mirror of
https://github.com/Memo-2023/mana-monorepo.git
synced 2026-05-15 02:41:09 +02:00
752f31bfad
Two related issues in the encryption pipeline that were both surfacing as silent failures when a user tried to log a mood / write to any encrypted field shortly after page load or while signed out: 1. Boot-time race The layout fires authStore.initialize() and vaultClient.unlock() in the same tick. The very first user mutation can land before the network round-trip that fetches the master key returns. encryptRecord then synchronously sees a null key and throws VaultLockedError — surfacing in the UI as "click does nothing" because nothing in the call chain catches it. Fix: KeyProvider gets a waitForKey(timeoutMs) method. MemoryKeyProvider implements it via the existing onChange listener, so callers resume as soon as setKey lands. encryptRecord now waits up to 2 s before throwing, which converts a near-miss race into a transparent millisecond delay. 2. Guest plaintext fallback (Option A in the chat thread) Guests have no auth token, so the server vault is unreachable by definition. Refusing every encrypted-field write would hide the bulk of the app behind a sign-up wall — undesirable for the try-before-you-buy local-first flow. Fix: encryptRecord now silently no-ops when getCurrentUserId() is null, writing plaintext to the local Dexie. guest-migration.ts waits for the vault (10 s budget) and then encrypts the registry fields per-table BEFORE the re-insert, so the on-disk state after sign-in matches "user signed up first, then typed everything". If the vault never opens (auth/network failure on /me/encryption-vault), migration aborts cleanly — guest data stays put rather than being re-inserted as plaintext under the real user id. UI side: cycles/ListView.svelte wraps every dayLogsStore.logDay call in a safeLogDay helper that catches VaultLockedError and surfaces a toast pointing the user at Settings → Sicherheit. Previously the unhandled rejection from a click handler vanished into the console. Tests: - record-helpers.test.ts now stamps a fake current user in beforeEach so the new guest-skip doesn't no-op the encryption asserts. The "throws when locked" test uses fake timers to flush the 2 s wait without sitting on it. - aes.test.ts: anonymous-class KeyProvider stub gains the new waitForKey method to satisfy the interface. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| api | ||
| calc/packages/shared | ||
| calendar | ||
| cards | ||
| chat | ||
| citycorners | ||
| contacts | ||
| context | ||
| docs | ||
| guides | ||
| inventar | ||
| mana | ||
| manavoxel | ||
| memoro | ||
| moodlit | ||
| mukke | ||
| news | ||
| nutriphi | ||
| photos | ||
| picture | ||
| planta | ||
| presi | ||
| questions | ||
| skilltree | ||
| storage | ||
| times | ||
| todo | ||
| traces | ||
| uload | ||
| zitare/packages/content | ||