Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core): Delete user sessions & token upon user-deletion #2241

Merged
merged 1 commit into from
Jul 4, 2023
Merged

fix(core): Delete user sessions & token upon user-deletion #2241

merged 1 commit into from
Jul 4, 2023

Conversation

DanielBiegler
Copy link
Contributor

This applies to both admins and regular users.

@DanielBiegler
fix(core): Delete user sessions & token upon user-deletion
e68f91f 
This applies to both admins and regular users.
@netlify
Copy link

netlify bot commented Jun 21, 2023
edited
Loading

Deploy Preview for effervescent-donut-4977b2 ready!

Name Link
🔨 Latest commit e68f91f
🔍 Latest deploy log https://app.netlify.com/sites/effervescent-donut-4977b2/deploys/6492d8b5aae2e700087f09f8
😎 Deploy Preview https://deploy-preview-2241--effervescent-donut-4977b2.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

DanielBiegler
DanielBiegler commented Jun 21, 2023
View reviewed changes
packages/core/src/service/services/user.service.ts
Comment on lines +175 to +178
// Dynamic import to avoid the circular dependency of SessionService
await this.moduleRef
.get((await import('./session.service.js')).SessionService)
.deleteSessionsByUser(ctx, new User({ id: userId }));
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@michaelbromley For now I just constructed the User to be able to use the deleteSessionsByUser function - it might be cleaner to refactor? The deletion function only uses the userId anyway. Whats your more experienced-perspective on this? Cheers.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I agree it makes more sense for that deleteSessionsByUser to just take an ID rather than the User object. But since that's a public method, I would err on the side of caution and not change the signature in a breaking way. We could overload it so it can take a User object or an ID though, which would be a backward-compatible change.

@DanielBiegler DanielBiegler marked this pull request as ready for review June 25, 2023 12:49
@michaelbromley michaelbromley merged commit b989607 into vendure-ecommerce:master Jul 4, 2023
@DanielBiegler DanielBiegler deleted the fix/destroy-session-on-user-deletion branch March 5, 2024 09:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@michaelbromley michaelbromley michaelbromley left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DanielBiegler @michaelbromley