refactor(session): remove unencrypted session fallback (#2314)

This removes a temporary session fallback for unencrypted sessions.
2021-08-26 21:48:14 +10:00 · 2021-08-26 21:48:14 +10:00 · 8d102ce5d8
parent 0c5c85cbe4
commit 8d102ce5d8
2 changed files with 3 additions and 14 deletions
--- a/internal/session/encrypting_serializer.go
+++ b/internal/session/encrypting_serializer.go
@ -49,16 +49,7 @@ func (e *EncryptingSerializer) Decode(dst *session.Dict, src []byte) error {

 	decryptedSrc, err := utils.Decrypt(src, &e.key)
 	if err != nil {
-		// If an error is thrown while decrypting, it's probably an old unencrypted session
-		// so we just unmarshall it without decrypting. It's a way to avoid a breaking change
-		// requiring to flush redis.
-		// TODO(clems4ever): remove in few months
-		_, uerr := dst.UnmarshalMsg(src)
-		if uerr != nil {
-			return fmt.Errorf("unable to decrypt session: %s", err)
-		}
-
-		return nil
+		return fmt.Errorf("unable to decrypt session: %s", err)
 	}

 	_, err = dst.UnmarshalMsg(decryptedSrc)
--- a/internal/session/encrypting_serializer_test.go
+++ b/internal/session/encrypting_serializer_test.go
@ -29,7 +29,7 @@ func TestShouldEncryptAndDecrypt(t *testing.T) {
 	assert.Equal(t, "value", decodedPayload.Get("key"))
 }

-func TestShouldSupportUnencryptedSessionForBackwardCompatibility(t *testing.T) {
+func TestShouldNotSupportUnencryptedSessionForBackwardCompatibility(t *testing.T) {
 	payload := session.Dict{}
 	payload.Set("key", "value")

@ -40,7 +40,5 @@ func TestShouldSupportUnencryptedSessionForBackwardCompatibility(t *testing.T) {

 	decodedPayload := session.Dict{}
 	err = serializer.Decode(&decodedPayload, dst)
-	require.NoError(t, err)
-
-	assert.Equal(t, "value", decodedPayload.Get("key"))
+	assert.EqualError(t, err, "unable to decrypt session: cipher: message authentication failed")
 }