Skip to content

fix(auth): Remove online check from getCurrentUser #3122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 4, 2025
Merged

fix(auth): Remove online check from getCurrentUser #3122

merged 1 commit into from
Sep 4, 2025

Conversation

@mattcreaser
Copy link
Member

@mattcreaser mattcreaser commented Sep 3, 2025

  • PR title and description conform to Pull Request guidelines.

Issue #, if available: #3118

Description of changes:
Removes the check for expired refresh tokens from the getCurrentUser call. None of the other Amplify platforms had this check, so this better aligns with their implementations.

Now getCurrentUser will be a simple offline-only check to see if there are cached credentials on the device. If there are, we return the user data.

This does mean that in cases where you were signed in but your refresh tokens have expired (or were revoked) getCurrentUser will now succeed, where previously it would have failed.

How did you test these changes?

  • Revoked users tokens, ensured that getCurrentUser still succeeds.

Documentation update required?

  • No
  • Yes (Please include a PR link for the documentation update)

General Checklist

  • Added Unit Tests
  • Added Integration Tests
  • Security oriented best practices and standards are followed (e.g. using input sanitization, principle of least privilege, etc)
  • Ensure commit message has the appropriate scope (e.g fix(storage): message, feat(auth): message, chore(all): message)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@mattcreaser mattcreaser requested a review from a team as a code owner September 3, 2025 14:18
@mattcreaser mattcreaser merged commit 0dbb4aa into main Sep 4, 2025
16 of 20 checks passed
@mattcreaser mattcreaser deleted the mattcreaser/offline-getcurrentuser branch September 4, 2025 16:37
@codecov
Copy link

codecov bot commented Sep 4, 2025

Codecov Report

❌ Patch coverage is 0% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 54.25%. Comparing base (3f72bcb) to head (2d2a977).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3122      +/-   ##
==========================================
- Coverage   54.27%   54.25%   -0.02%     
==========================================
  Files        1038     1038              
  Lines       31991    32006      +15     
  Branches     4700     4703       +3     
==========================================
+ Hits        17363    17365       +2     
- Misses      12788    12802      +14     
+ Partials     1840     1839       -1
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tylerjroach tylerjroach tylerjroach approved these changes

@harsh62 harsh62 harsh62 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mattcreaser @tylerjroach @harsh62