From a77899d276e8c578b7cadfd9a29eadcc2717c945 Mon Sep 17 00:00:00 2001
From: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
Date: Thu, 17 Feb 2022 10:04:53 -0600
Subject: [PATCH] UI: Switch usage of localStorage to sessionStorage (#14054)

* Switch usage of localStorage to sessionStorage in UI

* Add changelog
---
 changelog/14054.txt                                   | 3 +++
 ui/app/lib/local-storage.js                           | 8 ++++----
 ui/app/lib/token-storage.js                           | 2 +-
 ui/tests/acceptance/enterprise-control-groups-test.js | 2 +-
 ui/tests/acceptance/redirect-to-test.js               | 2 +-
 5 files changed, 10 insertions(+), 7 deletions(-)
 create mode 100644 changelog/14054.txt

diff --git a/changelog/14054.txt b/changelog/14054.txt
new file mode 100644
index 000000000..a75d6fa33
--- /dev/null
+++ b/changelog/14054.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+ui: Swap browser localStorage in favor of sessionStorage
+```
diff --git a/ui/app/lib/local-storage.js b/ui/app/lib/local-storage.js
index 86556835c..bc9bcfa98 100644
--- a/ui/app/lib/local-storage.js
+++ b/ui/app/lib/local-storage.js
@@ -1,18 +1,18 @@
 export default {
   getItem(key) {
-    var item = window.localStorage.getItem(key);
+    var item = window.sessionStorage.getItem(key);
     return item && JSON.parse(item);
   },
 
   setItem(key, val) {
-    window.localStorage.setItem(key, JSON.stringify(val));
+    window.sessionStorage.setItem(key, JSON.stringify(val));
   },
 
   removeItem(key) {
-    return window.localStorage.removeItem(key);
+    return window.sessionStorage.removeItem(key);
   },
 
   keys() {
-    return Object.keys(window.localStorage);
+    return Object.keys(window.sessionStorage);
   },
 };
diff --git a/ui/app/lib/token-storage.js b/ui/app/lib/token-storage.js
index a50a5a1c3..3e8b61536 100644
--- a/ui/app/lib/token-storage.js
+++ b/ui/app/lib/token-storage.js
@@ -7,7 +7,7 @@ export default function (type) {
   }
   let storage;
   try {
-    window.localStorage.getItem('test');
+    localStorageWrapper.getItem('test');
     storage = localStorageWrapper;
   } catch (e) {
     storage = memoryStorage;
diff --git a/ui/tests/acceptance/enterprise-control-groups-test.js b/ui/tests/acceptance/enterprise-control-groups-test.js
index 81434e11d..6589f59c1 100644
--- a/ui/tests/acceptance/enterprise-control-groups-test.js
+++ b/ui/tests/acceptance/enterprise-control-groups-test.js
@@ -173,7 +173,7 @@ module('Acceptance | Enterprise | control groups', function (hooks) {
     await authPage.login(context.userToken);
     await settled();
     if (shouldStoreToken) {
-      localStorage.setItem(
+      sessionStorage.setItem(
         storageKey(accessor, 'kv/foo'),
         JSON.stringify({
           accessor,
diff --git a/ui/tests/acceptance/redirect-to-test.js b/ui/tests/acceptance/redirect-to-test.js
index 698a140c9..5951301ca 100644
--- a/ui/tests/acceptance/redirect-to-test.js
+++ b/ui/tests/acceptance/redirect-to-test.js
@@ -47,7 +47,7 @@ module('Acceptance | redirect_to query param functionality', function (hooks) {
     // normally we'd use the auth.logout helper to visit the route and reset the app, but in this case that
     // also routes us to the auth page, and then all of the transitions from the auth page get redirected back
     // to the auth page resulting in no redirect_to query param being set
-    localStorage.clear();
+    sessionStorage.clear();
   });
   test('redirect to a route after authentication', async function (assert) {
     let url = '/vault/secrets/secret/create';