faustjs
faustjs copied to clipboard
wpengine
Only request token endpoint initially, then use a cookie to determine if there is an authenticated user
Tasks
- [x] I have signed a Contributor License Agreement (CLA) with WP Engine.
- [x] If a code change, I have written testing instructions that the whole team & outside contributors can understand.
- [x] I have written and included a comprehensive changeset to properly document the changes I've made.
Description
This PR addresses https://github.com/wpengine/faustjs/issues/1723#issuecomment-1896433873 and creates a new cookie that determines if there is a refresh token saved in the cookie, without exposing sensitive data and is accessible in the browser/client.
This allows us to make one initial request to the token endpoint, and then thereafter reference the cookie to determine if there is an authenticated user for stuff like the toolbar. This essentially turns a request for the token on every single page to only once for non-authenticated users.
Related Issue(s):
Testing
- From the
canarybranch, start the example project:npm run dev -w @faustwp/getting-started-example - Open the network tools, and notice every page you visit has a 401 response for the token endpoint.
- Now, checkout this branch
- Run
npm installat the monorepo root - Run
npm run buildat the monorepo root - Run the example project
npm run dev -w @faustwp/getting-started-example - With the network tools open, visit the home page http://localhost:3000. Notice the 401 response from the token endpoint. Refresh and see that no additional requests are made to the token endpoint as an unauthenticated user.
- Try and break it with the other testing things below
Other testing things to ensure functionality still works as expected
- [ ] Ensure refresh tokens are still set properly on login/logout
- [ ] Ensure backwards compatibility still works. For example, if there is a cookie for just the refresh token, the reference token should still get set properly
Screenshots
Documentation Changes
Dependant PRs
🦋 Changeset detected
Latest commit: b445a6b6ef52f4d5838ce10b27eda143e8541551
The changes in this PR will be included in the next version bump.
This PR includes changesets to release 1 package
| Name | Type |
|---|---|
| @faustwp/core | Patch |
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
![changeset-bot[bot] avatar](https://avatars.githubusercontent.com/in/28616?v=4 "Published by a pub.dev verified publisher"){kind=small}
📦 Next.js Bundle Analysis for @faustwp/getting-started-example
This analysis was generated by the Next.js Bundle Analysis action. 🤖
⚠️ Global Bundle Size Increased
| Page | Size (compressed) |
|---|---|
global |
247.03 KB (🟡 +559 B) |
Details
The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.
Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis
If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}