remove enforce session keys flag

hicommonwealth · Aug 16, 2024 · 4ce4889 · 4ce4889
1 parent 76ac405
commit 4ce4889
Show file tree

Hide file tree

Showing 15 changed files with 101 additions and 148 deletions.
diff --git a/packages/commonwealth/client/scripts/controllers/server/sessions.ts b/packages/commonwealth/client/scripts/controllers/server/sessions.ts
@@ -136,9 +136,6 @@ async function sign(
       const config = fetchCachedConfiguration();
 
       if (!savedSessionMessage) {
-        if (!config?.enforceSessionKeys) {
-          return null;
-        }
         throw new SessionKeyError({
           name: 'Authentication Error',
           message: `No session found for ${did}`,
@@ -153,9 +150,6 @@ async function sign(
         const sessionExpirationTime =
           session.context.timestamp + session.context.duration;
         if (Date.now() > sessionExpirationTime) {
-          if (!config?.enforceSessionKeys) {
-            return null;
-          }
           throw new SessionKeyError({
             name: 'Authentication Error',
             message: `Session expired for ${did}`,

diff --git a/packages/commonwealth/client/scripts/state/api/configuration/fetchConfiguration.ts b/packages/commonwealth/client/scripts/state/api/configuration/fetchConfiguration.ts
@@ -6,7 +6,6 @@ const CONFIGURATION_STALE_TIME = 5 * 60 * 1_000; // 5 min
 const CONFIGURATION_CACHE_TIME = Infinity;
 
 export type Configuration = {
-  enforceSessionKeys: boolean;
   evmTestEnv: string;
   redirects: Record<string, string>;
 };

diff --git a/packages/commonwealth/client/scripts/state/index.ts b/packages/commonwealth/client/scripts/state/index.ts
@@ -147,7 +147,6 @@ export async function initAppState(
     app.user.notifications.clearSubscriptions();
 
     queryClient.setQueryData([QueryKeys.CONFIGURATION], {
-      enforceSessionKeys: statusRes.result.enforceSessionKeys,
       evmTestEnv: statusRes.result.evmTestEnv,
     });
 

diff --git a/packages/commonwealth/client/scripts/views/components/SublayoutHeader/useUserMenuItems.tsx b/packages/commonwealth/client/scripts/views/components/SublayoutHeader/useUserMenuItems.tsx
@@ -145,13 +145,13 @@ const useUserMenuItems = ({
       type: 'default',
       label: (
         <UserMenuItem
-          isSignedIn={!configurationData?.enforceSessionKeys || signed}
+          isSignedIn={signed}
           hasJoinedCommunity={isActive}
           address={account.address}
         />
       ),
       onClick: async () => {
-        if (!configurationData?.enforceSessionKeys || signed) {
+        if (signed) {
           onAddressItemClick?.();
           return await setActiveAccount(account);
         }

diff --git a/packages/commonwealth/client/scripts/views/pages/discussions/CommentCard/CommentCard.tsx b/packages/commonwealth/client/scripts/views/pages/discussions/CommentCard/CommentCard.tsx
@@ -1,5 +1,5 @@
 import type { DeltaStatic } from 'quill';
-import React, { useCallback, useEffect, useState } from 'react';
+import React, { useEffect, useState } from 'react';
 import app from 'state';
 
 import {
@@ -122,24 +122,15 @@ export const CommentCard = ({
 
   const { data: config } = useFetchConfigurationQuery();
 
-  const doVerify = useCallback(async () => {
-    try {
-      const canvasSignedData: CanvasSignedData = deserializeCanvas(
-        comment.canvasSignedData,
-      );
-      await verify(canvasSignedData);
+  useEffect(() => {
+    const canvasSignedData: CanvasSignedData = deserializeCanvas(
+      comment.canvasSignedData,
+    );
+    verify(canvasSignedData).then(() => {
       setVerifiedCanvasSignedData(canvasSignedData);
-    } catch (err) {
-      // ignore invalid signed comments
-    }
+    });
   }, [comment.canvasSignedData]);
 
