Skip to content

Queries view #1145

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
N2D4 merged 24 commits into from
Feb 16, 2026
Merged

Queries view #1145

Changes from 1 commit
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
4807eb3
Queries view
N2D4 Feb 2, 2026
a748cf0
Fix issue
N2D4 Feb 2, 2026
034a6fa
Run Query link
N2D4 Feb 2, 2026
0bbf269
Fix PR review comments
N2D4 Feb 2, 2026
eedc0e9
Fix analytics config tests to check override for deletions
N2D4 Feb 2, 2026
f4e2d0b
Query deletion schema changes
N2D4 Feb 2, 2026
8eda5ed
better
N2D4 Feb 2, 2026
c4fb883
Increase email send timeout
N2D4 Feb 2, 2026
b405cd5
Merge remote-tracking branch 'origin/dev' into saved-queries
N2D4 Feb 3, 2026
32f4bf4
Extract shared analytics utilities to reduce code duplication
N2D4 Feb 3, 2026
f10e0c9
More fixes
N2D4 Feb 3, 2026
ba88e99
Merge remote-tracking branch 'origin/dev' into saved-queries
N2D4 Feb 14, 2026
6c7e41c
Final fixes
N2D4 Feb 16, 2026
302f272
Better null checks in token fetching logic
N2D4 Feb 14, 2026
da60514
Update AGENTS.md
N2D4 Feb 14, 2026
dea866d
Improve sign-up rule error descriptions
N2D4 Feb 16, 2026
61a248f
Fix sign-up rules test
N2D4 Feb 16, 2026
cbe7611
Better error messages for tests
N2D4 Feb 16, 2026
06668fd
Fix external DB sync tests
N2D4 Feb 16, 2026
836eb65
Better error logging when db sync fails
N2D4 Feb 16, 2026
6f402d9
Merge branch 'dev' into saved-queries
N2D4 Feb 16, 2026
66a7910
Add warnings
N2D4 Feb 16, 2026
078d7f0
Fix build
N2D4 Feb 16, 2026
0523bad
Fix lint
N2D4 Feb 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Better null checks in token fetching logic
  • Loading branch information
@N2D4
N2D4 committed Feb 16, 2026
commit 302f2725e2d70d7b72248dc0fd24fc398a57de49
34 changes: 32 additions & 2 deletions packages/stack-shared/src/sessions.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -185,10 +185,10 @@ export class InternalSession {
const newTokens = await this.fetchNewTokens();
const expiresInMillis = newTokens?.accessToken.expiresInMillis;
const issuedMillisAgo = newTokens?.accessToken.issuedMillisAgo;
if (expiresInMillis && expiresInMillis < minMillisUntilExpiration) {
if (expiresInMillis !== undefined && expiresInMillis < minMillisUntilExpiration) {
throw new StackAssertionError(`Required access token expiry ${minMillisUntilExpiration}ms is too long; access tokens are too short when they're generated (${expiresInMillis}ms)`);
}
if (maxMillisSinceIssued !== null && issuedMillisAgo && issuedMillisAgo > maxMillisSinceIssued) {
if (maxMillisSinceIssued !== null && issuedMillisAgo !== undefined && issuedMillisAgo > maxMillisSinceIssued) {
throw new StackAssertionError(`Required access token issuance ${maxMillisSinceIssued}ms is too short; access token issuance is too slow (${issuedMillisAgo}ms)`);
}
return newTokens;
Expand Down Expand Up @@ -309,3 +309,33 @@ export class InternalSession {
this._refreshPromise = refreshPromise;
}
}

import.meta.vitest?.test("getOrFetchLikelyValidTokens throws when freshly fetched token is already expired", async ({ expect }) => {
const nowSeconds = Math.floor(Date.now() / 1000);
const token = await new jose.SignJWT({
sub: "test-user-id",
iat: nowSeconds - 60 * 60,
exp: nowSeconds - 30 * 60,
iss: "https://issuer.example",
aud: "project-id",
project_id: "project-id",
branch_id: "main",
refresh_token_id: "refresh-token-id",
role: "authenticated",
name: "Test User",
email: "test@example.com",
email_verified: true,
selected_team_id: null,
is_anonymous: false,
is_restricted: false,
restricted_reason: null,
}).setProtectedHeader({ alg: "HS256" }).sign(new TextEncoder().encode("secret"));

const session = new InternalSession({
refreshAccessTokenCallback: async () => AccessToken.createIfValid(token),
refreshToken: "refresh-token",
accessToken: null,
});

await expect(session.getOrFetchLikelyValidTokens(20_000, 75_000)).rejects.toThrow(StackAssertionError);
});