Skip to content

Revert refresh token changes #4581

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gitwoz merged 3 commits into from
Jun 30, 2025
Merged

Revert refresh token changes #4581

gitwoz merged 3 commits into from
Jun 30, 2025

Conversation

@gitwoz
Copy link
Contributor

@gitwoz gitwoz commented Jun 30, 2025

No description provided.

@gitwoz gitwoz requested a review from a team as a code owner June 30, 2025 09:04
@gitwoz gitwoz linked an issue Jun 30, 2025 that may be closed by this pull request
Refresh token API #4535
Closed
@gitwoz gitwoz requested a review from ham-76 June 30, 2025 09:05
cursor[bot]
cursor bot reviewed Jun 30, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: JWT Issuer Mismatch Causes OAuth Failures

The JWT issuer is hardcoded to 'matters.news' instead of using environment.siteDomain. This breaks OAuth token validation and authentication in non-production environments (e.g., development, staging) where the domain differs, as JWTs will have an incorrect issuer claim.

src/connectors/oauthService.ts#L176-L177

matters-server/src/connectors/oauthService.ts

Lines 176 to 177 in f2cc812

expiresIn: OAUTH_ACCESS_TOKEN_EXPIRES_IN_MS / 1000,
issuer: 'matters.news',

Fix in Cursor

Bug: Test Password Mismatch Causes Authentication Failures

Test configuration inconsistency: Passwords for defaultTestUser and adminUser were updated to '123' in src/types/__test__/utils.ts, but src/types/__test__/2/auth.test.ts still uses the old password '12345678', leading to authentication test failures.

src/types/__test__/utils.ts#L55-L61

matters-server/src/types/__test__/utils.ts

Lines 55 to 61 in f2cc812

email: 'test1@matters.news',
password: '123',
userName: 'test1',
}
export const adminUser = {
email: 'admin1@matters.news',
password: '123',

Fix in Cursor

Was this report helpful? Give feedback by reacting with 👍 or 👎

@codecov
Copy link

codecov bot commented Jun 30, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 30.00000% with 35 lines in your changes missing coverage. Please review.

Project coverage is 56.40%. Comparing base (16b85ac) to head (f2cc812).
Report is 5 commits behind head on develop.

Files with missing lines Patch % Lines
src/connectors/userService.ts 25.00% 11 Missing and 1 partial ⚠️
src/common/utils/getViewer.ts 0.00% 10 Missing and 1 partial ⚠️
src/common/utils/cookie.ts 14.28% 5 Missing and 1 partial ⚠️
src/mutations/user/verifyEmail.ts 25.00% 3 Missing ⚠️
src/mutations/user/socialLogin.ts 0.00% 2 Missing ⚠️
src/mutations/user/userLogout.ts 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop    #4581      +/-   ##
===========================================
+ Coverage    55.71%   56.40%   +0.69%     
===========================================
  Files          975      973       -2     
  Lines        19179    19074     -105     
  Branches      4052     4032      -20     
===========================================
+ Hits         10685    10759      +74     
+ Misses        7730     7575     -155     
+ Partials       764      740      -24

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@gitwoz gitwoz merged commit 51b61c7 into develop Jun 30, 2025
5 of 6 checks passed
@delete-merged-branch delete-merged-branch bot deleted the revert/refresh-token branch June 30, 2025 09:30
@gitwoz gitwoz mentioned this pull request Jun 30, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@ham-76 ham-76 ham-76 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Refresh token API

3 participants

@gitwoz @ham-76