Feature: formalize redirectTarget across stores. Add ability to set redirectTarget with requireAuthentication method (#3006)

* test: add tests for ember_simple_auth-redirectTarget for both with and without fastboot

* test: improve visibility of FASTBOOT_DISABLED tests

* test: allow adaptive store, store backend override. Generate tests for each type of store

* wip: use macros to parameterize the session-store

* chore: build test-app with correct session-store based on FASTBOOT_DISABLED env

* feat(ember-simple-auth): add an ability to persist redirectTarget for all stores

* test(test-esa): fix unit tests. Change cookieName, tests use the actual session-store:cookie for testing

* test(test-app): add unit tests for redirectTarget

Author: BobrImperator

.github/workflows/ci.yml

@@ -101,6 +101,11 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
+        FASTBOOT_DISABLED:
+          # ember-cli-fastboot doesn't parse the `process.env.FASTBOOT_DISABLED` and we must set it to an empty string for 'false'
+          - '' # false
+          - 'true'
+
         ember-version:
           - ember-lts-4.12
           - ember-lts-5.4
@@ -119,12 +124,12 @@ jobs:
             ${{ runner.os }}-pnpm-
 
       - run: pnpm install
-      - name: test ${{ matrix.ember-version }}
+      - name: (FASTBOOT_DISABLED=${{ matrix.FASTBOOT_DISABLED }}) ${{ matrix.ember-version }}
         env:
+          FASTBOOT_DISABLED: ${{ matrix.FASTBOOT_DISABLED }}
           EMBER_SERVER_COMMAND: pnpm -F test-app test:one ${{ matrix.ember-version }} --- pnpm start
         run: pnpm -F playwright-tests test:e2e:chromium
 
-
   allow-fail-try-scenarios:
     name: ${{ matrix.workspace }} ${{ matrix.test-suite }} - Allowed to fail
     runs-on: ubuntu-latest

packages/ember-simple-auth/src/-internals/routing.js

@@ -2,20 +2,21 @@ import isFastBoot from '../utils/is-fastboot';
 import location from '../utils/location';
 import { isTesting } from '@embroider/macros';
 
-export function requireAuthentication(owner, transition) {
+export function requireAuthentication(owner, transition, extraArgs) {
   let sessionService = owner.lookup('service:session');
   let isAuthenticated = sessionService.get('isAuthenticated');
   if (!isAuthenticated) {
-    if (transition && isFastBoot(owner)) {
-      const fastbootService = owner.lookup('service:fastboot');
-      const cookiesService = owner.lookup('service:cookies');
-      cookiesService.write('ember_simple_auth-redirectTarget', transition.intent.url, {
-        path: '/',
-        secure: fastbootService.get('request.protocol') === 'https',
-      });
-    } else if (transition) {
+    const internalSession = sessionService.session;
+    let redirectTarget = extraArgs?.redirectTarget;
+
+    if (transition) {
       sessionService.set('attemptedTransition', transition);
+
+      if (!redirectTarget) {
+        redirectTarget = transition.intent.url;
+      }
     }
+    internalSession.setRedirectTarget(redirectTarget);
   }
   return isAuthenticated;
 }
@@ -33,8 +34,8 @@ export function prohibitAuthentication(owner, routeIfAlreadyAuthenticated) {
 export function handleSessionAuthenticated(owner, routeAfterAuthentication) {
   let sessionService = owner.lookup('service:session');
   let attemptedTransition = sessionService.get('attemptedTransition');
-  let cookiesService = owner.lookup('service:cookies');
-  const redirectTarget = cookiesService.read('ember_simple_auth-redirectTarget');
+  const internalSession = sessionService.session;
+  const redirectTarget = internalSession.getRedirectTarget();
 
   let routerService = owner.lookup('service:router');
 
