Merge pull request #38 from muntact/feature/make-invalidate-called

Add invalidate function (WIP)

Author: jerelmiller

README.md

@@ -227,6 +227,9 @@ const credentialsAuthenticator = createAuthenticator({
   authenticate(data) {
     // ...
   },
+  invalidate(data) {
+    // ...
+  },
   restore(data) {
     // ...
   }
@@ -251,6 +254,16 @@ const credentialsAuthenticator = createAuthenticator({
   always returns a rejected promise resulting in an unauthenticated session. It
   is important that this function is defined when creating your authenticator.
 
+* `invalidate(data)` (_function_): A function responsible for doing any 
+  additional cleanup of the authenticated data. This function will be invoked 
+  when the [`invalidateSession`](#invalidatesession) action is dispatched. It
+  accepts a single argument with the data persisted to the session and must 
+  return a promise. A resolved promise will clear the authenticated session 
+  data and result in an unauthenticated session. A rejected promise will 
+  result in invalidation being interrupted, however session data will still be
+  wiped. Note that a default implementation of this function is defined if none
+  is given and always returns a resolved promise.
+
 * `restore(data)` (_function_): A function used to restore the session,
   typically after a page refresh. This function will be invoked when the
   middleware is first created. It accepts an argument with the data persisted to
@@ -291,6 +304,9 @@ const credentialsAuthenticator = createAuthenticator({
     }
 
     return Promise.reject()
+  },
+  invalidate(data) {
+    return fetch('/api/invalidate', { method: 'DELETE' })
   }
 })
 

packages/redux-simple-auth/src/actionTypes.js

@@ -6,6 +6,7 @@ export const AUTHENTICATE_SUCCEEDED = `${prefix}/AUTHENTICATE_SUCCEEDED`
 export const FETCH = `${prefix}/FETCH`
 export const INITIALIZE = `${prefix}/INITIALIZE`
 export const INVALIDATE_SESSION = `${prefix}/INVALIDATE_SESSION`
+export const INVALIDATE_SESSION_FAILED = `${prefix}/INVALIDATE_SESSION_FAILED`
 export const UPDATE_SESSION = `${prefix}/UPDATE_SESSION`
 export const RESTORE = `${prefix}/RESTORE`
 export const RESTORE_FAILED = `${prefix}/RESTORE_FAILED`

packages/redux-simple-auth/src/actions.js

@@ -5,6 +5,7 @@ import {
   FETCH,
   INITIALIZE,
   INVALIDATE_SESSION,
+  INVALIDATE_SESSION_FAILED,
   UPDATE_SESSION,
   RESTORE,
   RESTORE_FAILED
@@ -36,6 +37,10 @@ export const invalidateSession = () => ({
   type: INVALIDATE_SESSION
 })
 
+export const invalidateSessionFailed = () => ({
+  type: INVALIDATE_SESSION_FAILED
+})
+
 export const updateSession = payload => ({
   type: UPDATE_SESSION,
   payload

packages/redux-simple-auth/src/createAuthenticator.js

@@ -1,10 +1,9 @@
-export default (
-  {
-    name,
-    restore = () => Promise.reject(),
-    authenticate = () => Promise.reject()
-  } = {}
-) => {
+export default ({
+  name,
+  restore = () => Promise.reject(),
+  authenticate = () => Promise.reject(),
+  invalidate = (data) => Promise.resolve(data)
+} = {}) => {
   if (name == null) {
     throw new Error('Authenticators must define a `name` property')
   }
@@ -18,6 +17,7 @@ export default (
   return {
     name,
     restore,
-    authenticate
+    authenticate,
+    invalidate
   }
 }

packages/redux-simple-auth/src/middleware.js

@@ -1,14 +1,20 @@
 import defaultStorage from './storage/default'
 import isPlainObject from 'lodash.isplainobject'
-import { AUTHENTICATE, FETCH } from './actionTypes'
+import { AUTHENTICATE, FETCH, INVALIDATE_SESSION } from './actionTypes'
 import {
   authenticateFailed,
   authenticateSucceeded,
   invalidateSession,
+  invalidateSessionFailed,
   restore,
   restoreFailed,
   updateSession
 } from './actions'
+import {
+  getSessionData,
+  getAuthenticator,
+  getIsAuthenticated
+} from './selectors'
 
 const validateAuthenticatorsPresence = ({ authenticator, authenticators }) => {
   if (authenticator == null && authenticators == null) {
@@ -98,18 +104,18 @@ export default (config = {}) => {
             )
         }
         case FETCH: {
-          const { session } = getState()
+          const state = getState()
           const { url, options = {} } = action.payload
           const { headers = {} } = options
 
           if (authorize) {
-            authorize(session.data, (name, value) => {
+            authorize(getSessionData(state), (name, value) => {
               headers[name] = value
             })
           }
 
           return fetch(url, { ...options, headers }).then(response => {
-            if (response.status === 401 && session.isAuthenticated) {
+            if (response.status === 401 && getIsAuthenticated(state)) {
               dispatch(invalidateSession())
             } else if (refresh) {
               const result = refresh(response)
@@ -120,6 +126,44 @@ export default (config = {}) => {
             return response
           })
         }
+        case INVALIDATE_SESSION: {
+          const state = getState()
+
+          if (!state.session) {
+            throw new Error(
+              'No session data to invalidate. Be sure you authenticate the ' +
+              'session before you try to invalidate it' 
+            )
+          }
+
+          const authenticatorName = getAuthenticator(state)
+
+          if (!authenticatorName) {
+            dispatch(invalidateSessionFailed())
+            return Promise.reject(
+              new Error(
+                'No authenticated session. Be sure you authenticate the session ' +
+                'before you try to invalidate it'
+              )
+            )
+          }
+
+          const authenticator = findAuthenticator(authenticatorName)
+
+          if (!authenticator) {
+            throw new Error(
+              `No authenticator with name \`${authenticatorName}\` ` +
+                'was found. Be sure you have defined it in the authenticators ' +
+                'config.'
+            )
+          }
+          
+          return authenticator.invalidate(getSessionData(state)).then(
+            () => next(action),
+            // TODO: what happens in this block:
+            () => dispatch(invalidateSessionFailed())
+          )
+        }
         default: {
           const { session: prevSession } = getState()
           const result = next(action)

