[PR #426] fix: Add username to the tokenStoreKey so the saved token is invalidated when the user changes in the environment #1616

New Issue

GiteaMirror · 2026-05-06T19:38:59-05:00

GiteaMirror commented

2026-05-06 19:38:59 -05:00

📋 Pull Request Information

Original PR: https://github.com/mountain-loop/yaak/pull/426
Author: @michaelarnauts
Created: 3/12/2026
Status: 🔄 Open

Base: main ← Head: include-username-in-token-cache

📝 Commits (1)

93c5b84 Add username to the tokenStoreKey

📊 Changes

4 files changed (+51 additions, -0 deletions)

View changed files

📝 plugins/auth-oauth2/src/grants/password.ts (+1 -0)
📝 plugins/auth-oauth2/src/index.ts (+3 -0)
📝 plugins/auth-oauth2/src/store.ts (+2 -0)
➕ plugins/auth-oauth2/tests/store.test.ts (+45 -0)

📄 Description

Summary

When using environments to switch between users on the same OAuth2 server, the username isn't used when defining the tokenStoreKey, so the token of a different user is used after switching the environment that causes the username to change.

Without this fix, I have to use a workaround by modifying the Access Token URL so the tokenStoreKey changes. See screenshot below.

Submission

This PR is a bug fix or small-scope improvement.
If this PR is not a bug fix or small-scope improvement, I linked an approved feedback item below.
I have read and followed CONTRIBUTING.md.
I tested this change locally.
I added or updated tests when reasonable.

Approved feedback item (required if not a bug fix or small-scope improvement):

https://yaak.app/feedback/posts/changing-the-environment-doesn-t-invalidate-my-authentication-token

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/mountain-loop/yaak/pull/426 **Author:** [@michaelarnauts](https://github.com/michaelarnauts) **Created:** 3/12/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `include-username-in-token-cache` --- ### 📝 Commits (1) - [`93c5b84`](https://github.com/mountain-loop/yaak/commit/93c5b8465a0d63729fea95f24be0a56b628d0cfb) Add username to the tokenStoreKey ### 📊 Changes **4 files changed** (+51 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `plugins/auth-oauth2/src/grants/password.ts` (+1 -0) 📝 `plugins/auth-oauth2/src/index.ts` (+3 -0) 📝 `plugins/auth-oauth2/src/store.ts` (+2 -0) ➕ `plugins/auth-oauth2/tests/store.test.ts` (+45 -0) </details> ### 📄 Description ## Summary When using environments to switch between users on the same OAuth2 server, the username isn't used when defining the `tokenStoreKey`, so the token of a different user is used after switching the environment that causes the username to change. Without this fix, I have to use a workaround by modifying the Access Token URL so the `tokenStoreKey` changes. See screenshot below. <img width="776" height="621" alt="afbeelding" src="https://github.com/user-attachments/assets/3552ccd8-924a-485f-a24a-873294bbabdf" /> ## Submission - [X] This PR is a bug fix or small-scope improvement. - [ ] If this PR is not a bug fix or small-scope improvement, I linked an approved feedback item below. - [X] I have read and followed [`CONTRIBUTING.md`](CONTRIBUTING.md). - [ ] I tested this change locally. - [X] I added or updated tests when reasonable. Approved feedback item (required if not a bug fix or small-scope improvement):  ## Related  https://yaak.app/feedback/posts/changing-the-environment-doesn-t-invalidate-my-authentication-token --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-05-06 19:38:59 -05:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/yaak#1616