@@ -43,7 +44,7 @@ export function handleSessionAuthenticated(owner, routeAfterAuthentication) {
     sessionService.set('attemptedTransition', null);
   } else if (redirectTarget) {
     routerService.transitionTo(redirectTarget);
-    cookiesService.clear('ember_simple_auth-redirectTarget');
+    internalSession.clearRedirectTarget();
   } else {
     routerService.transitionTo(routeAfterAuthentication);
   }

packages/ember-simple-auth/src/internal-session.js

@@ -49,6 +49,7 @@ export default ObjectProxy.extend({
   isAuthenticated: false,
   attemptedTransition: null,
   sessionEvents: null,
+  redirectTarget: null,
 
   init() {
     this._super(...arguments);
@@ -285,4 +286,16 @@ export default ObjectProxy.extend({
   trigger(event, value) {
     this.sessionEvents.dispatchEvent(event, value);
   },
+
+  setRedirectTarget(url) {
+    this.store.setRedirectTarget(url);
+  },
+
+  getRedirectTarget() {
+    return this.store.getRedirectTarget();
+  },
+
+  clearRedirectTarget() {
+    return this.store.clearRedirectTarget();
+  },
 });

packages/ember-simple-auth/src/services/session.ts

@@ -12,6 +12,7 @@ import {
 } from '../-internals/routing';
 import type Transition from '@ember/routing/transition';
 import { alias, readOnly } from '@ember/object/computed';
+import type EsaBaseSessionStore from '../session-stores/base';
 
 const SESSION_DATA_KEY_PREFIX = /^data\./;
 
@@ -38,6 +39,14 @@ type InternalSessionMock<Data> = {
   prohibitAuthentication: (routeOrCallback: RouteOrCallback) => boolean;
   restore: () => Promise<void>;
   set(key: string, value: any): void;
+  setRedirectTarget: EsaBaseSessionStore['setRedirectTarget'];
+  getRedirectTarget: EsaBaseSessionStore['getRedirectTarget'];
+  clearRedirectTarget: EsaBaseSessionStore['clearRedirectTarget'];
+};
+
+export type ExtraAuthenticationArgs = {
+  redirectTarget?: string;
+  [key: string]: unknown;
 };
 
 export type DefaultDataShape = {
@@ -236,9 +245,13 @@ export default class SessionService<Data = DefaultDataShape> extends Service {
     @return {Boolean} true when the session is authenticated, false otherwise
     @public
   */
-  requireAuthentication(transition: Transition, routeOrCallback: RouteOrCallback) {
+  requireAuthentication(
+    transition: Transition,
+    routeOrCallback: RouteOrCallback,
+    extraArgs: ExtraAuthenticationArgs = {}
+  ) {
     assertSetupHasBeenCalled(this._setupIsCalled);
-    let isAuthenticated = requireAuthentication(getOwner(this), transition);
+    let isAuthenticated = requireAuthentication(getOwner(this), transition, extraArgs);
     if (!isAuthenticated) {
       if (typeof routeOrCallback === 'string') {
         triggerAuthentication(getOwner(this), routeOrCallback);

packages/ember-simple-auth/src/session-stores/adaptive.ts

@@ -5,6 +5,7 @@ import Base from './base';
 import type CookiesService from 'ember-cookies/services/cookies';
 import type CookieStore from './cookie';
 import type LocalStorageStore from './local-storage';
+import { debug } from '@ember/debug';
 
 const LOCAL_STORAGE_TEST_KEY = '_ember_simple_auth_test_key';
 
@@ -154,7 +155,7 @@ export default class AdaptiveStore extends Base {
 
   declare _store: CookieStore | LocalStorageStore;
 
-  __isLocalStorageAvailable = null;
+  __isLocalStorageAvailable: boolean | null = null;
   get _isLocalStorageAvailable() {
     if (this.__isLocalStorageAvailable !== null) {
       return this.__isLocalStorageAvailable;
@@ -163,8 +164,15 @@ export default class AdaptiveStore extends Base {
     }
   }
 
-  init(properties: any) {
-    super.init(properties);
+  init(emberOwner: any, __isLocalStorageAvailable?: boolean | null) {
+    super.init(emberOwner);
+
+    if (typeof __isLocalStorageAvailable == 'boolean') {
+      this.__isLocalStorageAvailable = __isLocalStorageAvailable;
+      debug(
+        `ember-simple-auth: session-store received __isLocalStorageAvailable: ${__isLocalStorageAvailable}`
+      );
+    }
 
     let owner = getOwner(this) as any;
     if (owner && !this.hasOwnProperty('_fastboot')) {
@@ -247,6 +255,18 @@ export default class AdaptiveStore extends Base {
   clear() {
     return this.get('_store').clear();
   }
+
+  setRedirectTarget(url: string) {
+    this.get('_store').setRedirectTarget(url);
+  }
+
+  getRedirectTarget() {
+    return this.get('_store').getRedirectTarget();
+  }
+
+  clearRedirectTarget() {
+    return this.get('_store').clearRedirectTarget();
+  }
 }
 