-  useEffect(() => {
-    if (!config?.enforceSessionKeys) return;
-    // eslint-disable-next-line @typescript-eslint/no-floating-promises
-    doVerify();
-  }, [config?.enforceSessionKeys, doVerify]);
-
   const handleReaction = () => {
     setOnReaction((prevOnReaction) => !prevOnReaction);
   };

diff --git a/packages/commonwealth/server/config.ts b/packages/commonwealth/server/config.ts
@@ -6,7 +6,6 @@ import { ChainBase } from '@hicommonwealth/shared';
 import { z } from 'zod';
 
 const {
-  ENFORCE_SESSION_KEYS,
   SENDGRID_API_KEY,
   TELEGRAM_BOT_TOKEN,
   TELEGRAM_BOT_TOKEN_DEV,
@@ -58,7 +57,6 @@ const DEFAULTS = {
 export const config = configure(
   { ...model_config, ...adapters_config, ...evm_config },
   {
-    ENFORCE_SESSION_KEYS: ENFORCE_SESSION_KEYS === 'true',
     SEND_EMAILS,
     // Should be false EVERYWHERE except the production `commonwealthapp` Heroku app
     // Risks sending webhooks/emails to real users if incorrectly set to true
@@ -143,7 +141,6 @@ export const config = configure(
     },
   },
   z.object({
-    ENFORCE_SESSION_KEYS: z.boolean(),
     SEND_EMAILS: z.boolean(),
     SEND_WEBHOOKS_EMAILS: z
       .boolean()

diff --git a/packages/commonwealth/server/passport/magic.ts b/packages/commonwealth/server/passport/magic.ts
@@ -533,14 +533,12 @@ async function magicLoginRoute(
       }
     }
 
-    if (config.ENFORCE_SESSION_KEYS) {
-      // verify the session signature using session signer
-      const sessionSigner = getSessionSignerForDid(session.did);
-      if (!sessionSigner) {
-        throw new Error('No session signer found for address');
-      }
-      await sessionSigner.verifySession(CANVAS_TOPIC, session);
+    // verify the session signature using session signer
+    const sessionSigner = getSessionSignerForDid(session.did);
+    if (!sessionSigner) {
+      throw new Error('No session signer found for address');
     }
+    await sessionSigner.verifySession(CANVAS_TOPIC, session);
   } catch (err) {
     log.warn(
       `Could not set up a valid client-side magic address ${req.body.magicAddress}`,

diff --git a/packages/commonwealth/server/routes/comments/create_comment_reaction_handler.ts b/packages/commonwealth/server/routes/comments/create_comment_reaction_handler.ts
@@ -9,7 +9,6 @@ import {
 } from '@hicommonwealth/shared';
 import { canvas } from 'server';
 import { CreateCommentReactionOptions } from 'server/controllers/server_comments_methods/create_comment_reaction';
-import { config } from '../../config';
 import { ServerControllers } from '../../routing/router';
 import { TypedRequest, TypedResponse, success } from '../../types';
 
@@ -61,23 +60,21 @@ export const createCommentReactionHandler = async (
     commentReactionFields.canvasSignedData = req.body.canvas_signed_data;
     commentReactionFields.canvasMsgId = req.body.canvas_msg_id;
 
-    if (config.ENFORCE_SESSION_KEYS) {
-      const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
-      const canvasReaction = {
-        comment_id: commentMsgId ?? null,
-        address:
-          canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
-            ? addressSwapper({
-                currentPrefix: 42,
-                // @ts-expect-error <StrictNullChecks>
-                address: address.address,
-              })
-            : // @ts-expect-error <StrictNullChecks>
-              address.address,
-        value: reaction,
-      };
-      await verifyReaction(canvasSignedData, canvasReaction);
-    }
+    const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
+    const canvasReaction = {
+      comment_id: commentMsgId ?? null,
+      address:
+        canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
+          ? addressSwapper({
+              currentPrefix: 42,
+              // @ts-expect-error <StrictNullChecks>
+              address: address.address,
+            })
+          : // @ts-expect-error <StrictNullChecks>
+            address.address,
+      value: reaction,
+    };
+    await verifyReaction(canvasSignedData, canvasReaction);
   }
 
