Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NativeAuth Update #3146

Open
wants to merge 2 commits into
base: minor
Choose a base branch
from
Open

NativeAuth Update #3146

wants to merge 2 commits into from

Conversation

d46
Copy link
Contributor

@d46 d46 commented Oct 18, 2024

Description

Follow up PR for the #2786

Breaking changes

registerCustomerAccount now returns EmailAddressConflictError if the customer has no user and no nativeAuth method. The method logic has been simplified with early termination. I removed the token refreshing logic from the first PR, as I believe it should not be the concern of the registration method.

For enumeration attacks, several types of enumeration attacks are possible. Addressing them at the application-wide or software level may not be the best approach. Handling them at the load balancer level could be a more effective solution.

Checklist

📌 Always:

  • I have set a clear title
  • My PR is small and contains a single feature
  • I have checked my own PR

👍 Most of the time:

  • I have added or updated test cases
  • I have updated the README if needed

@vercel Vercel
Copy link

vercel bot commented Oct 18, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
docs ✅ Ready (Inspect) Visit Preview Oct 19, 2024 10:14am

@d46 d46 changed the title fix(chore): Return account conflict error for NativeAuth registration… NativeAuth Update Oct 18, 2024
d46
d46 commented Oct 19, 2024
View reviewed changes
e2e-common/vitest.config.mts
@@ -10,6 +10,9 @@ export default defineConfig({
* automatically fail for going over the 5 second default timeout.
*/
testTimeout: process.env.E2E_DEBUG ? 1800 * 1000 : process.env.CI ? 30 * 1000 : 15 * 1000,
sequence: {
concurrent: false,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Concurrency should be implicitly false otherwise tests are 100% failing

@michaelbromley
Copy link
Member

Hi,
Thanks for this contribution! Just an update: right now I am focusing on the next tasks for the v3.1 release, but I definitely intend to properly review this and work with you as soon as that is out of the way. Thanks for your patience!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@d46 @michaelbromley