From 0cc837b220f248cd6bbc34faf81b93d95f3ee18a Mon Sep 17 00:00:00 2001
From: Michael Drury <me@michaeldrury.co.uk>
Date: Tue, 3 Nov 2020 15:00:39 +0000
Subject: [PATCH] Updating server test cases with the header for appId.

---
 packages/client/src/render/getAppId.js            |  3 ++-
 .../server/src/api/routes/tests/couchTestUtils.js | 15 +++++++++++----
 packages/server/src/middleware/authenticated.js   |  7 ++++---
 3 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/packages/client/src/render/getAppId.js b/packages/client/src/render/getAppId.js
index d476eda44c..7da86a802d 100644
--- a/packages/client/src/render/getAppId.js
+++ b/packages/client/src/render/getAppId.js
@@ -1,3 +1,4 @@
 export const getAppIdFromPath = () => {
-  return location.pathname.split("/")[1]
+  let appId = location.pathname.split("/")[1]
+  return appId.startsWith("app_") ? appId : undefined
 }
diff --git a/packages/server/src/api/routes/tests/couchTestUtils.js b/packages/server/src/api/routes/tests/couchTestUtils.js
index 07ff407e3d..02a75d77fd 100644
--- a/packages/server/src/api/routes/tests/couchTestUtils.js
+++ b/packages/server/src/api/routes/tests/couchTestUtils.js
@@ -27,15 +27,19 @@ exports.defaultHeaders = appId => {
   const builderUser = {
     userId: "BUILDER",
     accessLevelId: BUILDER_LEVEL_ID,
-    appId,
   }
 
   const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
 
-  return {
+  const headers = {
     Accept: "application/json",
-    Cookie: [`budibase:builder=${builderToken}:local`],
+    Cookie: [`budibase:builder:local=${builderToken}`],
   }
+  if (appId) {
+    headers["x-budibase-app-id"] = appId
+  }
+
+  return headers
 }
 
 exports.createTable = async (request, appId, table) => {
@@ -209,7 +213,10 @@ const createUserWithPermissions = async (
 
   const loginResult = await request
     .post(`/api/authenticate`)
-    .set({ Cookie: `budibase:${appId}:local=${anonToken}` })
+    .set({
+      Cookie: `budibase:${appId}:local=${anonToken}`,
+      "x-budibase-app-id": appId,
+    })
     .send({ username, password })
 
   // returning necessary request headers
diff --git a/packages/server/src/middleware/authenticated.js b/packages/server/src/middleware/authenticated.js
index 5bdafa9dee..a29fa9f51c 100644
--- a/packages/server/src/middleware/authenticated.js
+++ b/packages/server/src/middleware/authenticated.js
@@ -20,10 +20,11 @@ module.exports = async (ctx, next) => {
   // do everything we can to make sure the appId is held correctly
   // we hold it in state as a
   let appId = getAppId(ctx)
-  if (appId) {
+  const cookieAppId = ctx.cookies.get(getCookieName("currentapp"))
+  if (appId && cookieAppId !== appId) {
     setCookie(ctx, "currentapp", appId)
-  } else {
-    appId = ctx.cookies.get(getCookieName("currentapp"))
+  } else if (cookieAppId) {
+    appId = cookieAppId
   }
 
   const appToken = ctx.cookies.get(getCookieName(appId))