Fix various post sign out requests + bugs

[marcaaron]

@Julesssss @tgolen

Details

There are a few login bugs that I noticed while testing the sign in / sign out flows and I'm addressing them all here.

Fixed Issues

Fixes https://github.com/Expensify/Expensify/issues/148468

Tests

1. Log in
2. Quickly log out
3. Verify you can safely log in again and there are no endless requests being made on a loop in the JS console

Screenshots

❌

[github-actions]

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

[marcaaron]

If we don't do this we'll allow a request to be made that can't possibly succeed so it's better that we never make it at all.

[tgolen]

If someone adds another throw inside enhanceParameters, or there is some kind of bug that gets introduced that throws an unexpected error, it's not clear that this will cause the network queue to be cleared. I'd rather be very explicit about how this work by doing maybe one of these solutions:

1. Have a method Network.clearRequestQueue() that is called in place of the throw new Error('A request was made without an authToken');. I'd prefer this one because it's very clear what the intention of the code is.
2. Have specific checking here on err to only clear the request queue when the A request was made without an authToken error is thrown. I don't like this as much because if I were just looking at addAuthTokenToParameters I wouldn't know that clearing the network queue could be a side-effect of throwing an error.

[marcaaron]

Ok, that's a valid concern. The problem with 1 if that we probably don't need to make any request if we have no authToken. Clearing the network request queue alone doesn't achieve this since we are already making this request on the next line.

[marcaaron]

Will think about this some more.

[marcaaron]

Ok I got a better solution. We will:

1. Clear and pause the request queue via addAuthTokenToParameters()
2. Check to see if calling enhanceParameters() paused the queue and return early

[marcaaron]

In some cases, report data will show up first without a reportID and no reportName. In those cases, we should not attempt to fetch a report that has no reportID

[Gonals]

Should we attempt to fetch data with ReportID but undefined reportName?

[marcaaron]

Yeah so, it's completely OK to do that (see the comment above) and in fact we want to because we might be handling a report comment from Pusher and we need to download it. Reports that we've downloaded already should have some kind of report name in storage. This is a little weird but it's just how it works for now. Maybe in the future we will fix this to make it more obvious that a report has not been fetched from the server and won't use the reportName implementation detail.

[tgolen]

How would it be possible for there to be a report without a reportID? Especially since the Onyx key uses the report ID in the name of the key?

[marcaaron]

In theory, this could happen anytime we call merge() for a report that doesn't exist without also including the reportID. I'm not exactly sure what situation leads to that happening here, but this seems like a safe way to avoid calling an API that is guaranteed to fail.

[marcaaron]

This seemed to be failing due to not having an authToken despite authenticating just prior.

[tgolen]

I think this should be avoided and I would rather dig into why the authToken sent with the DeleteLogin request is incorrect. Maybe this is what we are discussing in this slack thread today?

[Julesssss]

Ran out of time today, will have to review tomorrow morning.

[Gonals]

Looks good, just one question!

[Gonals]

@tgolen All yours!

[tgolen]

If someone adds another throw inside enhanceParameters, or there is some kind of bug that gets introduced that throws an unexpected error, it's not clear that this will cause the network queue to be cleared. I'd rather be very explicit about how this work by doing maybe one of these solutions:

1. Have a method Network.clearRequestQueue() that is called in place of the throw new Error('A request was made without an authToken');. I'd prefer this one because it's very clear what the intention of the code is.
2. Have specific checking here on err to only clear the request queue when the A request was made without an authToken error is thrown. I don't like this as much because if I were just looking at addAuthTokenToParameters I wouldn't know that clearing the network queue could be a side-effect of throwing an error.

[tgolen]

How would it be possible for there to be a report without a reportID? Especially since the Onyx key uses the report ID in the name of the key?

[tgolen]

I think this should be avoided and I would rather dig into why the authToken sent with the DeleteLogin request is incorrect. Maybe this is what we are discussing in this slack thread today?

[marcaaron]

Updated this one.

[tgolen]

Cool, I like how you solved that. It's a little awkward to see a double-check for the queue being paused, but the comment you added clarifies why it's necessary and I don't see any other way around it.

[marcaaron]

Updated