Merge pull request #10 from github-community-projects/ajhenry/fix-uath

Remove verify session and global octokit from auth
github-community-projects · Dec 14, 2023 · 3c8d970 · 3c8d970
2 parents 898b04b + 381569f
commit 3c8d970
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 16 deletions.
diff --git a/src/bot/octokit.ts b/src/bot/octokit.ts
@@ -1,9 +1,6 @@
 import { createAppAuth } from "@octokit/auth-app";
 import { Octokit } from "@octokit/rest";
 
-// Global octokit instance for the user app
-let personalOctokitInstance: Octokit | null = null;
-
 // This is a bug with the way the private key is stored in the docker env
 // See https://github.com/moby/moby/issues/46773
 let privateKey = process.env.PRIVATE_KEY?.includes("\\n")
@@ -82,13 +79,7 @@ export const installationOctokit = (installationId: string) => {
  * @returns Octokit authorized with the personal access token
  */
 export const personalOctokit = (token: string) => {
-  if (personalOctokitInstance) {
-    return personalOctokitInstance;
-  }
-
-  personalOctokitInstance = new Octokit({
+  return new Octokit({
     auth: token,
   });
-
-  return personalOctokitInstance;
 };
diff --git a/src/pages/api/auth/[...nextauth].ts b/src/pages/api/auth/[...nextauth].ts
@@ -10,7 +10,7 @@ const authLogger = logger.getSubLogger({ name: "auth" });
  * @param token Token of the session
  * @returns boolean — Whether the session is valid
  */
-const verifySession = async (token: string | undefined) => {
+export const verifySession = async (token: string | undefined) => {
   if (!token) return false;
 
   const octokit = personalOctokit(token);
@@ -37,13 +37,13 @@ export const nextAuthOptions: AuthOptions = {
     session: async ({ session, token }) => {
       authLogger.debug("Session callback");
 
-      // Check if the user has a valid accessToken
       // TODO: Need to figure out how to do this more efficiently
-      const validSession = await verifySession(token?.accessToken as string);
+      // Check if the user has a valid accessToken
+      // const validSession = await verifySession(token?.accessToken as string);
 
-      if (!validSession) {
-        return undefined as any;
-      }
+      // if (!validSession) {
+      //   return undefined as any;
+      // }
 
       // This is fine when the session is invalid
       if (!token) {