perf: remove quick-login.html (#1994)

2021-03-14 13:39:32 -07:00 · 2021-03-14 13:39:32 -07:00 · 193db0aa15
parent cf0f1d884a
commit 193db0aa15
5 changed files with 38 additions and 50 deletions
--- a/src/routes/_actions/doQuickLoginIfNecessary.js
+++ b/src/routes/_actions/doQuickLoginIfNecessary.js
@ -0,0 +1,35 @@
+// "Secret" API to quickly log in with an access token and instance name.
+// Used in the integration tests. Can't see a problem with exposing this publicly
+// since you would have to know the access token anyway.
+
+import { store } from '../_store/store'
+import { goto } from '../../../__sapper__/client'
+
+export function doQuickLoginIfNecessary () {
+  const params = new URLSearchParams(location.search)
+  const accessToken = params.get('accessToken')
+  const instanceName = params.get('instanceName')
+  if (!accessToken || !instanceName) {
+    return
+  }
+  const {
+    loggedInInstances,
+    loggedInInstancesInOrder
+  } = store.get()
+
+  loggedInInstances[instanceName] = {
+    access_token: accessToken
+  }
+
+  if (!loggedInInstancesInOrder.includes(instanceName)) {
+    loggedInInstancesInOrder.push(instanceName)
+  }
+
+  store.set({
+    currentInstance: instanceName,
+    loggedInInstances,
+    loggedInInstancesInOrder
+  })
+  store.save()
+  goto('/') // re-navigate without the URL params
+}
--- a/src/routes/_pages/index.html
+++ b/src/routes/_pages/index.html
@ -9,9 +9,11 @@
  import TimelineHomePage from '../_components/TimelineHomePage.html'
  import { observe } from 'svelte-extras'
  import { showShareDialogIfNecessary } from '../_actions/showShareDialogIfNecessary'
+  import { doQuickLoginIfNecessary } from '../_actions/doQuickLoginIfNecessary'

  export default {
    async oncreate () {
+      doQuickLoginIfNecessary()
      let observed = false
      this.observe('currentVerifyCredentials', verifyCredentials => {
        if (verifyCredentials && !observed) {
--- a/src/routes/settings/quick-login.html
+++ b/src/routes/settings/quick-login.html
@ -1,33 +0,0 @@
-<!-- this is only used in the tests, to log in quickly -->
-<script>
-  import { store } from '../_store/store'
-  import { goto } from '../../../__sapper__/client'
-
-  export default {
-    store: () => store,
-    oncreate () {
-      const accessToken = location.search.match(/accessToken=([^&]+)/)[1]
-      const instanceName = location.search.match(/instanceName=([^&]+)/)[1]
-      const {
-        loggedInInstances,
-        loggedInInstancesInOrder
-      } = this.store.get()
-
-      loggedInInstances[instanceName] = {
-        access_token: accessToken
-      }
-
-      if (!loggedInInstancesInOrder.includes(instanceName)) {
-        loggedInInstancesInOrder.push(instanceName)
-      }
-
-      this.store.set({
-        currentInstance: instanceName,
-        loggedInInstances,
-        loggedInInstancesInOrder
-      })
-      this.store.save()
-      goto('/')
-    }
-  }
-</script>
--- a/tests/roles.js
+++ b/tests/roles.js
@ -3,7 +3,7 @@ import { users } from './users'

 // quick login using a secret page and a known access token (makes tests run faster)
 async function login (t, user) {
-  await t.navigateTo(`/settings/quick-login?instanceName=localhost:3000&accessToken=${user.accessToken}`)
+  await t.navigateTo(`/?instanceName=localhost:3000&accessToken=${user.accessToken}`)
    .expect(getUrl()).eql('http://localhost:4002/', { timeout: 30000 })
 }

--- a/vercel.json
+++ b/vercel.json
@ -256,22 +256,6 @@
        "cross-origin-opener-policy": "same-origin"
      }
    },
-    {
-      "src": "^\\/settings\\/quick-login\\/?$",
-      "headers": {
-        "cache-control": "public,max-age=3600",
-        "content-security-policy": "default-src 'self';script-src 'self' 'sha256-fM8bPHTtg62HWLF582AUElbUYoLeNdbgfS5Wim6+X2E=' 'sha256-Rv0XCoOhq4H0QyKE7rEhr+e9GI5gsmGcC04fY0HPORc=' 'sha256-28NJWgGMi7z1BsySG4SYZCjth/ys7dkElS3oIl5ZEqM=' 'sha256-nUHIts9QUqQq4nfffteH1WG3ZeWESwmxZn6bWMNWsiM=' 'sha256-MGLg9fH15qQqEcT+iTfwx/cfVp2MgjSrVt08u3NVKa8=' 'sha256-OQjxgqHHnjfZwkCEsAo2MRjd3GuPmg+RvmjrZd35TN4=' 'sha256-sS3nggZVNGyoYqI7U/PSwnwI4CymIdHNgJwW49qztWo=' 'sha256-aASq1hOJ8PP2cfK9QGXaCLdqgtkDXDb5VFXlSyrpX/M=' 'sha256-1ujkGrbsh0Yx/bquh2I9gkG1ZaZetCkjre6vciK2u7U=';worker-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' * data: blob:;media-src 'self' *;connect-src 'self' * data: blob:;frame-src 'none';frame-ancestors 'none';object-src 'none';manifest-src 'self';form-action 'self';base-uri 'self'",
-        "referrer-policy": "no-referrer",
-        "strict-transport-security": "max-age=15552000; includeSubDomains",
-        "permissions-policy": "sync-xhr=(),document-domain=()",
-        "x-content-type-options": "nosniff",
-        "x-download-options": "noopen",
-        "x-frame-options": "DENY",
-        "x-xss-protection": "1; mode=block",
-        "cross-origin-opener-policy": "same-origin"
-      },
-      "dest": "service-worker-index.html"
-    },
    {
      "src": "^\\/settings\\/instances\\/?$",
      "headers": {