- if (this.state.user.id > 0)
- {
- fetch(params.serverUrl + "/whoami", {
- method: "GET",
- credentials: params.cors ? "include" : "omit",
- }).then((res) => {
- this.state.user.email = res.email;
- this.state.user.notify = res.notify;
- });
- }
- this.state.conn = new WebSocket(params.socketUrl + "/?sid=" + this.state.user.sid);
+ // Slow verification through the server:
+ // NOTE: still superficial identity usurpation possible, but difficult.
+ ajax("/whoami", "GET", res => {
+ this.state.user.id = res.id;
+ const storedId = localStorage.getItem("myid");
+ if (res.id > 0 && !storedId)
+ // User cleared localStorage
+ localStorage.setItem("myid", res.id);
+ else if (res.id == 0 && !!storedId)
+ // User cleared cookie
+ localStorage.removeItem("myid");
+ this.state.user.name = res.name;
+ const storedName = localStorage.getItem("myname");
+ if (!!res.name && !storedName)
+ // User cleared localStorage
+ localStorage.setItem("myname", res.name);
+ else if (!res.name && !!storedName)
+ // User cleared cookie
+ localStorage.removeItem("myname");
+ this.state.user.email = res.email;
+ this.state.user.notify = res.notify;
+ });