From 2a15974a93e2fce120e27a07953464764e930c22 Mon Sep 17 00:00:00 2001 From: Lucas Di Pentima Date: Mon, 7 Sep 2020 17:37:22 -0300 Subject: [PATCH] 16679: Uses sessionStorage when Login.TokenLifetime is set to non-zero. Also, removes sessions list on logout, as tokens are also saved there. Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- src/common/config.ts | 2 + src/services/auth-service/auth-service.ts | 46 ++++++++++++++--------- src/services/services.ts | 7 +++- src/store/auth/auth-middleware.ts | 2 + 4 files changed, 39 insertions(+), 18 deletions(-) diff --git a/src/common/config.ts b/src/common/config.ts index 0f935602..96152248 100644 --- a/src/common/config.ts +++ b/src/common/config.ts @@ -62,6 +62,7 @@ export interface ClusterConfigJSON { }; Login: { LoginCluster: string; + TokenLifetime: string; Google: { Enable: boolean; } @@ -221,6 +222,7 @@ export const mockClusterConfigJSON = (config: Partial): Clust }, Login: { LoginCluster: "", + TokenLifetime: "0s", Google: { Enable: false, }, diff --git a/src/services/auth-service/auth-service.ts b/src/services/auth-service/auth-service.ts index 61db625c..5e382fba 100644 --- a/src/services/auth-service/auth-service.ts +++ b/src/services/auth-service/auth-service.ts @@ -39,38 +39,46 @@ export class AuthService { constructor( protected apiClient: AxiosInstance, protected baseUrl: string, - protected actions: ApiActions) { } + protected actions: ApiActions, + protected useSessionStorage: boolean = false) { } + + private getStorage() { + if (this.useSessionStorage) { + return sessionStorage; + } + return localStorage; + } public saveApiToken(token: string) { - localStorage.setItem(API_TOKEN_KEY, token); + this.getStorage().setItem(API_TOKEN_KEY, token); const sp = token.split('/'); if (sp.length === 3) { - localStorage.setItem(HOME_CLUSTER, sp[1].substr(0, 5)); + this.getStorage().setItem(HOME_CLUSTER, sp[1].substr(0, 5)); } } public removeApiToken() { - localStorage.removeItem(API_TOKEN_KEY); + this.getStorage().removeItem(API_TOKEN_KEY); } public getApiToken() { - return localStorage.getItem(API_TOKEN_KEY) || undefined; + return this.getStorage().getItem(API_TOKEN_KEY) || undefined; } public getHomeCluster() { - return localStorage.getItem(HOME_CLUSTER) || undefined; + return this.getStorage().getItem(HOME_CLUSTER) || undefined; } public removeUser() { - localStorage.removeItem(USER_EMAIL_KEY); - localStorage.removeItem(USER_FIRST_NAME_KEY); - localStorage.removeItem(USER_LAST_NAME_KEY); - localStorage.removeItem(USER_UUID_KEY); - localStorage.removeItem(USER_OWNER_UUID_KEY); - localStorage.removeItem(USER_IS_ADMIN); - localStorage.removeItem(USER_IS_ACTIVE); - localStorage.removeItem(USER_USERNAME); - localStorage.removeItem(USER_PREFS); + this.getStorage().removeItem(USER_EMAIL_KEY); + this.getStorage().removeItem(USER_FIRST_NAME_KEY); + this.getStorage().removeItem(USER_LAST_NAME_KEY); + this.getStorage().removeItem(USER_UUID_KEY); + this.getStorage().removeItem(USER_OWNER_UUID_KEY); + this.getStorage().removeItem(USER_IS_ADMIN); + this.getStorage().removeItem(USER_IS_ACTIVE); + this.getStorage().removeItem(USER_USERNAME); + this.getStorage().removeItem(USER_PREFS); } public login(uuidPrefix: string, homeCluster: string, loginCluster: string, remoteHosts: { [key: string]: string }) { @@ -113,7 +121,7 @@ export class AuthService { public getSessions(): Session[] { try { - const sessions = JSON.parse(localStorage.getItem("sessions") || ''); + const sessions = JSON.parse(this.getStorage().getItem("sessions") || ''); return sessions; } catch { return []; @@ -121,7 +129,11 @@ export class AuthService { } public saveSessions(sessions: Session[]) { - localStorage.setItem("sessions", JSON.stringify(sessions)); + this.getStorage().setItem("sessions", JSON.stringify(sessions)); + } + + public removeSessions() { + this.getStorage().removeItem("sessions"); } public buildSessions(cfg: Config, user?: User) { diff --git a/src/services/services.ts b/src/services/services.ts index 41dc831e..9a7b1e04 100644 --- a/src/services/services.ts +++ b/src/services/services.ts @@ -32,6 +32,7 @@ import { VocabularyService } from '~/services/vocabulary-service/vocabulary-serv import { NodeService } from '~/services/node-service/node-service'; import { FileViewersConfigService } from '~/services/file-viewers-config-service/file-viewers-config-service'; import { LinkAccountService } from "./link-account-service/link-account-service"; +import parse from "parse-duration"; export type ServiceRepository = ReturnType; @@ -78,7 +79,11 @@ export const createServices = (config: Config, actions: ApiActions, useApiClient const linkAccountService = new LinkAccountService(apiClient, actions); const ancestorsService = new AncestorService(groupsService, userService); - const authService = new AuthService(apiClient, config.rootUrl, actions); + + const tokenLifetime = config && config.clusterConfig && config.clusterConfig.Login.TokenLifetime || '0s'; + const authService = new AuthService(apiClient, config.rootUrl, actions, + (parse(tokenLifetime, 's') || 0) > 0); + const collectionService = new CollectionService(apiClient, webdavClient, authService, actions); const favoriteService = new FavoriteService(linkService, groupsService); const tagService = new TagService(linkService); diff --git a/src/store/auth/auth-middleware.ts b/src/store/auth/auth-middleware.ts index 76f85984..6eef5e5e 100644 --- a/src/store/auth/auth-middleware.ts +++ b/src/store/auth/auth-middleware.ts @@ -30,6 +30,7 @@ export const authMiddleware = (services: ServiceRepository): Middleware => store setAuthorizationHeader(services, state.auth.apiToken); } else { services.authService.removeApiToken(); + services.authService.removeSessions(); removeAuthorizationHeader(services); } @@ -64,6 +65,7 @@ export const authMiddleware = (services: ServiceRepository): Middleware => store services.linkAccountService.removeAccountToLink(); } services.authService.removeApiToken(); + services.authService.removeSessions(); services.authService.removeUser(); removeAuthorizationHeader(services); services.authService.logout(); -- 2.30.2