mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-05-24 06:35:10 +00:00
a612506a9e
Pre-refactor getAuthScope() used four buckets including a literal 'apikey' / 'anon' split. The atomized scope dropped this distinction — both api-key and anonymous sessions ended up with {userId: null, workspaceId: null}, sharing a query key.
Because the QueryClient persists across api-key set/clear transitions (no eviction path runs without a router-driven WorkspaceAuthGate unmount), this caused cross-bucket cache reuse: an anonymous fetch could be served to an authenticated api-key reader within staleTime, or vice versa.
Add an opaque apiKeyBucket: 'apikey' | 'anon' | null field to RemoteAuthScope, include it in remoteOptionKeys.byRoute, and populate it from useApiKeyAuthStore().getApiKey() in both useRemoteOptions (Vue path) and useRemoteWidget (Litegraph path). Only the bucket literal lives in the query key — never the api-key value itself — so devtools/Sentry don't see secrets.
Adds a regression test asserting that anon and apikey scopes with identical userId/workspaceId produce distinct query keys.
20 lines
434 B
TypeScript
20 lines
434 B
TypeScript
export type RemoteRequestClient = 'comfyApi'
|
|
|
|
export interface RemoteRequestDescriptor {
|
|
client: RemoteRequestClient
|
|
route: string
|
|
params?: Record<string, string>
|
|
responseKey?: string
|
|
ttl?: number
|
|
timeout?: number
|
|
maxRetries?: number
|
|
}
|
|
|
|
export type RemoteAuthBucket = 'apikey' | 'anon'
|
|
|
|
export interface RemoteAuthScope {
|
|
userId?: string | null
|
|
workspaceId?: string | null
|
|
apiKeyBucket?: RemoteAuthBucket | null
|
|
}
|