diff --git a/apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/users/[userId]/page-client.tsx b/apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/users/[userId]/page-client.tsx index 908ba20f6..81fb3e3ef 100644 --- a/apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/users/[userId]/page-client.tsx +++ b/apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/users/[userId]/page-client.tsx @@ -38,7 +38,7 @@ import { Typography, useToast } from "@/components/ui"; -import { DeleteUserDialog, ImpersonateUserDialog } from "@/components/user-dialogs"; +import { DeleteUserDialog, generateImpersonateSnippet, ImpersonateUserDialog } from "@/components/user-dialogs"; import { ALL_APPS_FRONTEND } from "@/lib/apps-frontend"; import { isAppEnabled } from "@/lib/apps-utils"; import { parseRiskScore } from "@/lib/risk-score-utils"; @@ -52,7 +52,7 @@ import { normalizeCountryCode } from "@hexclave/shared/dist/schema-fields"; import { fromNow } from "@hexclave/shared/dist/utils/dates"; import { captureError, HexclaveAssertionError, throwErr } from '@hexclave/shared/dist/utils/errors'; import { runAsynchronouslyWithAlert } from "@hexclave/shared/dist/utils/promises"; -import { deindent } from "@hexclave/shared/dist/utils/strings"; + import { usePathname, useSearchParams } from "next/navigation"; import { Suspense, useCallback, useEffect, useMemo, useRef, useState, type ReactNode, type RefObject } from "react"; import { createPortal } from "react-dom"; @@ -148,12 +148,13 @@ function UserHeader({ user }: UserHeaderProps) { runAsynchronouslyWithAlert(async () => { const expiresInMillis = 1000 * 60 * 60 * 2; const expiresAtDate = new Date(Date.now() + expiresInMillis); - const session = await user.createSession({ expiresInMillis }); + const session = await user.createSession({ expiresInMillis, isImpersonation: true }); const tokens = await session.getTokens(); - setImpersonateSnippet(deindent` - document.cookie = 'stack-refresh-${hexclaveAdminApp.projectId}=${tokens.refreshToken}; expires=${expiresAtDate.toUTCString()}; path=/'; - window.location.reload(); - `); + setImpersonateSnippet(generateImpersonateSnippet( + hexclaveAdminApp.projectId, + tokens.refreshToken ?? throwErr("Expected refresh token for newly created impersonation session"), + expiresAtDate, + )); }); }, }, diff --git a/apps/dashboard/src/components/data-table/user-table.tsx b/apps/dashboard/src/components/data-table/user-table.tsx index 39222df6a..80df615aa 100644 --- a/apps/dashboard/src/components/data-table/user-table.tsx +++ b/apps/dashboard/src/components/data-table/user-table.tsx @@ -31,13 +31,14 @@ import { type DataGridDataSource, } from "@hexclave/dashboard-ui-components"; import { fromNow } from "@hexclave/shared/dist/utils/dates"; +import { throwErr } from "@hexclave/shared/dist/utils/errors"; import { runAsynchronouslyWithAlert } from "@hexclave/shared/dist/utils/promises"; -import { deindent } from "@hexclave/shared/dist/utils/strings"; + import { useCallback, useEffect, useMemo, useState } from "react"; import { useDebounce } from "use-debounce"; import { Link } from "../link"; import { CreateCheckoutDialog } from "../payments/create-checkout-dialog"; -import { DeleteUserDialog, ImpersonateUserDialog } from "../user-dialogs"; +import { DeleteUserDialog, generateImpersonateSnippet, ImpersonateUserDialog } from "../user-dialogs"; // ─── Types ─────────────────────────────────────────────────────────── @@ -394,12 +395,11 @@ function UserActions(props: { user: ExtendedServerUser }) { const expiresAtDate = new Date(Date.now() + expiresInMillis); const session = await user.createSession({ expiresInMillis, isImpersonation: true }); const tokens = await session.getTokens(); - setImpersonateSnippet( - deindent` - document.cookie = 'stack-refresh-${hexclaveAdminApp.projectId}=${tokens.refreshToken}; expires=${expiresAtDate.toUTCString()}; path=/'; - window.location.reload(); - `, - ); + setImpersonateSnippet(generateImpersonateSnippet( + hexclaveAdminApp.projectId, + tokens.refreshToken ?? throwErr("Expected refresh token for newly created impersonation session"), + expiresAtDate, + )); }) } > diff --git a/apps/dashboard/src/components/user-dialogs.tsx b/apps/dashboard/src/components/user-dialogs.tsx index a6539d2c9..66cdcaa3d 100644 --- a/apps/dashboard/src/components/user-dialogs.tsx +++ b/apps/dashboard/src/components/user-dialogs.tsx @@ -1,5 +1,6 @@ import { ServerUser } from '@hexclave/next'; import { ActionDialog, CopyField, Typography } from "@/components/ui"; +import { deindent } from "@hexclave/shared/dist/utils/strings"; import { useRouter } from './router'; @@ -30,14 +31,27 @@ export function DeleteUserDialog(props: { ; } +export function generateImpersonateSnippet( + projectId: string, + refreshToken: string, + expiresAtDate: Date, +): string { + return deindent` + document.cookie = 'hexclave-access=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/'; + document.cookie = 'stack-access=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/'; + document.cookie = 'hexclave-refresh-${encodeURIComponent(projectId)}--default=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/'; + document.cookie = '__Host-hexclave-refresh-${encodeURIComponent(projectId)}--default=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/' + (location.protocol === 'https:' ? '; secure' : ''); + document.cookie = (location.protocol === 'https:' ? '__Host-' : '') + 'stack-refresh-${encodeURIComponent(projectId)}--default=' + encodeURIComponent(JSON.stringify({ refresh_token: ${JSON.stringify(refreshToken)}, updated_at_millis: Date.now() })) + '; expires=${expiresAtDate.toUTCString()}; path=/' + (location.protocol === 'https:' ? '; secure' : ''); + window.location.reload(); + `; +} + export function ImpersonateUserDialog(props: { user: ServerUser, impersonateSnippet: string | null, onClose: () => void, }) { - - return !open && props.onClose()} @@ -45,7 +59,7 @@ export function ImpersonateUserDialog(props: { okButton > - Open your website and paste the following code into the browser console: + Open your website and paste the following code into the browser console. This will replace the current session with the impersonated user session.