supertokens-python icon indicating copy to clipboard operation
supertokens-python copied to clipboard

Published 20 hours ago verified publisher icon supertokens

fix: duplicate session token issue when cookieDomain is changed

Open anku255 opened this issue 10 months ago • 0 comments

Summary of change

This PR replicates the changes done in https://github.com/supertokens/supertokens-node/pull/813 for the python SDK.

NOTE:

Our tests used fastapi.testclient.TestClient, which has a CookieJar that stores cookies between requests. Because our session tests explicitly add access and refresh token cookies, this leads to duplicate cookies, causing issues when multiple cookies are passed, resulting in a 500 error.

To solve this, I replaced TestClient with a custom class, TestClientWithNoCookieJar, which clears the CookieJar before making a request. This fix eliminates the duplicate cookie problem and aligns with the behavior in other SDKs.

Related issues

  • https://github.com/supertokens/supertokens-node/issues/790
  • https://github.com/supertokens/supertokens-node/pull/813
  • https://github.com/supertokens/supertokens-node/issues/826

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)

Documentation changes

(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)

Checklist for important updates

  • [x] Changelog has been updated
  • [ ] coreDriverInterfaceSupported.json file has been updated (if needed)
    • Along with the associated array in supertokens_python/constants.py
  • [ ] frontendDriverInterfaceSupported.json file has been updated (if needed)
  • [x] Changes to the version if needed
    • In setup.py
    • In supertokens_python/constants.py
  • [x] Had installed and ran the pre-commit hook
  • [x] Issue this PR against the latest non released version branch.
    • To know which one it is, run find the latest released tag (git tag) in the format vX.Y.Z, and then find the latest branch (git branch --all) whose X.Y is greater than the latest released tag.
    • If no such branch exists, then create one from the latest released branch.
  • [ ] If have added a new web framework, update the supertokens_python/utils.py file to include that in the FRAMEWORKS variable
  • [ ] If added a new recipe that has a User type with extra info, then be sure to change the User type in supertokens_python/types.py
  • [ ] Make sure that syncio / asyncio functions are consistent.
  • [ ] If access token structure has changed
    • Modified test in tests/sessions/test_access_token_version.py to account for any new claims that are optional or omitted by the core

anku255 avatar Apr 23 '24 10:04 anku255