Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JWT] Handle logout when Identity verification is on #1488

Merged
merged 5 commits into from
Oct 4, 2024
Merged

[JWT] Handle logout when Identity verification is on #1488

merged 5 commits into from
Oct 4, 2024

Conversation

nan-li
Copy link
Contributor

@nan-li nan-li commented Oct 3, 2024
edited by jwilm
Loading

Description

One Line Summary

Handle logout when JWT is on by disabling the push subscription and still create an anonymous local user to prevent data updates.

Details

Motivation

When JWT is on, logout needs to be handled differently. This is a small PR, so logout is handled simply.

Scope

  • Logout will mostly be the same: an anonymous user is created locally but user creation will be blocked from sending to the server and this anonymous user's requests are dropped. Changing users in the SDK prevents mixing up data or making updates to the old user incorrectly.
  • Additionally, disable push sub when logout called with JWT on by using a local flag, which will send a subscription update request.
  • When login is next called, this flag will revert and the push subscription will maintain its original state.

Testing

Unit testing

❗️TODO

Manual testing

To fill out
Tested on iPhone 13 on iOS 17

  1. Be logged in and push permission granted
  2. Call logout and see the push subscription is disabled on server
  3. Kill and re-open app to drive a new session
  4. No IAM is fetched due to no viable alias
  5. Log back into the same user and IAM is now fetched (driven by user change)
  6. The login generates a user create request that sends the correct push subscription state from before disabling

Affected code checklist

  • Notifications
    • Display
    • Open
    • Push Processing
    • Confirm Deliveries
  • Outcomes
  • Sessions
  • In-App Messaging
  • REST API requests
  • Public API changes

Checklist

Overview

  • I have filled out all REQUIRED sections above
  • PR does one thing
  • Any Public API changes are explained in the PR details and conform to existing APIs

Testing

  • I have included test coverage for these changes, or explained why they are not needed
  • All automated tests pass, or I explained why that is not possible
  • I have personally tested this on my device, or explained why that is not possible

Final pass

  • Code is as readable as possible.
  • I have reviewed this PR myself, ensuring it meets each checklist item

This change is Reviewable

nan-li added 3 commits October 2, 2024 22:14
@nan-li
Disable push sub when logout called (JWT on)
0dc2cee
@nan-li
Fire user observer on logout (JWT on)
5ad412f 
* Usually, on logout, the user observer will fire once the anonymous user is created to the backend and returns with an OSID. However, when Identity Verification is on, that will not happen, so fire the observer early with `nil` values to represent there is no user in the SDK currently.
* Firing the observer will save the state and necessary to know when the user logs back in. This is used by the messaging controller to fetch IAM appropriately. On a new session, it will not fetch IAM if logged out, but as the user observer, it will fetch once a user logs in.
@nan-li
[nit] move a method to extension for swiftlint
0d9c62d
@nan-li nan-li requested a review from emawby October 3, 2024 17:59
@nan-li nan-li merged commit 1e7bce1 into identity_verification_multiple_users Oct 4, 2024
1 of 2 checks passed
@nan-li nan-li deleted the identity_verification_logout branch October 4, 2024 22:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emawby emawby emawby approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nan-li @emawby