gristlabs_grist-core/test
Paul Fitzpatrick 561d9696aa (core) clean up interaction of forward auth with session
Summary:
For self-hosted Grist, forward auth has proven useful, where
some proxy wrapped around Grist manages authentication, and
passes on user information to Grist in a trusted header.
The current implementation is adequate when Grist is the
only place where the user logs in or out, but is confusing
otherwise (see https://github.com/gristlabs/grist-core/issues/207).
Here we take some steps to broaden the scenarios Grist's
forward auth support can be used with:

  * When a trusted header is present and is blank, treat
    that as the user not being logged in, and don't look
    any further for identity information. Specifically,
    don't look in Grist's session information.
  * Add a `GRIST_IGNORE_SESSION` flag to entirely prevent
    Grist from picking up identity information from a cookie,
    in order to avoid confusion between multiple login methods.
  * Add tests for common scenarios.

Test Plan: added tests

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D3482
2022-06-15 13:06:12 -04:00
..
fixtures (core) Distinct style rules for summary columns 2022-04-27 20:51:23 +02:00
gen-server (core) add missing tsconfig file that affects IDEs 2022-05-27 13:48:58 -04:00
nbrowser (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
server (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
init-mocha-webdriver.js Correct spelling mistakes 2022-02-19 09:46:49 +00:00
mocha.opts (core) Move report-why-tests-hang helper to core 2021-04-26 23:52:16 -04:00
report-why-tests-hang.js (core) Move report-why-tests-hang helper to core 2021-04-26 23:52:16 -04:00
test_under_docker.sh (core) run test:docker target prior to pushing grist-core image 2021-12-14 14:22:02 -05:00
testUtils.ts (core) add missing tsconfig file that affects IDEs 2022-05-27 13:48:58 -04:00
tsconfig.json (core) Add flexibility to daily API usage limit 2022-04-28 16:22:18 +02:00
xunit-file.js (core) freshen grist-core build 2021-04-03 09:41:06 -04:00