admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 01:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(API): do not reset the auth cookie on every request to GET /login (#4459)

Browse Source 
The cookie and the JWT refresh is already handled in `refreshExpiringCookie` middleware, which only updates the cookie 3 days before the expiration.

The middleware also uses `issueCookie`, which ensures that attributes like `sameSite` and `httpOnly` are correctly set on the cookie.
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2022-10-27 17:39:59 +02:00
committed by GitHub
parent 14ea21af97
commit c66929f53d
2 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/cli/test/integration/auth.api.test.ts
View File

@@ -103,8 +103,9 @@ test('GET /login should return 401 Unauthorized if no cookie', async () => {
expect(authToken).toBeUndefined();
});
test('GET /login should return cookie if UM is disabled', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
test('GET /login should return cookie if UM is disabled and no cookie is already set', async () => {
const authlessAgent = utils.createAgent(app);
await testDb.createUserShell(globalOwnerRole);
config.set('userManagement.isInstanceOwnerSetUp', false);
@@ -113,7 +114,7 @@ test('GET /login should return cookie if UM is disabled', async () => {
{ value: JSON.stringify(false) },
);
const response = await authAgent(ownerShell).get('/login');
const response = await authlessAgent.get('/login');
expect(response.statusCode).toBe(200);