js b/app/actions/login.js
@@ -1,10 +1,11 @@
 import * as types from './actionsTypes';
 
-export function loginRequest(credentials, logoutOnError) {
+export function loginRequest(credentials, logoutOnError, isFromWebView) {
 	return {
 		type: types.LOGIN.REQUEST,
 		credentials,
-		logoutOnError
+		logoutOnError,
+		isFromWebView
 	};
 }
 

diff --git a/app/lib/database/model/servers/User.js b/app/lib/database/model/servers/User.js
@@ -22,7 +22,7 @@ export default class User extends Model {
 
 	@field('avatar_etag') avatarETag;
 
-	@field('login_email_password') loginEmailPassword;
-
 	@field('show_message_in_main_thread') showMessageInMainThread;
+
+	@field('is_from_webview') isFromWebView;
 }
diff --git a/app/lib/database/model/servers/migrations.js b/app/lib/database/model/servers/migrations.js
@@ -95,6 +95,16 @@ export default schemaMigrations({
 					]
 				})
 			]
+		}, {
+			toVersion: 11,
+			steps: [
+				addColumns({
+					table: 'users',
+					columns: [
+						{ name: 'is_from_webview', type: 'boolean', isOptional: true }
+					]
+				})
+			]
 		}
 	]
 });
diff --git a/app/lib/database/schema/servers.js b/app/lib/database/schema/servers.js
@@ -1,7 +1,7 @@
 import { appSchema, tableSchema } from '@nozbe/watermelondb';
 
 export default appSchema({
-	version: 10,
+	version: 11,
 	tables: [
 		tableSchema({
 			name: 'users',
@@ -15,7 +15,8 @@ export default appSchema({
 				{ name: 'roles', type: 'string', isOptional: true },
 				{ name: 'login_email_password', type: 'boolean', isOptional: true },
 				{ name: 'show_message_in_main_thread', type: 'boolean', isOptional: true },
-				{ name: 'avatar_etag', type: 'string', isOptional: true }
+				{ name: 'avatar_etag', type: 'string', isOptional: true },
+				{ name: 'is_from_webview', type: 'boolean', isOptional: true }
 			]
 		}),
 		tableSchema({

diff --git a/app/lib/rocketchat.js b/app/lib/rocketchat.js
@@ -526,10 +526,10 @@ const RocketChat = {
 		return this.post('users.forgotPassword', { email }, false);
 	},
 
-	loginTOTP(params, loginEmailPassword) {
+	loginTOTP(params, loginEmailPassword, isFromWebView = false) {
 		return new Promise(async(resolve, reject) => {
 			try {
-				const result = await this.login(params, loginEmailPassword);
+				const result = await this.login(params, isFromWebView);
 				return resolve(result);
 			} catch (e) {
 				if (e.data?.error && (e.data.error === 'totp-required' || e.data.error === 'totp-invalid')) {
@@ -592,15 +592,15 @@ const RocketChat = {
 		return this.loginTOTP(params, true);
 	},
 
-	async loginOAuthOrSso(params) {
-		const result = await this.loginTOTP(params);
-		reduxStore.dispatch(loginRequest({ resume: result.token }));
+	async loginOAuthOrSso(params, isFromWebView = true) {
+		const result = await this.loginTOTP(params, false, isFromWebView);
+		reduxStore.dispatch(loginRequest({ resume: result.token }, false, isFromWebView));
 	},
 
-	async login(params, loginEmailPassword) {
+	async login(credentials, isFromWebView = false) {
 		const sdk = this.shareSDK || this.sdk;
 		// RC 0.64.0
-		await sdk.login(params);
+		await sdk.login(credentials);
 		const { result } = sdk.currentLogin;
 		const user = {
 			id: result.userId,
@@ -615,7 +615,7 @@ const RocketChat = {
 			emails: result.me.emails,
 			roles: result.me.roles,
 			avatarETag: result.me.avatarETag,
-			loginEmailPassword,
+			isFromWebView,
 			showMessageInMainThread: result.me.settings?.preferences?.showMessageInMainThread ?? true
 		};
 		return user;

diff --git a/app/sagas/deepLinking.js b/app/sagas/deepLinking.js
@@ -97,7 +97,7 @@ const fallbackNavigation = function* fallbackNavigation() {
 const handleOAuth = function* handleOAuth({ params }) {
 	const { credentialToken, credentialSecret } = params;
 	try {
-		yield RocketChat.loginOAuthOrSso({ oauth: { credentialToken, credentialSecret } });
+		yield RocketChat.loginOAuthOrSso({ oauth: { credentialToken, credentialSecret } }, false);
 	} catch (e) {
 		log(e);
 	}

diff --git a/app/sagas/login.js b/app/sagas/login.js
@@ -30,15 +30,15 @@ import Navigation from '../lib/Navigation';
 
 const getServer = state => state.server.server;
 const loginWithPasswordCall = args => RocketChat.loginWithPassword(args);
-const loginCall = args => RocketChat.login(args);
+const loginCall = (credentials, isFromWebView) => RocketChat.login(credentials, isFromWebView);
 const logoutCall = args => RocketChat.logout(args);
 
-const handleLoginRequest = function* handleLoginRequest({ credentials, logoutOnError = false }) {
+const handleLoginRequest = function* handleLoginRequest({ credentials, logoutOnError = false, isFromWebView = false }) {
 	logEvent(events.LOGIN_DEFAULT_LOGIN);
 	try {
 		let result;
 		if (credentials.resume) {
-			result = yield call(loginCall, credentials);
+			result = yield loginCall(credentials, isFromWebView);
 		} else {
 			result = yield call(loginWithPasswordCall, credentials);
 		}
@@ -68,7 +68,6 @@ const handleLoginRequest = function* handleLoginRequest({ credentials, logoutOnE
 					log(e);
 				}
 			});
-
 			yield put(loginSuccess(result));
 		}
 	} catch (e) {
@@ -148,14 +147,13 @@ const handleLoginSuccess = function* handleLoginSuccess({ user }) {
 			status: user.status,
 			statusText: user.statusText,
 			roles: user.roles,
-			loginEmailPassword: user.loginEmailPassword,
+			isFromWebView: user.isFromWebView,
 			showMessageInMainThread: user.showMessageInMainThread,
 			avatarETag: user.avatarETag
 		};
 		yield serversDB.action(async() => {
 			try {
 				const userRecord = await usersCollection.find(user.id);
-				u.loginEmailPassword = userRecord?.loginEmailPassword;
 				await userRecord.update((record) => {
 					record._raw = sanitizedRaw({ id: user.id, ...record._raw }, usersCollection.schema);
 					Object.assign(record, u);

diff --git a/app/views/SettingsView/index.js b/app/views/SettingsView/index.js
@@ -65,7 +65,7 @@ class SettingsView extends React.Component {
 		const usersCollection = db.get('users');
 		try {
 			const userRecord = await usersCollection.find(user.id);
-			if (!userRecord.loginEmailPassword) {
+			if (userRecord.isFromWebView) {
 				showConfirmationAlert({
 					title: I18n.t('Clear_cookies_alert'),
 					message: I18n.t('Clear_cookies_desc'),