Sometimes user still have credentials after being deleted

[jenow]

Expected Behavior

Creating and deleting a user in a loop should work fine.

Current Behavior

At some point Kuzzle will throw an error when creating the same user saying it's credentials already exists but we cannot login with it.

Possible Solution

Steps to Reproduce

• Create a user
• Delete it
• ... do this multiple time

Context (Environment)

Kuzzle version: 2.4.2 Node.js version: 10.22.0 SDK version:

[Aschen]

I cannot reproduce :(

kourou security:createUser --body '{"content":{"profileIds":["default"]},"credentials":{"local":{"username":"john.doe","password":"password"}}}' -a _id=jdoe
kourou security:deleteUser -a _id=jdoe
kourou security:createUser --body '{"content":{"profileIds":["default"]},"credentials":{"local":{"username":"john.doe","password":"password"}}}' -a _id=jdoe
kourou security:deleteUser -a _id=jdoe
kourou security:createUser --body '{"content":{"profileIds":["default"]},"credentials":{"local":{"username":"john.doe","password":"password"}}}' -a _id=jdoe
kourou security:deleteUser -a _id=jdoe

[scottinet]

We have functional tests verifying the correct destruction of users for a long time. I suspect that if there is a problem with it, then it might be due to a race condition between the user creation, and its deletion: creating a new user might take some time, since Kuzzle delegates that to an auth plugin, which needs to encrypt the provided password. If there is a race condition, then to reproduce it (IF there is a problem), then you need to fire creations/deletions in quick successions, without waiting for the creation to finish before deleting the user.

[Aschen]

I will try but I'm not sure this race condition was the source of the Javascript SDK CI problem because by default every action of the security controller have refresh set to wait_for

[scottinet]

IIRC this error (if there is one) occurs in functional tests, where requests are sent using curl.

[Njuelle]

Cannot reproduce