X-Git-Url: https://git.auder.net/?p=vchess.git;a=blobdiff_plain;f=client%2Fsrc%2Fstore.js;h=0234807f4c17edd815b0a2f1a1dc88c1d6e50b8d;hp=94dcb0656dd544aac5466794ff62338a92a51645;hb=5ea8d11307ef9e50bdd0b93708570976f3f6012e;hpb=82664d41f42b33206052c7c135c51f58a72ac489

diff --git a/client/src/store.js b/client/src/store.js
index 94dcb065..0234807f 100644
--- a/client/src/store.js
+++ b/client/src/store.js
@@ -22,6 +22,7 @@ export const store =
       mysid = getRandString();
       localStorage["mysid"] = mysid; //done only once (unless user clear browser data)
     }
+    // Quick user setup using local storage:
     this.state.user = {
       id: localStorage["myid"] || 0,
       name: localStorage["myname"] || "", //"" for "anonymous"
@@ -29,13 +30,14 @@ export const store =
       notify: false, //email notifications
       sid: mysid,
     };
-    if (this.state.user.id > 0)
-    {
-      ajax("/whoami", "GET", res => {
-        this.state.user.email = res.email;
-        this.state.user.notify = res.notify;
-      });
-    }
+    // Slow verification through the server:
+    // NOTE: still superficial identity usurpation possible, but difficult.
+    ajax("/whoami", "GET", res => {
+      this.state.user.id = res.id;
+      this.state.user.name = res.name;
+      this.state.user.email = res.email;
+      this.state.user.notify = res.notify;
+    });
     this.state.conn = new WebSocket(params.socketUrl + "/?sid=" + mysid +
       "&page=" + encodeURIComponent(page));
     // Settings initialized with values from localStorage