   // create comment reaction

diff --git a/packages/commonwealth/server/routes/comments/delete_comment_handler.ts b/packages/commonwealth/server/routes/comments/delete_comment_handler.ts
@@ -7,7 +7,6 @@ import {
 } from '@hicommonwealth/shared';
 import { canvas } from 'server';
 import { DeleteCommentOptions } from 'server/controllers/server_comments_methods/delete_comment';
-import { config } from '../../config';
 import { ServerControllers } from '../../routing/router';
 import { TypedRequest, TypedResponse, success } from '../../types';
 
@@ -36,12 +35,10 @@ export const deleteCommentHandler = async (
     commentId: parseInt(commentId, 10),
   };
   if (hasCanvasSignedDataApiArgs(req.body)) {
-    if (config.ENFORCE_SESSION_KEYS) {
-      const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
-      const comment_msg_id =
-        canvasSignedData.actionMessage.payload.args.comment_id; // TODO
-      await verifyDeleteComment(canvasSignedData, { comment_msg_id });
-    }
+    const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
+    const comment_msg_id =
+      canvasSignedData.actionMessage.payload.args.comment_id; // TODO
+    await verifyDeleteComment(canvasSignedData, { comment_msg_id });
   }
 
   await controllers.comments.deleteComment(commentFields);

diff --git a/packages/commonwealth/server/routes/reactions/delete_reaction_handler.ts b/packages/commonwealth/server/routes/reactions/delete_reaction_handler.ts
@@ -7,7 +7,6 @@ import {
 } from '@hicommonwealth/shared';
 import { canvas } from 'server';
 import { ServerControllers } from 'server/routing/router';
-import { config } from '../../config';
 import { TypedRequest, TypedResponse, success } from '../../types';
 
 const Errors = {
@@ -35,25 +34,23 @@ export const deleteReactionHandler = async (
   }
 
   if (hasCanvasSignedDataApiArgs(req.body)) {
-    if (config.ENFORCE_SESSION_KEYS) {
-      const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
-      if (canvasSignedData.actionMessage.payload.name === 'unreactComment') {
-        const comment_msg_id =
-          canvasSignedData.actionMessage.payload.args.comment_id; // TODO
-        await verifyDeleteReaction(canvasSignedData, {
-          comment_id: comment_msg_id,
-        });
-      } else if (
-        canvasSignedData.actionMessage.payload.name === 'unreactThread'
-      ) {
-        const thread_msg_id =
-          canvasSignedData.actionMessage.payload.args.thread_id; // TODO
-        await verifyDeleteReaction(canvasSignedData, {
-          thread_id: thread_msg_id,
-        });
-      } else {
-        throw new Error('unexpected signed message');
-      }
+    const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
+    if (canvasSignedData.actionMessage.payload.name === 'unreactComment') {
+      const comment_msg_id =
+        canvasSignedData.actionMessage.payload.args.comment_id; // TODO
+      await verifyDeleteReaction(canvasSignedData, {
+        comment_id: comment_msg_id,
+      });
+    } else if (
+      canvasSignedData.actionMessage.payload.name === 'unreactThread'
+    ) {
+      const thread_msg_id =
+        canvasSignedData.actionMessage.payload.args.thread_id; // TODO
+      await verifyDeleteReaction(canvasSignedData, {
+        thread_id: thread_msg_id,
+      });
+    } else {
+      throw new Error('unexpected signed message');
     }
   }
 

diff --git a/packages/commonwealth/server/routes/status.ts b/packages/commonwealth/server/routes/status.ts
@@ -32,7 +32,6 @@ type StatusResp = {
     unseenPosts: { [communityId: string]: number };
   };
   evmTestEnv?: string;
-  enforceSessionKeys?: boolean;
 };
 
 export const getUserStatus = async (models: DB, user: UserInstance) => {
@@ -239,7 +238,6 @@ export const status = async (
     if (!reqUser) {
       return success(res, {
         evmTestEnv: config.EVM.ETH_RPC,
-        enforceSessionKeys: config.ENFORCE_SESSION_KEYS,
       });
     } else {
       // user is logged in
@@ -261,7 +259,6 @@ export const status = async (
         // @ts-expect-error StrictNullChecks
         user,
         evmTestEnv: config.EVM.ETH_RPC,
-        enforceSessionKeys: config.ENFORCE_SESSION_KEYS,
       });
     }
   } catch (error) {

