Skip to content

Fix double initialization of user authentication in ScriptTag #357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 19, 2024
Merged

Fix double initialization of user authentication in ScriptTag #357

merged 1 commit into from
Dec 19, 2024

Conversation

DamonFstr
Copy link
Contributor

@DamonFstr DamonFstr commented Dec 19, 2024
edited
Loading

When initializing ScriptTag, we were calling user_details= twice:
once for initial user details and again when merging lead attributes.

In #356, this caused both JWT and user_hash to be included in the settings
when only one should be present (because we delete the user_id from the unsigned payload - so we end up doing user_hash on the email address the 2nd time around)

@DamonFstr DamonFstr force-pushed the damon/double-user-details branch 4 times, most recently from 72ca065 to c49e926 Compare December 19, 2024 13:09
@DamonFstr DamonFstr marked this pull request as ready for review December 19, 2024 13:13
DamonFstr
DamonFstr commented Dec 19, 2024
View reviewed changes
intercom-rails.gemspec
Comment on lines -28 to -29
s.add_development_dependency 'thin', '~> 1.7.0'
s.add_development_dependency 'bigdecimal', '1.3.5'
Copy link
Contributor Author

@DamonFstr DamonFstr Dec 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not needed? I couldn't install these on apple silicon/newer ruby. I was going to bump them but removing them appears to have done nothing.

I think big decimal might be included in modern versions of ruby?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Look like 1.3.5 version is for ruby version before 2.5 if you want to use BigDecimal.new and subclassing without warning, see here
Screenshot 2024-12-19 at 14 38 18

But I'm not sure if we actually need it in our gem.

@DamonFstr DamonFstr force-pushed the damon/double-user-details branch from c49e926 to e6410ad Compare December 19, 2024 13:22
dkremez
dkremez approved these changes Dec 19, 2024
View reviewed changes
Copy link
Contributor

@dkremez dkremez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@DamonFstr DamonFstr merged commit 3296abf into master Dec 19, 2024
1 check passed
@DamonFstr DamonFstr deleted the damon/double-user-details branch December 19, 2024 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dkremez dkremez dkremez approved these changes

@eugeneius eugeneius Awaiting requested review from eugeneius

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DamonFstr @dkremez