 function testLocalStorageAvailable() {

packages/ember-simple-auth/src/session-stores/base.ts

@@ -18,7 +18,7 @@ class SessionStoreEventTarget extends EsaEventTarget<SessionEvents> {}
   @extends Ember.Object
   @public
 */
-export default class EsaBaseSessionStore extends EmberObject {
+export default abstract class EsaBaseSessionStore extends EmberObject {
   sessionStoreEvents = new SessionStoreEventTarget();
   /**
     Triggered when the session store's data changes due to an external event,
@@ -45,9 +45,7 @@ export default class EsaBaseSessionStore extends EmberObject {
     @return {Promise} A promise that resolves when the data has successfully been persisted and rejects otherwise.
     @public
   */
-  persist(..._args: any[]): Promise<unknown> {
-    return Promise.reject();
-  }
+  abstract persist(..._args: any[]): Promise<unknown>;
 
   /**
     Returns all data currently stored as a plain object.
@@ -60,9 +58,7 @@ export default class EsaBaseSessionStore extends EmberObject {
     @return {Promise} A promise that resolves with the data currently persisted in the store when the data has been restored successfully and rejects otherwise.
     @public
   */
-  restore(..._args: any[]): Promise<unknown> {
-    return Promise.reject();
-  }
+  abstract restore(): Promise<unknown>;
 
   /**
     Clears the store.
@@ -75,9 +71,11 @@ export default class EsaBaseSessionStore extends EmberObject {
     @return {Promise} A promise that resolves when the store has been cleared successfully and rejects otherwise.
     @public
   */
-  clear(..._args: any[]): Promise<unknown> {
-    return Promise.reject();
-  }
+  abstract clear(): Promise<unknown>;
+
+  abstract setRedirectTarget(urL: string): void;
+  abstract getRedirectTarget(): string | null;
+  abstract clearRedirectTarget(): void;
 
   on<Event extends keyof SessionEvents>(event: Event, cb: EventListener<SessionEvents, Event>) {
     this.sessionStoreEvents.addEventListener(event, cb);

packages/ember-simple-auth/src/session-stores/cookie.ts

@@ -368,4 +368,19 @@ export default class CookieStore extends BaseStore {
       this._write(data, expiration);
     }
   }
+
+  setRedirectTarget(url: string) {
+    this.get('_cookies').write(`${this.cookieName}-redirectTarget`, url, {
+      path: '/',
+      secure: this._secureCookies(),
+    });
+  }
+
+  getRedirectTarget() {
+    return this.get('_cookies').read(`${this.cookieName}-redirectTarget`) || null;
+  }
+
+  clearRedirectTarget() {
+    return this.get('_cookies').clear(`${this.cookieName}-redirectTarget`);
+  }
 }

packages/ember-simple-auth/src/session-stores/ephemeral.ts

@@ -61,4 +61,14 @@ export default class EphemeralStore extends BaseStore {
 
     return Promise.resolve();
   }
+
+  setRedirectTarget() {
+    // noop
+  }
+  getRedirectTarget() {
+    return null;
+  }
+  clearRedirectTarget() {
+    return null;
+  }
 }

packages/ember-simple-auth/src/session-stores/local-storage.ts

@@ -113,4 +113,16 @@ export default class LocalStorageStore extends BaseStore {
       });
     }
   }
+
+  setRedirectTarget(url: string) {
+    localStorage.setItem(`${this.key}-redirectTarget`, url);
+  }
+
+  getRedirectTarget() {
+    return localStorage.getItem(`${this.key}-redirectTarget`);
+  }
+
+  clearRedirectTarget() {
+    return localStorage.removeItem(`${this.key}-redirectTarget`);
+  }
 }

packages/ember-simple-auth/src/session-stores/session-storage.ts

@@ -108,4 +108,16 @@ export default class SessionStorageStore extends BaseStore {
       });
     }
   }
+
+  setRedirectTarget(url: string) {
+    sessionStorage.setItem(`${this.key}-redirectTarget`, url);
+  }
+
+  getRedirectTarget() {
+    return sessionStorage.getItem(`${this.key}-redirectTarget`);
+  }
+
+  clearRedirectTarget() {
+    return sessionStorage.removeItem(`${this.key}-redirectTarget`);
+  }
 }