fix: Forget session on window close

.changeset/two-bikes-crash.md

@@ -0,0 +1,7 @@
+---
+'@rocket.chat/meteor': minor
+---
+
+Fixed an issue related to setting Accounts_ForgetUserSessionOnWindowClose, this setting was not working as expected.
+
+The new meteor 2.16 release introduced a new option to configure the Accounts package and choose between the local storage or session storage. They also changed how Meteor.\_localstorage works internally. Due to these changes in Meteor, our setting to use session storage wasn't working as expected. This PR fixes this issue and configures the Accounts package according to the workspace settings.

apps/meteor/client/startup/accounts.ts

@@ -2,6 +2,7 @@ import { Accounts } from 'meteor/accounts-base';
 import { Meteor } from 'meteor/meteor';
 import { Tracker } from 'meteor/tracker';
 
+import { settings } from '../../app/settings/client';
 import { mainReady } from '../../app/ui-utils/client';
 import { sdk } from '../../app/utils/client/lib/SDKClient';
 import { t } from '../../app/utils/lib/i18n';
@@ -24,3 +25,15 @@ Accounts.onEmailVerificationLink((token: string) => {
 		});
 	});
 });
+
+Meteor.startup(() => {
+	Tracker.autorun(() => {
+		const forgetUserSessionOnWindowClose = settings.get('Accounts_ForgetUserSessionOnWindowClose');
+
+		if (forgetUserSessionOnWindowClose === undefined) {
+			return;
+		}
+
+		Accounts.config({ clientStorage: forgetUserSessionOnWindowClose ? 'session' : 'local' });
+	});
+});

apps/meteor/definition/externals/meteor/accounts-base.d.ts

@@ -42,6 +42,8 @@ declare module 'meteor/accounts-base' {
 
 		function _clearAllLoginTokens(userId: string | null): void;
 
+		function config(options: { clientStorage: 'session' | 'local' }): void;
+
 		class ConfigError extends Error {}
 
 		class LoginCancelledError extends Error {

apps/meteor/tests/e2e/account-forgetSessionOnWindowClose.spec.ts

@@ -0,0 +1,57 @@
+import { DEFAULT_USER_CREDENTIALS } from './config/constants';
+import { Registration } from './page-objects';
+import { test, expect } from './utils/test';
+
+test.describe.serial('Forget session on window close setting', () => {
+	let poRegistration: Registration;
+
+	test.beforeEach(async ({ page }) => {
+		poRegistration = new Registration(page);
+
+		await page.goto('/home');
+	});
+
+	test.describe('Setting off', async () => {
+		test.beforeAll(async ({ api }) => {
+			expect((await api.post('/settings/Accounts_ForgetUserSessionOnWindowClose', { value: false })).status()).toBe(200);
+		});
+
+		test.afterAll(async ({ api }) => {
+			expect((await api.post('/settings/Accounts_ForgetUserSessionOnWindowClose', { value: true })).status()).toBe(200);
+		});
+
+		test('Login using credentials and reload to stay logged in', async ({ page }) => {
+			await poRegistration.username.type('user1');
+			await poRegistration.inputPassword.type(DEFAULT_USER_CREDENTIALS.password);
+			await poRegistration.btnLogin.click();
+
+			await expect(page.locator('role=heading[name="Welcome to Rocket.Chat"]')).toBeVisible();
+
+			await page.reload();
+
+			await expect(page.locator('role=heading[name="Welcome to Rocket.Chat"]')).toBeVisible();
+		});
+	});
+
+	test.describe('Setting on', async () => {
+		test.beforeAll(async ({ api }) => {
+			expect((await api.post('/settings/Accounts_ForgetUserSessionOnWindowClose', { value: true })).status()).toBe(200);
+		});
+
+		test.afterAll(async ({ api }) => {
+			expect((await api.post('/settings/Accounts_ForgetUserSessionOnWindowClose', { value: false })).status()).toBe(200);
+		});
+
+		test('Login using credentials and reload to get logged out', async ({ page }) => {
+			await poRegistration.username.type('user1');
+			await poRegistration.inputPassword.type(DEFAULT_USER_CREDENTIALS.password);
+			await poRegistration.btnLogin.click();
+
+			await expect(page.locator('role=heading[name="Welcome to Rocket.Chat"]')).toBeVisible();
+
+			await page.reload();
+
+			await expect(page.locator('role=button[name="Login"]')).toBeVisible();
+		});
+	});
+});