Staging -> master: Use cookie session for auth

[razzius]

Sql diff:

alter table verification_token rename expired to logged_out;
alter table verification_token add column id serial not null;
alter table verification_token drop constraint verification_token_pkey;
alter table verification_token add primary key (id);

[razzius]

Noticed this warning in the console:

Cookie “session” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

[jjchen20]

What does this mean in terms of any action we need to take to ensure users don't lose access?

On Mon, Jun 8, 2020 at 11:57 AM Razzi Abuissa notifications@github.com wrote:

Noticed this warning in the console:

Cookie “session” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/razzius/weave/pull/211#issuecomment-640718319, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKOFUUNUHZVRJG4TPNI77QDRVUC6XANCNFSM4NSBXPIQ .

[razzius]

This is a new feature, so it won't affect any users yet; before rolling it out, I'll need to set "secure" and "sameSite" properly.

[razzius]

@Chronowork1 I'm going to deploy staging without the is_faculty feature, so I force pushed to remove your commit from this branch. You can continue your work by pushing to your own mentor-to-faculty branch.

[Chronowork1]

Hey there Razzi, I guess I'm a bit confused at the moment, do you want me to start over and create a new pull request for mentor-to-faculty and merge the branches?

On Thu, Jun 18, 2020 at 7:22 PM Razzi Abuissa notifications@github.com wrote:

Merged #211 https://github.com/razzius/weave/pull/211 into master.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/razzius/weave/pull/211#event-3460694818, or unsubscribe https://github.com/notifications/unsubscribe-auth/AF7N6UXB5Y4DKNWEJ3DJRNDRXLDWPANCNFSM4NSBXPIQ .

[razzius]

Update your mentor-to-faculty branch to be based on master now that staging is merged into master, then when tests pass, make a new pull request into staging.

[razzius]

@Chronowork1 you can reuse your old pull request, actually, and just change the base from master to staging.

To update your branch to be based on master, from your branch, you may find git rebase to be useful; if that isn't working, just make a new branch off of master and git cherry-pick each commit you want from your old branch.

[Chronowork1]

Alright, just to 100% clear and don't want to make any mistakes, so I'm pushing the changes I made in the staging branch on a pull request and merging it with the master branch.

This is optional: but I can also use git rebase or git cherry-pick to combine my branches from faculty-to-mentor branch to staging branch and merge it with master branch.

On Fri, Jun 19, 2020 at 7:49 PM Razzi Abuissa notifications@github.com wrote:

@Chronowork1 https://github.com/Chronowork1 you can reuse your old pull request, actually, and just change the base from master to staging.

To update your branch to be based on master, from your branch, you may find git rebase to be useful; if that isn't working, just make a new branch off of master and git cherry-pick each commit you want from your old branch.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/razzius/weave/pull/211#issuecomment-646925878, or unsubscribe https://github.com/notifications/unsubscribe-auth/AF7N6UVWDVPKTKB4UYHN673RXQPTVANCNFSM4NSBXPIQ .