mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-05 19:03:30 -05:00
6d62c9ba36
first of a two step process to remove invited user objects from the session. we're removing them because they're of variable size, and with a lot of folder permissions they can cause the session to exceed the 4kb cookie size limit and not save properly. this commit looks at invited org users only. in this step, start saving the invited org user's id to the session alongside the session object. Then, if the invited_org_user_id is present in the next step of the invite flow, fetch the user object from the API instead of from the session. If it's not present (due to a session set by an older instance of the admin app), then just use the old code to get the entire object out of the session. For invites where the user is small enough to persist to the cookie, this will still save both the old and the new way, but will always make an extra check to the API, I think this minor performance hit is totally fine. For invites where the user is too big to persist, they'll still fail for now, and will need to wait until the next PR comes along and stops saving the large invited user object to the session entirely.