Remove credentials and session from Onyx on sign out #7397
Conversation
|
|
…ignOut Remove credentials and session from Onyx on sign out (cherry picked from commit ba15491)
|
🚀 Cherry-picked to staging by @danieldoglas in version: 1.1.32-2 🚀
@Expensify/applauseleads please QA this PR and check it off on the deploy checklist if it passes. |
| Onyx.set(ONYXKEYS.SESSION, null); | ||
| Onyx.set(ONYXKEYS.CREDENTIALS, null); | ||
| Timing.clearData(); | ||
| redirectToSignIn(); |
There was a problem hiding this comment.
Hey why is this necessary redirectToSignIn is clearing the whole storage anyway?
There was a problem hiding this comment.
For some reason redirectToSignIn was failing to clear the storage and discard the authToken. This PR solved an issue where after being redirected, the user could refresh the page and would be logged in again.
There was a problem hiding this comment.
For some reason redirectToSignIn was failing to clear the storage and discard the authToken. This PR solved an issue where after being redirected, the user could refresh the page and would be logged in again.
What was the reason?
There was a problem hiding this comment.
Not sure yet. I'll investigate it as part of https://github.com/Expensify/Expensify/issues/194430
There was a problem hiding this comment.
Update - it seems that Onyx.clear is slow. In my tests, it took about 2.3s for Onyx.clear to be executed. In the meantime, we could refresh the page and "sign in" again since an authToken is still stored.
I took a quick look at the implementation of Onyx.clear, but I'm not sure how to improve its performance. Any suggestions? @kidroca @marcaaron
There was a problem hiding this comment.
Does it mean that if I have component A that is subscribed to three keys, then when
clear()is called, component A re-renders three times?
yes and no, depending on what you consider a render
yes - it would trigger render method 3 times and also trigger any children renders.
no - the screen might not re-render at all, or only do it once
setState is called per key and each time triggers a re-render
subscriber.withOnyxInstance.setState({
[subscriber.statePropertyName]: data,
});Another possible alternative is something like adding a
clearWithoutTriggeringSubscribers()type method.
This would not make any subscribers aware of the change and isAuthenticated would not transition to false
There was a problem hiding this comment.
This would not make any subscribers aware of the change and isAuthenticated would not transition to false
Yep, you're right.
OK, so another thought. We know that when we are signing out, we want everything to get unmounted. What if we unmount everything before calling clear()? Practically, that could be something like:
- Click sign out
- Go to /signout which is just a special stand-alone page (everything else in the app would be unmounted at this point)
- Clear out Onyx
- Redirect to sign in
Maybe that's still too much of a hack. Again, I'd rather fix the performance in the first place, but I did want to see what other alternatives we could think of.
There was a problem hiding this comment.
The best alternative (besides making clear or Onyx faster) is already applied
Onyx.set(ONYXKEYS.SESSION, null);
Onyx.set(ONYXKEYS.CREDENTIALS, null);Removes authToken unmounting 95% of App and takes us to the SignIn page
Then Onyx.clear clears the rest of the stored values
@luacmartins Onyx.clear happens faster with these changes and doesn't take 2.3s, right?
There was a problem hiding this comment.
Hmm either something changed or my computer is faster today, as both cases took about 1.2-1.3s. The difference in timing is pretty small, so it's hard to say that clear happens faster because of those changes. I used the same account for both tests, cleared browsing data and did a fresh login in each scenario.
With changes
Without changes
There was a problem hiding this comment.
It seems JS blocking time is 100ms
Maybe in the past it was 1000 for some reason, or it was never the cause for the delay...
It might depend on the amount of data stored in index DB
Or if reads / writes were happening while clearing for some reason
Details
Removes session and credentials from local storage after sign out.
Fixed Issues
$ https://github.com/Expensify/Expensify/issues/193459
Tests
QA Steps
Steps above.
Tested On
Screenshots
Web
web.mov
Mobile Web
Desktop
desktop.mov
iOS
Android