1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
5 window.SessionDB = function() {
8 loadFromLocalStorage: function() {
10 return JSON.parse(window.localStorage.getItem('sessions')) || {}
15 var all = db.loadFromLocalStorage()
16 if (window.defaultSession) {
17 window.defaultSession.isFromRails = true
18 all[window.defaultSession.user.uuid.slice(0, 5)] = window.defaultSession
22 loadActive: function() {
23 var sessions = db.loadAll()
24 Object.keys(sessions).forEach(function(key) {
25 if (!sessions[key].token)
30 save: function(k, v) {
31 var sessions = db.loadAll()
33 Object.keys(sessions).forEach(function(key) {
34 if (sessions[key].isFromRails)
37 window.localStorage.setItem('sessions', JSON.stringify(sessions))
40 var sessions = db.loadAll()
42 window.localStorage.setItem('sessions', JSON.stringify(sessions))
44 login: function(host) {
45 // Initiate login procedure with given API host (which can
46 // optionally include scheme://).
48 // Any page that has a button that invokes login() must
49 // also call checkForNewToken() on (at least) its first
50 // render. Otherwise, the login procedure can't be
53 if (baseURL.indexOf('://') < 0)
54 baseURL = 'https://' + baseURL
55 if (!baseURL.endsWith('/'))
56 baseURL = baseURL + '/'
57 document.location = baseURL + 'login?return_to=' + encodeURIComponent(document.location.href.replace(/\?.*/, '')+'?baseURL='+encodeURIComponent(baseURL))
61 // Forget the token, but leave the other info in the db so
62 // the user can log in again without providing the login
64 var sessions = db.loadAll()
65 delete sessions[k].token
66 db.save(k, sessions[k])
68 checkForNewToken: function() {
69 // If there's a token and baseURL in the location bar (i.e.,
70 // we just landed here after a successful login), save it and
71 // scrub the location bar.
72 if (!document.location.search.startsWith('?'))
75 document.location.search.slice(1).split('&').map(function(kv) {
76 var e = kv.indexOf('=')
79 params[decodeURIComponent(kv.slice(0, e))] = decodeURIComponent(kv.slice(e+1))
81 if (!params.baseURL || !params.api_token)
82 // Have a query string, but it's not a login callback.
84 params.token = params.api_token
85 delete params.api_token
86 db.save(params.baseURL, params)
87 history.replaceState({}, '', document.location.origin + document.location.pathname)
89 fillMissingUUIDs: function() {
90 var sessions = db.loadAll()
91 Object.keys(sessions).map(function(key) {
92 if (key.indexOf('://') < 0)
94 // key is the baseURL placeholder. We need to get our user
95 // record to find out the cluster's real uuid prefix.
96 var session = sessions[key]
97 m.request(session.baseURL+'arvados/v1/users/current', {
99 authorization: 'OAuth2 '+session.token,
101 }).then(function(user) {
103 db.save(user.uuid.slice(0, 5), session)
108 request: function(session, path, opts) {
110 opts.headers = opts.headers || {}
111 opts.headers.authorization = 'OAuth2 '+ session.token
112 return m.request(session.baseURL + path, opts)