X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=client%2Fsrc%2Fstore.js;h=0234807f4c17edd815b0a2f1a1dc88c1d6e50b8d;hb=5ea8d11307ef9e50bdd0b93708570976f3f6012e;hp=1cfb7c5a2ba3934efae21113a47c2a98ae49a07a;hpb=80ee5d5a70f17f78900a8a3ae2d803ed1f2f14c9;p=vchess.git

diff --git a/client/src/store.js b/client/src/store.js
index 1cfb7c5a..0234807f 100644
--- a/client/src/store.js
+++ b/client/src/store.js
@@ -22,6 +22,7 @@ export const store =
       mysid = getRandString();
       localStorage["mysid"] = mysid; //done only once (unless user clear browser data)
     }
+    // Quick user setup using local storage:
     this.state.user = {
       id: localStorage["myid"] || 0,
       name: localStorage["myname"] || "", //"" for "anonymous"
@@ -29,13 +30,14 @@ export const store =
       notify: false, //email notifications
       sid: mysid,
     };
-    if (this.state.user.id > 0)
-    {
-      ajax("/whoami", "GET", res => {
-        this.state.user.email = res.email;
-        this.state.user.notify = res.notify;
-      });
-    }
+    // Slow verification through the server:
+    // NOTE: still superficial identity usurpation possible, but difficult.
+    ajax("/whoami", "GET", res => {
+      this.state.user.id = res.id;
+      this.state.user.name = res.name;
+      this.state.user.email = res.email;
+      this.state.user.notify = res.notify;
+    });
     this.state.conn = new WebSocket(params.socketUrl + "/?sid=" + mysid +
       "&page=" + encodeURIComponent(page));
     // Settings initialized with values from localStorage
@@ -55,9 +57,9 @@ export const store =
     this.state.conn.onclose = this.socketCloseListener;
     const supportedLangs = ["en","es","fr"];
     this.state.lang = localStorage["lang"] ||
-      supportedLangs.includes(navigator.language)
+      (supportedLangs.includes(navigator.language)
         ? navigator.language
-        : "en";
+        : "en");
     this.setTranslations();
   },
   setTranslations: async function() {