In certain circumstances, all HTTP headers were included in the set of session variables. This has now been reduced to only the session variables. This change affects a number of areas, including the HTTP logs, JWT claims, rate limiting, and accessing session variables in Kriti code.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10964
GitOrigin-RevId: fc573cd89f7c0f1a17b9e8a56396f31e70669650
In preparation for tightening up the various ways in which we construct and work with session variables, I am trying to move the behavior into the same module(s) as the data types, so that we can avoid exposing the internals of data structures in favor of smart constructors and conversions.
The session variable code was split between `Hasura.RQL.Types.Roles`, `Hasura.RQL.Types.Session`, and `Hasura.Session`, with the first two containing most of the data structures (and some logic) and the latter containing the rest of the logic. These files do not interact with the rest of `Hasura.RQL`, though they are depended upon by that namespace.
I have refactored these files into a new namespace, `Hasura.Authentication`. It now looks like this:
1. Role types are now in `Hasura.Authentication.Role`.
2. Header constants were moved from `Hasura.Server.Utils` to `Hasura.Authentication.Headers` (plural) to avoid cycles.
3. Header logic was moved from various places into `Hasura.Authentication.Header` (singular) for the same reason.
4. Session variable types and logic live together in `Hasura.Authentication.Session`.
5. User info types and logic live together in `Hasura.Authentication.User`.
This new structure is cycle-free and generally avoids importing the rest of the code, which means we should be able to start pruning the list of exports and locking down session variable construction.
No behavior was changed in this changeset.
The majority of changes are to the imports in a number of files; everything depends on these things. By splitting into multiple files, we also reduce the surface area of an individual import, which was a pleasant side-effect of this work.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10960
GitOrigin-RevId: 7cb962c06483cd9b92b80432aed5cabecb465cda
In rare cases, sensitive headers were written to the GraphQL Engine logs. These cases are now handled correctly to avoid logging sensitive information.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10946
GitOrigin-RevId: a9d66532245789a16cf91936d53bbfce19d272a4
Alpine is often slower than Debian (because musl is sometimes slower than glibc) and not how anyone actually deploys PostgreSQL in production.
Most notably, some floating-point computations result in slightly different values, and Debian ships with better support for different locales so sorting text (e.g. with `ORDER BY`) behaves differently.
Let's test against an environment that people are likely to actually use.
As a result, there are slight changes to the results of PostGIS computations in a couple of test cases.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10942
GitOrigin-RevId: 4caed19def23a372fc3930c409514b1c9b385026
Redis-based caching: the endpoints related to clearing the cache and gathering cache metrics would sometimes miss keys. This has been remedied.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10843
GitOrigin-RevId: 4fafb17fc570b3dc2e265493f967f8b30eace46a
This fixes the existing tests around query caching and other Redis-related behaviors so they actually run.
Some of the tests still fail because of a couple of bugs, but the error messages are now meaningful.
They do not yet run in CI. We will enable them once they are fixed.
I added a bit of extra logging; we now log the Redis server host and port. I also left in the `Show` instance derivations I used for debugging, as I don't think they'll harm anything and might be useful in the future.
The changes are as follows:
1. I added a `redis` server to the tests and configured both HGE and the test runner to talk to it.
2. I fixed up the action tests so they set up and tear down correctly, including a fix to the output type of the action.
3. Caching has been implemented for actions with client header forwarding, so I have changed the test accordingly.
4. Tests now fail correctly if the response headers are wrong but the body is correct.
5. I have updated the keys in the response headers as the algorithm for generating them seems to have changed.
6. A few improvements have been made to the Python tests to handle lint warnings and improve logging.
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/10839
GitOrigin-RevId: 5d31a376346190b5c7b398b4dee84b88a9d1b18b
