Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: save synapse token in memory instead of mongoDB #320

Merged
merged 32 commits into from
Sep 20, 2023
Merged

fix: save synapse token in memory instead of mongoDB #320

merged 32 commits into from
Sep 20, 2023

Conversation

Junjiequan
Copy link
Contributor

@Junjiequan Junjiequan commented Jun 22, 2023
edited
Loading

Description

This PR aims to save synapse token in the memory rather than in mongoDB.

Motivation

Currently loopback saves token in the mongoDB which requires extra user credential verification layers to get the token and does not update token on application restart.
We exclusively use synapse for fetching scichat room messages where user credential verification is unnecessary step and it increases application complexity.
Also we don't want to manually update token everytime when the application restarts, so it is better to save the token in the memory and automatically generate new token on every restart.

Fixes:

  • Items added

Changes:

  • changes made

Tests included/Docs Updated?

  • Included for each change/fix?
  • Passing? (Merge will not be approved unless this is checked)
  • Docs updated?
  • New packages used/requires npm install?
  • Toggle added for new features?

@Junjiequan Junjiequan changed the title [WIP] fix: removed synapse createRoom and createUser services [WIP] fix: save synapse token in memory instead of in mongoDB Jun 22, 2023
@Junjiequan Junjiequan self-assigned this Jun 22, 2023
@Junjiequan Junjiequan changed the title [WIP] fix: save synapse token in memory instead of in mongoDB [WIP] fix: save synapse token in memory instead of mongoDB Jul 20, 2023
enthusiastio
enthusiastio approved these changes Aug 2, 2023
View reviewed changes
Copy link

@enthusiastio enthusiastio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice cleanup 💯 👍
It makes sense, but just have a question about one test.

src/__tests__/acceptance/user.controller.acceptance.ts
@@ -28,15 +20,5 @@ describe("UserController (acceptance)", () => {
.send(credentials)
.expect(401);
});

it("should resolve in a jwt token when logging in with the correct credentials", async () => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question. Why was this test removed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After refactoring JWT validation is no longer needed so is for the JWT test.
Within this PR synapse credential will be directly passed to loopback from SciCat BE, then loopback will use the credential to login Synapse server and save generated token in the memory.

@Junjiequan Junjiequan changed the title [WIP] fix: save synapse token in memory instead of mongoDB fix: save synapse token in memory instead of mongoDB Sep 9, 2023
@Junjiequan Junjiequan mentioned this pull request Sep 11, 2023
Merged
5 tasks
nitrosx
nitrosx reviewed Sep 15, 2023
View reviewed changes
Copy link
Contributor

@nitrosx nitrosx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not understand why the authentication has been removed?
Does that mean that some URLs are open and provide information to unauthenticated users?

src/controllers/logbook.controller.ts
} while (true);
}

@authenticate("jwt")
@get("/Logbooks/{name}", {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are we removing authentication?

Copy link
Contributor Author

@Junjiequan Junjiequan Sep 15, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Users whomever are able to see logbook tab and able to click into it should be able to see logbook messages, we already have that permission logic somewhere in the scicat BE and scicat FE. So I figured that JWT auth step is redundant.
As loopback service will be running in a SSH protected VM I don't see open URL would cause any harm to our side.
But one alternative way I think we could do is save synapse token in the scicat BE after first login, then trigger synapse service using token received from header in loopback.

src/controllers/logbook.controller.ts
console.error(err);
}
}
break;
} while (true);
}

@authenticate("jwt")
@post("/Logbooks/{name}/message", {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why no authentication

@Junjiequan Junjiequan merged commit 3cf325f into master Sep 20, 2023
4 checks passed
@Junjiequan Junjiequan deleted the SWAP-3202-scicat-fe-investigate-why-logbook-under-proposal branch September 20, 2023 12:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nitrosx nitrosx nitrosx left review comments

@enthusiastio enthusiastio enthusiastio approved these changes

@bolmsten bolmsten Awaiting requested review from bolmsten

@martin-trajanovski martin-trajanovski Awaiting requested review from martin-trajanovski

Assignees

@Junjiequan Junjiequan

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Junjiequan @nitrosx @enthusiastio