From 4404208deb52a5797a01d035c0f6fd0bd67b8a2e Mon Sep 17 00:00:00 2001
From: Pujit Mehrotra <pujit@lime-technology.com>
Date: Wed, 8 Jan 2025 14:15:46 -0500
Subject: [PATCH] chore(web): mock user session cookie during development
 (#997)

* chore(web): mock user session cookie during development

* refactor(scripts): change default mock session name to mock-user-session

* tmp: log cookies in production

* refactor(api): add dev fixture for a mock user session

* fix(web): only mock session cookie during development

* fix(web): type coercion of MOCK_USER_SESSION env flag
---
 api/.env.development                      | 1 +
 api/dev/sessions/sess_mock-user-session   | 0
 api/scripts/create-session.sh             | 4 ++--
 api/src/store/modules/paths.ts            | 2 +-
 api/src/unraid-api/auth/cookie.service.ts | 2 +-
 web/.env.example                          | 2 ++
 web/components/UserProfile.ce.vue         | 7 +++++++
 web/helpers/env.ts                        | 5 +++++
 8 files changed, 19 insertions(+), 4 deletions(-)
 create mode 100644 api/dev/sessions/sess_mock-user-session
 create mode 100644 web/helpers/env.ts

diff --git a/api/.env.development b/api/.env.development
index 30db6cf00..25172915b 100644
--- a/api/.env.development
+++ b/api/.env.development
@@ -1,5 +1,6 @@
 PATHS_UNRAID_DATA=./dev/data # Where we store plugin data (e.g. permissions.json)
 PATHS_STATES=./dev/states # Where .ini files live (e.g. vars.ini)
+PATHS_AUTH_SESSIONS=./dev/sessions # Where user sessions live
 PATHS_AUTH_KEY=./dev/keys # Auth key directory
 PATHS_DYNAMIX_BASE=./dev/dynamix # Dynamix's data directory
 PATHS_DYNAMIX_CONFIG_DEFAULT=./dev/dynamix/default.cfg # Dynamix's default config file, which ships with unraid
diff --git a/api/dev/sessions/sess_mock-user-session b/api/dev/sessions/sess_mock-user-session
new file mode 100644
index 000000000..e69de29bb
diff --git a/api/scripts/create-session.sh b/api/scripts/create-session.sh
index d24f5a798..5ae85cfce 100755
--- a/api/scripts/create-session.sh
+++ b/api/scripts/create-session.sh
@@ -7,7 +7,7 @@
 # By default, this is my-session
 
 sessions_dir=/var/lib/php
-default_session_name=my-session
+default_session_name=mock-user-session
 
 if [ "$1" = "--help" ]; then
   echo "This script creates a mock session on a server."
@@ -15,7 +15,7 @@ if [ "$1" = "--help" ]; then
   echo "Usage: $0 [options]"
   echo ""
   echo "Options:"
-  echo "  [name]    Name of the session to create (default: my-session)"
+  echo "  [name]    Name of the session to create (default: mock-user-session)"
   echo "  --help    Display this help message and exit"
   echo ""
   echo "Example: $0 a-session-name"
diff --git a/api/src/store/modules/paths.ts b/api/src/store/modules/paths.ts
index 7cc3d0d42..9a7f8b839 100644
--- a/api/src/store/modules/paths.ts
+++ b/api/src/store/modules/paths.ts
@@ -62,7 +62,7 @@ const initialState = {
     'log-base': resolvePath('/var/log/unraid-api/' as const),
     'var-run': '/var/run' as const,
     // contains sess_ files that correspond to authenticated user sessions
-    'auth-sessions': '/var/lib/php' as const,
+    'auth-sessions': process.env.PATHS_AUTH_SESSIONS ?? '/var/lib/php',
     'auth-keys': resolvePath(
         process.env.PATHS_AUTH_KEY ?? ('/boot/config/plugins/dynamix.my.servers/keys' as const)
     ),
diff --git a/api/src/unraid-api/auth/cookie.service.ts b/api/src/unraid-api/auth/cookie.service.ts
index a531824eb..4737b5d41 100644
--- a/api/src/unraid-api/auth/cookie.service.ts
+++ b/api/src/unraid-api/auth/cookie.service.ts
@@ -23,7 +23,7 @@ export class CookieService {
     ) {}
 
     /**
-     * @returns new SessionCookieOptions with `namePrefix: 'unraid_', sessionDir: '/var/lib/php'`
+     * @returns new SessionCookieOptions with e.g. `namePrefix: 'unraid_', sessionDir: '/var/lib/php'`
      */
     static defaultOpts(): SessionCookieConfig {
         return {
diff --git a/web/.env.example b/web/.env.example
index dc5498498..bc4c86abf 100644
--- a/web/.env.example
+++ b/web/.env.example
@@ -10,3 +10,5 @@ VITE_ALLOW_CONSOLE_LOGS=true
 # For an Unraid Webgui deployment, set this to 10.
 VITE_TAILWIND_BASE_FONT_SIZE=16
 VITE_WEBGUI=http://localhost:3001
+# Flag for mocking a user session during development via an unsecure cookie
+VITE_MOCK_USER_SESSION=true
diff --git a/web/components/UserProfile.ce.vue b/web/components/UserProfile.ce.vue
index d038d93a0..8b6983e20 100644
--- a/web/components/UserProfile.ce.vue
+++ b/web/components/UserProfile.ce.vue
@@ -11,6 +11,7 @@ import { useThemeStore } from '~/store/theme';
 import type { Server } from '~/types/server';
 import 'tailwindcss/tailwind.css';
 import '~/assets/main.css';
+import { devConfig } from '~/helpers/env';
 
 export interface Props {
   server?: Server | string;
@@ -92,6 +93,12 @@ onBeforeMount(() => {
     console.warn('A valid keyfile and USB Flash boot device are required to check for key renewals, key replacement eligibiliy, and OS update availability.');
   }
 });
+
+onMounted(() => {
+  if (devConfig.VITE_MOCK_USER_SESSION && devConfig.NODE_ENV === 'development') {
+    document.cookie = 'unraid_session_cookie=mock-user-session';
+  }
+})
 </script>
 
 <template>
diff --git a/web/helpers/env.ts b/web/helpers/env.ts
new file mode 100644
index 000000000..6473bb3ee
--- /dev/null
+++ b/web/helpers/env.ts
@@ -0,0 +1,5 @@
+export const devConfig = {
+  /** Flag for mocking a user session during development via an unsecure cookie */
+  VITE_MOCK_USER_SESSION: String(import.meta.env.VITE_MOCK_USER_SESSION) === 'true',
+  NODE_ENV: process.env.NODE_ENV,
+};