gristlabs_grist-core/app/server
Paul Fitzpatrick 561d9696aa (core) clean up interaction of forward auth with session
Summary:
For self-hosted Grist, forward auth has proven useful, where
some proxy wrapped around Grist manages authentication, and
passes on user information to Grist in a trusted header.
The current implementation is adequate when Grist is the
only place where the user logs in or out, but is confusing
otherwise (see https://github.com/gristlabs/grist-core/issues/207).
Here we take some steps to broaden the scenarios Grist's
forward auth support can be used with:

  * When a trusted header is present and is blank, treat
    that as the user not being logged in, and don't look
    any further for identity information. Specifically,
    don't look in Grist's session information.
  * Add a `GRIST_IGNORE_SESSION` flag to entirely prevent
    Grist from picking up identity information from a cookie,
    in order to avoid confusion between multiple login methods.
  * Add tests for common scenarios.

Test Plan: added tests

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D3482
2022-06-15 13:06:12 -04:00
..
declarations (core) disentangle some server tests, release to core, add GRIST_PROXY_AUTH_HEADER test 2022-03-24 15:11:32 -04:00
lib (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
declarations.d.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
devServerMain.ts (core) Adding google drive plugin as a fallback for url plugin 2021-08-04 17:59:13 +02:00
generateCheckpoint.ts (core) get all tests working under python3/gvisor 2021-10-18 17:44:15 -04:00
generateInitialDocSql.ts (core) get all tests working under python3/gvisor 2021-10-18 17:44:15 -04:00
mergedServerMain.ts (core) make it easier to enable Azure storage without setting GRIST_DOCS_S3_BUCKET 2022-06-03 14:50:31 -04:00
tsconfig.json (core) Simple localization support and currency selector. 2021-08-26 13:36:49 -07:00