packages/redux-simple-auth/test/middleware.spec.js

@@ -9,7 +9,8 @@ import {
   authenticateSucceeded,
   fetch as fetchAction,
   invalidateSession,
-  updateSession
+  updateSession,
+  invalidateSessionFailed
 } from '../src/actions'
 import {
   failAuthenticator,
@@ -238,6 +239,75 @@ describe('auth middleware', () => {
     })
   })
 
+  describe('when invalidating', () => {
+    it('calls authenticators invalidate', () => {
+      const middleware = configureMiddleware(spiedAuthenticator)
+      const mockStore = configureStore([middleware])
+      const data = { username: 'test', password: 'password' }
+      const store = mockStore({ session: { authenticator: 'test', data } })
+      const invalidateAction = invalidateSession()
+
+      store.dispatch(invalidateAction)
+      expect(spiedAuthenticator.invalidate).toHaveBeenCalledWith(data)
+
+      spiedAuthenticator.authenticate.mockClear()
+      spiedAuthenticator.invalidate.mockClear()
+    })
+
+    describe('when there is no session', () => {
+      it('throws error', () => {
+        const authenticator = createAuthenticator({
+          name: 'fake'
+        })
+        const middleware = configureMiddleware(authenticator)
+        const mockStore = configureStore([middleware])
+        const store = mockStore()
+        const action = invalidateSession('not-real', {})
+
+        expect(() => store.dispatch(action)).toThrow(
+          'No session data to invalidate. Be sure you authenticate the ' +
+          'session before you try to invalidate it'
+        )
+      })
+    })
+
+    describe('when redux store authenticator is not found', () => {
+      it('returns a rejected promise and dispatches invalidate Session', async () => {
+        const authenticator = createAuthenticator({
+          name: 'unmatchable'
+        })
+        const middleware = configureMiddleware(authenticator)
+        const mockStore = configureStore([middleware])
+        const store = mockStore({ session: { } })
+        await expect(store.dispatch(invalidateSession())).rejects.toEqual(
+          new Error(
+            'No authenticated session. Be sure you authenticate the session ' +
+            'before you try to invalidate it'
+          )
+        )
+
+        expect(store.getActions()).toContainEqual(invalidateSessionFailed())
+      })
+    })
+
+    describe('when there is no authenticator', () => {
+      it('throws error', () => {
+        const authenticator = createAuthenticator({
+          name: 'fake'
+        })
+        const middleware = configureMiddleware(authenticator)
+        const mockStore = configureStore([middleware])
+        const store = mockStore()
+        const action = invalidateSession()
+
+        expect(() => store.dispatch(action)).toThrow(
+          'No session data to invalidate. Be sure you authenticate the ' +
+          'session before you try to invalidate it' 
+        )
+      })
+    })
+  })
+
   describe('session restoration', () => {
     it('hydrates session data from storage', () => {
       const middleware = configureMiddleware()
@@ -387,19 +457,21 @@ describe('auth middleware', () => {
     })
 
     describe('when request returns 401 unauthorized', () => {
-      it('dispatches invalidateSession', async () => {
+      it('calls authenticators invalidate', async () => {
         fetch.mockResponse(JSON.stringify({ ok: true }), { status: 401 })
-        const middleware = configureMiddleware()
+        const middleware = configureMiddleware(spiedAuthenticator)
         const mockStore = configureStore([middleware])
         const data = { token: '1235' }
-        const store = mockStore({ session: { data, isAuthenticated: true } })
-        const invalidateAction = invalidateSession()
+        const store = mockStore({
+          session: { data, isAuthenticated: true, authenticator: 'test' }
+        })
 
         await store.dispatch(fetchAction('https://test.com'))
 
-        expect(store.getActions()).toEqual(
-          expect.arrayContaining([invalidateAction])
-        )
+        expect(spiedAuthenticator.invalidate).toHaveBeenCalledWith(data)
+
+        spiedAuthenticator.authenticate.mockClear()
+        spiedAuthenticator.invalidate.mockClear()
       })
 
       it('does not dispatch if not authenticated', async () => {

packages/redux-simple-auth/test/utils/authenticators.js

@@ -3,17 +3,20 @@ import { createAuthenticator } from '../../src'
 export const spiedAuthenticator = createAuthenticator({
   name: 'test',
   authenticate: jest.fn(data => Promise.resolve(data)),
-  restore: jest.fn(() => Promise.resolve())
+  restore: jest.fn(() => Promise.resolve()),
+  invalidate: jest.fn(data => Promise.resolve(data))
 })
 
 export const successAuthenticator = createAuthenticator({
   name: 'test',
   authenticate: () => Promise.resolve({ token: 'abcdefg' }),
-  restore: () => Promise.resolve()
+  restore: () => Promise.resolve(),
+  invalidate: () => Promise.resolve()
 })
 
 export const failAuthenticator = createAuthenticator({
   name: 'test',
   authenticate: () => Promise.reject(),
-  restore: () => Promise.reject()
+  restore: () => Promise.reject(),
+  invalidate: jest.fn(data => Promise.resolve(data))
 })