Merge pull request #871 from kevinhughes27/jwt-cookie-storage

Jwt cookie storage

app/controllers/admin_controller.rb

@@ -8,7 +8,7 @@ class AdminController < ApplicationController
 
   before_action :authenticate_user!
   before_action :authenticate_tournament_user!
-  before_action :set_jwt_cookie
+  before_action -> { set_jwt_cookie(current_user) }
 
   rescue_from(ActiveRecord::RecordNotFound, with: :render_admin_404)
 
@@ -18,15 +18,6 @@ def authenticate_tournament_user!
     end
   end
 
-  def set_jwt_cookie
-    token = Knock::AuthToken.new(payload: { sub: current_user.id }).token
-
-    cookies['jwt'] = {
-      value: token,
-      domain: :all
-    }
-  end
-
   def execute_graphql(mutation, input_type, input, output)
     query_string = "mutation #{mutation}($input: #{input_type}!) {#{mutation}(input: $input) #{output}}"
     query_variables = {"input" => input.deep_transform_keys { |key| key.to_s.camelize(:lower) }}

app/controllers/application_controller.rb

@@ -4,6 +4,15 @@ class ApplicationController < ActionController::Base
   layout :layout_by_resource
   protect_from_forgery with: :exception, prepend: true
 
+  def set_jwt_cookie(user)
+    token = Knock::AuthToken.new(payload: { sub: user.id }).token
+    cookies['jwt'] = {
+      value: token,
+      domain: :all,
+      tld_length: 2
+    }
+  end
+
   def layout_by_resource
     if devise_controller?
       false

clients/admin_next/package.json

@@ -34,6 +34,7 @@
     "@types/relay-runtime": "^1.3.6",
     "actioncable": "^5.2.1",
     "babel-plugin-relay": "^1.7.0-rc.1",
+    "browser-cookies": "^1.2.0",
     "concurrently": "^4.0.1",
     "csv": "^4.0.0",
     "d3": "3.5.17",

clients/admin_next/src/modules/auth.ts

@@ -1,4 +1,16 @@
+import cookies from "browser-cookies";
 import decode from "jwt-decode";
+import { cache } from "./relay";
+
+const domain = () => {
+  const hostname = window.location.hostname;
+   if (hostname === "localhost") {
+    return hostname;
+  } else {
+    const subdomainIdx = hostname.indexOf(".");
+    return hostname.slice(subdomainIdx)
+  }
+}
 
 class Auth {
   login = (email: string, password: string) => {
@@ -46,16 +58,17 @@ class Auth {
     }
   }
 
-  setToken = (idToken: string) => {
-    localStorage.setItem("id_token", idToken);
+  setToken = (jwt: string) => {
+    cookies.set('jwt', jwt, { domain: domain() });
   }
 
   getToken = () => {
-    return localStorage.getItem("id_token");
+    return cookies.get("jwt");
   }
 
   logout = () => {
-    localStorage.removeItem("id_token");
+    cookies.erase('jwt', { domain: domain() });
+    cache.clear();
   }
 }
 

clients/admin_next/src/modules/relay.ts

@@ -4,7 +4,7 @@ import createHandler from "graphql-ruby-client/subscriptions/createHandler";
 import ActionCable from "actioncable";
 import auth from "./auth";
 
-const cache = new RelayQueryResponseCache({ size: 250, ttl: 60 * 5 * 1000 });
+export const cache = new RelayQueryResponseCache({ size: 250, ttl: 60 * 5 * 1000 });
 
 const fetchQuery = (
   operation: RequestNode,

clients/admin_next/yarn.lock

@@ -2169,6 +2169,11 @@ brorand@^1.0.1:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
 
+browser-cookies@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/browser-cookies/-/browser-cookies-1.2.0.tgz#fca3ffb9b6a63aadc4d8c0999c6b57d0fa7d29b5"
+  integrity sha1-/KP/ubamOq3E2MCZnGtX0Pp9KbU=
+
 browser-process-hrtime@^0.1.2:
   version "0.1.3"
   resolved "https://registry.yarnpkg.com/browser-process-hrtime/-/browser-process-hrtime-0.1.3.tgz#616f00faef1df7ec1b5bf9cfe2bdc3170f26c7b4"
@@ -7995,13 +8000,6 @@ react-scripts@^2.1.0:
   optionalDependencies:
     fsevents "1.2.4"
 
-react-star-rating-lite@^0.0.11:
-  version "0.0.11"
-  resolved "https://registry.yarnpkg.com/react-star-rating-lite/-/react-star-rating-lite-0.0.11.tgz#a2b16471728af50e8d883f638f2875df455b8a8c"
-  integrity sha512-/XD/CQc3YBR44SJLYZR7OoxmoUemTNY2lRW3XxjSiY70YOvZrlM5k+YjbziHDD7OVTAn/fb0qRi4F43+P9rl9Q==
-  dependencies:
-    react "^16.4.1"
-
 react-stars@^2.2.5:
   version "2.2.5"
   resolved "https://registry.yarnpkg.com/react-stars/-/react-stars-2.2.5.tgz#911852018e1574a0f9a2c1dfa4f0bc9af071b921"

config/initializers/session_store.rb

@@ -1,4 +1,4 @@
 # Be sure to restart your server when you modify this file.
 Rails.application.config.session_store :cookie_store,
-  key: '_ultimate-tournamet_session',
+  key: '_ultimate-tournament_session',
   domain: Settings.host.gsub(':3000', '')

test/support/browser_test_case.rb

@@ -40,7 +40,7 @@ class BrowserTestCase < ActiveSupport::TestCase
 
   teardown do
     save_artifacts(method_name) unless passed?
-    clear_local_storage
+    clear_application_storage
   end
 
   def assert_text(*args)
@@ -70,7 +70,8 @@ def screenshot_path(name)
     File.join(Rails.root, 'tmp', 'capybara', screenshot_file)
   end
 
-  def clear_local_storage
+  def clear_application_storage
+    page.driver.browser.manage.delete_all_cookies
     page.execute_script('window.localStorage.clear();')
   end
 end