How should we handle queries that require a user's password/username? #370

transmissions11 · 2020-04-18T21:24:59Z

transmissions11
Apr 18, 2020

I'm using E2EE encryption for a project I'm working on, and I want to retrieve the user's contacts and decrypt them, and then use ReactQuery to manage refetching, etc.

However, I'm not sure if I'm taking the right approach here?

import { useQuery } from "react-query";
import { requestAndDecryptUserContacts } from "../api/Users";
import { useAuth } from "../context/UserContext";

const userContactFetcher = async (_, username, decryptionKey) => {
  requestAndDecryptUserContacts(username, decryptionKey);
};

export default function useContacts() {
  const { decryptionKey, username } = useAuth();

  return useQuery(
    ["contacts", { decryptionKey, username }],
    userContactFetcher
  );
}

It feels odd to have the password + username in the query key? I was wondering if I should make userContactFetcher a closure and use the decryptionKey and username variables in there?

Answered by tannerlinsley

Apr 18, 2020

How about using the optional queryVariables parameter to send your decryption key through to the query function?

import { useQuery } from 'react-query'
import { requestAndDecryptUserContacts } from '../api/Users'
import { useAuth } from '../context/UserContext'

const userContactFetcher = (_, username, decryptionKey) =>
  requestAndDecryptUserContacts(username, decryptionKey)

export default function useContacts() {
  const { decryptionKey, username } = useAuth()

  return useQuery(['contacts', username], decryptionKey, userContactFetcher)
}

View full answer

tannerlinsley · 2020-04-18T21:37:36Z

tannerlinsley
Apr 18, 2020
Maintainer

How about using the optional queryVariables parameter to send your decryption key through to the query function?

import { useQuery } from 'react-query'
import { requestAndDecryptUserContacts } from '../api/Users'
import { useAuth } from '../context/UserContext'

const userContactFetcher = (_, username, decryptionKey) =>
  requestAndDecryptUserContacts(username, decryptionKey)

export default function useContacts() {
  const { decryptionKey, username } = useAuth()

  return useQuery(['contacts', username], decryptionKey, userContactFetcher)
}

3 replies

transmissions11 Apr 18, 2020
Author

This makes sense, thank you! Should I do this with the username too, as users will never view another user's contacts?

tannerlinsley Apr 18, 2020
Maintainer

Yes that should be fine. Oh and also I had a typo, the optional variables has to be an array of items, anyway, so this is how you should do it now:

useQuery('contacts', [username, decryptionKey], userContactFetcher)

This also means that you should make sure to clear the query cache when a user logs out, in case they log out of one user and into another, and see a cached copy of the last users contacts ;)

transmissions11 Apr 19, 2020
Author

Thanks for all your help! Will do!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

How should we handle queries that require a user's password/username? #370

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 3 replies

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

Select a reply

How should we handle queries that require a user's password/username? #370

transmissions11 Apr 18, 2020

Replies: 1 comment · 3 replies

tannerlinsley Apr 18, 2020 Maintainer

transmissions11 Apr 18, 2020 Author

tannerlinsley Apr 18, 2020 Maintainer

transmissions11 Apr 19, 2020 Author

transmissions11
Apr 18, 2020

Replies: 1 comment 3 replies

tannerlinsley
Apr 18, 2020
Maintainer

transmissions11 Apr 18, 2020
Author

tannerlinsley Apr 18, 2020
Maintainer

transmissions11 Apr 19, 2020
Author