diff --git a/packages/commonwealth/server/routes/threads/create_thread_comment_handler.ts b/packages/commonwealth/server/routes/threads/create_thread_comment_handler.ts
@@ -10,7 +10,6 @@ import {
 } from '@hicommonwealth/shared';
 import { canvas } from 'server';
 import { CreateThreadCommentOptions } from 'server/controllers/server_threads_methods/create_thread_comment';
-import { config } from '../../config';
 import { ServerControllers } from '../../routing/router';
 import { TypedRequest, TypedResponse, success } from '../../types';
 
@@ -79,24 +78,22 @@ export const createThreadCommentHandler = async (
     threadCommentFields.canvasSignedData = req.body.canvas_signed_data;
     threadCommentFields.canvasMsgId = req.body.canvas_msg_id;
 
-    if (config.ENFORCE_SESSION_KEYS) {
-      const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
-      const canvasComment = {
-        thread_id: threadMsgId ?? null,
-        text,
-        address:
-          canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
-            ? addressSwapper({
-                currentPrefix: 42,
-                // @ts-expect-error <StrictNullChecks>
-                address: address.address,
-              })
-            : // @ts-expect-error <StrictNullChecks>
-              address.address,
-        parent_comment_id: parentCommentMsgId ?? null,
-      };
-      await verifyComment(canvasSignedData, canvasComment);
-    }
+    const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
+    const canvasComment = {
+      thread_id: threadMsgId ?? null,
+      text,
+      address:
+        canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
+          ? addressSwapper({
+              currentPrefix: 42,
+              // @ts-expect-error <StrictNullChecks>
+              address: address.address,
+            })
+          : // @ts-expect-error <StrictNullChecks>
+            address.address,
+      parent_comment_id: parentCommentMsgId ?? null,
+    };
+    await verifyComment(canvasSignedData, canvasComment);
   }
 
   // create thread comment

diff --git a/packages/commonwealth/server/routes/threads/create_thread_handler.ts b/packages/commonwealth/server/routes/threads/create_thread_handler.ts
@@ -9,7 +9,6 @@ import {
 } from '@hicommonwealth/shared';
 import { canvas } from 'server';
 import { CreateThreadOptions } from 'server/controllers/server_threads_methods/create_thread';
-import { config } from '../../config';
 import { ServerControllers } from '../../routing/router';
 import { TypedRequestBody, TypedResponse, success } from '../../types';
 
@@ -72,26 +71,24 @@ export const createThreadHandler = async (
     threadFields.canvasSignedData = req.body.canvas_signed_data;
     threadFields.canvasMsgId = req.body.canvas_msg_id;
 
-    if (config.ENFORCE_SESSION_KEYS) {
-      const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
+    const { canvasSignedData } = fromCanvasSignedDataApiArgs(req.body);
 
-      const canvasThread = {
-        title,
-        body,
-        address:
-          canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
-            ? addressSwapper({
-                currentPrefix: 42,
-                // @ts-expect-error <StrictNullChecks>
-                address: address.address,
-              })
-            : // @ts-expect-error <StrictNullChecks>
-              address.address,
-        community: community.id,
-        topic: topicId ? parseInt(topicId, 10) : null,
-      };
-      await verifyThread(canvasSignedData, canvasThread);
-    }
+    const canvasThread = {
+      title,
+      body,
+      address:
+        canvasSignedData.actionMessage.payload.did.split(':')[0] == 'polkadot'
+          ? addressSwapper({
+              currentPrefix: 42,
+              // @ts-expect-error <StrictNullChecks>
+              address: address.address,
+            })
+          : // @ts-expect-error <StrictNullChecks>
+            address.address,
+      community: community.id,
+      topic: topicId ? parseInt(topicId, 10) : null,
+    };
+    await verifyThread(canvasSignedData, canvasThread);
   }
   // create thread
   const [thread, notificationOptions, analyticsOptions] =