From 38776fe007220cc7b57fdc68e2ac975a359ae22e Mon Sep 17 00:00:00 2001 From: Ryan Huffman Date: Thu, 30 Jun 2016 14:35:27 -0700 Subject: [PATCH 1/3] Fix multiple sessions being created for some users If a user didn't have send-data activated they don't have their session id sent in the header of requests, but instead send it inside the request body. The session id being send in the request included curly braces which the server considers invalid. --- interface/src/DiscoverabilityManager.cpp | 6 ++---- libraries/networking/src/AccountManager.h | 3 +++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/interface/src/DiscoverabilityManager.cpp b/interface/src/DiscoverabilityManager.cpp index c4d985419e..6550edff18 100644 --- a/interface/src/DiscoverabilityManager.cpp +++ b/interface/src/DiscoverabilityManager.cpp @@ -80,8 +80,7 @@ void DiscoverabilityManager::updateLocation() { locationObject.insert(FRIENDS_ONLY_KEY_IN_LOCATION, (_mode.get() == Discoverability::Friends)); // if we have a session ID add it now, otherwise add a null value - auto sessionID = accountManager->getSessionID(); - rootObject[SESSION_ID_KEY] = sessionID.isNull() ? QJsonValue() : sessionID.toString(); + rootObject[SESSION_ID_KEY] = accountManager->getSessionIDWithoutCurlyBraces(); JSONCallbackParameters callbackParameters; callbackParameters.jsonCallbackReceiver = this; @@ -111,8 +110,7 @@ void DiscoverabilityManager::updateLocation() { callbackParameters.jsonCallbackMethod = "handleHeartbeatResponse"; QJsonObject heartbeatObject; - auto sessionID = accountManager->getSessionID(); - heartbeatObject[SESSION_ID_KEY] = sessionID.isNull() ? QJsonValue() : sessionID.toString(); + heartbeatObject[SESSION_ID_KEY] = accountManager->getSessionIDWithoutCurlyBraces(); accountManager->sendRequest(API_USER_HEARTBEAT_PATH, AccountManagerAuth::Optional, QNetworkAccessManager::PutOperation, callbackParameters, diff --git a/libraries/networking/src/AccountManager.h b/libraries/networking/src/AccountManager.h index c12f663d3e..7a8d2a72fa 100644 --- a/libraries/networking/src/AccountManager.h +++ b/libraries/networking/src/AccountManager.h @@ -24,6 +24,8 @@ #include +#include "UUID.h" + class JSONCallbackParameters { public: JSONCallbackParameters(QObject* jsonCallbackReceiver = nullptr, const QString& jsonCallbackMethod = QString(), @@ -86,6 +88,7 @@ public: static QJsonObject dataObjectFromResponse(QNetworkReply& requestReply); + QString getSessionIDWithoutCurlyBraces() const { return uuidStringWithoutCurlyBraces(_sessionID); } QUuid getSessionID() const { return _sessionID; } void setSessionID(const QUuid& sessionID) { _sessionID = sessionID; } From 49da7d9a61beae00f125694ca86dcc45c8a6b526 Mon Sep 17 00:00:00 2001 From: Ryan Huffman Date: Thu, 30 Jun 2016 14:43:27 -0700 Subject: [PATCH 2/3] Remove sending of session id in request body in favor of header --- interface/src/DiscoverabilityManager.cpp | 9 +-------- libraries/networking/src/AccountManager.cpp | 8 ++------ libraries/networking/src/AccountManager.h | 1 - 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/interface/src/DiscoverabilityManager.cpp b/interface/src/DiscoverabilityManager.cpp index 6550edff18..4051bd8a1e 100644 --- a/interface/src/DiscoverabilityManager.cpp +++ b/interface/src/DiscoverabilityManager.cpp @@ -79,9 +79,6 @@ void DiscoverabilityManager::updateLocation() { const QString FRIENDS_ONLY_KEY_IN_LOCATION = "friends_only"; locationObject.insert(FRIENDS_ONLY_KEY_IN_LOCATION, (_mode.get() == Discoverability::Friends)); - // if we have a session ID add it now, otherwise add a null value - rootObject[SESSION_ID_KEY] = accountManager->getSessionIDWithoutCurlyBraces(); - JSONCallbackParameters callbackParameters; callbackParameters.jsonCallbackReceiver = this; callbackParameters.jsonCallbackMethod = "handleHeartbeatResponse"; @@ -109,12 +106,8 @@ void DiscoverabilityManager::updateLocation() { callbackParameters.jsonCallbackReceiver = this; callbackParameters.jsonCallbackMethod = "handleHeartbeatResponse"; - QJsonObject heartbeatObject; - heartbeatObject[SESSION_ID_KEY] = accountManager->getSessionIDWithoutCurlyBraces(); - accountManager->sendRequest(API_USER_HEARTBEAT_PATH, AccountManagerAuth::Optional, - QNetworkAccessManager::PutOperation, callbackParameters, - QJsonDocument(heartbeatObject).toJson()); + QNetworkAccessManager::PutOperation, callbackParameters); } } diff --git a/libraries/networking/src/AccountManager.cpp b/libraries/networking/src/AccountManager.cpp index e49bf5d5a5..ed325b8d69 100644 --- a/libraries/networking/src/AccountManager.cpp +++ b/libraries/networking/src/AccountManager.cpp @@ -220,12 +220,8 @@ void AccountManager::sendRequest(const QString& path, networkRequest.setHeader(QNetworkRequest::UserAgentHeader, _userAgentGetter()); - // if we're allowed to send usage data, include whatever the current session ID is with this request - auto& activityLogger = UserActivityLogger::getInstance(); - if (activityLogger.isEnabled()) { - networkRequest.setRawHeader(METAVERSE_SESSION_ID_HEADER, - uuidStringWithoutCurlyBraces(_sessionID).toLocal8Bit()); - } + networkRequest.setRawHeader(METAVERSE_SESSION_ID_HEADER, + uuidStringWithoutCurlyBraces(_sessionID).toLocal8Bit()); QUrl requestURL = _authURL; diff --git a/libraries/networking/src/AccountManager.h b/libraries/networking/src/AccountManager.h index 7a8d2a72fa..cdf7e3f1cd 100644 --- a/libraries/networking/src/AccountManager.h +++ b/libraries/networking/src/AccountManager.h @@ -88,7 +88,6 @@ public: static QJsonObject dataObjectFromResponse(QNetworkReply& requestReply); - QString getSessionIDWithoutCurlyBraces() const { return uuidStringWithoutCurlyBraces(_sessionID); } QUuid getSessionID() const { return _sessionID; } void setSessionID(const QUuid& sessionID) { _sessionID = sessionID; } From dd73f0c333116a1b78c8553206b8cc6262b15dec Mon Sep 17 00:00:00 2001 From: Ryan Huffman Date: Thu, 30 Jun 2016 14:50:29 -0700 Subject: [PATCH 3/3] Remove unused header from AccountManager.h --- libraries/networking/src/AccountManager.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/libraries/networking/src/AccountManager.h b/libraries/networking/src/AccountManager.h index cdf7e3f1cd..c12f663d3e 100644 --- a/libraries/networking/src/AccountManager.h +++ b/libraries/networking/src/AccountManager.h @@ -24,8 +24,6 @@ #include -#include "UUID.h" - class JSONCallbackParameters { public: JSONCallbackParameters(QObject* jsonCallbackReceiver = nullptr, const QString& jsonCallbackMethod = QString(),