Introduce untenanted Identity and Membership models

The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.

Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.
This commit is contained in:
Mike Dalessio
2025-10-09 17:23:31 -04:00
committed by Stanko K.R.
parent 4c851e2756
commit 1277cc065b
4 changed files with 15 additions and 9 deletions
+2 -3
View File
@@ -86,13 +86,12 @@ module Authentication
def link_identity(user)
token_value = cookies.signed[:identity_token]
token_identity = Identity.find_signed(token_value["id"]) if token_value.present?
identity = user.set_identity(token_identity)
identity = Identity.find_signed(token_value["id"]) if token_value.present?
identity = user.set_identity(identity)
cookies.signed.permanent[:identity_token] = { value: { "id" => identity.signed_id, "updated_at" => identity.updated_at }, httponly: true, same_site: :lax }
end
def set_current_identity_token
link_identity(Current.user) if cookies.signed[:identity_token].nil? && Current.user.present?
Current.identity_token = Identity::Mock.new(**cookies.signed[:identity_token])
end