citizenlab
citizenlab copied to clipboard
Published
20 hours ago •
CitizenLabDotCo
CitizenLabDotCo
[TAN-1062] Remove redundant roles from the JWT token
Changelog
Technical
- [TAN-1062] Remove redundant roles from the JWT token. When a user is granted folder-moderator rights, individual project-moderator roles are automatically added to the
rolesattribute for all projects within the folder. This can result in a large array of roles that can cause the JWT token to exceed the maximum size of a cookie. To mitigate this issue, this commit removes the redundant roles from the JWT token. Although there is still a possibility that the token will exceed the maximum size, this is less likely to happen.
![notion-workspace[bot] avatar](https://avatars.githubusercontent.com/in/300037?v=4 "Published by a pub.dev verified publisher"){kind=small}
Also, as it's still possible to exceed the cookie size limit, maybe we could limit the number of roles as described here https://www.notion.so/citizenlab/Prevent-errors-logging-in-for-users-with-30-manager-roles-fec2fec77f0044569827be2ce7c3e3e7?pvs=4#45748c4bbe7b4257a0d22d6eb62f3f07
Though I guess not mandatory.
@alexander-cit Thanks for the review. All good suggestions and some things I considered myself, but we decided to go for the low-budget option on this one.