projects
/
vchess.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a7f9f05
)
Fix authentication
author
Benjamin Auder
<benjamin.auder@somewhere>
Tue, 26 Mar 2019 15:46:02 +0000
(16:46 +0100)
committer
Benjamin Auder
<benjamin.auder@somewhere>
Tue, 26 Mar 2019 15:46:02 +0000
(16:46 +0100)
client/src/components/UpsertUser.vue
patch
|
blob
|
blame
|
history
client/src/router.js
patch
|
blob
|
blame
|
history
client/src/utils/ajax.js
patch
|
blob
|
blame
|
history
server/routes/all.js
patch
|
blob
|
blame
|
history
server/routes/users.js
patch
|
blob
|
blame
|
history
diff --git
a/client/src/components/UpsertUser.vue
b/client/src/components/UpsertUser.vue
index
46f3bfe
..
8d0b736
100644
(file)
--- a/
client/src/components/UpsertUser.vue
+++ b/
client/src/components/UpsertUser.vue
@@
-26,7
+26,7
@@
div
i.material-icons send
button(v-if="stage!='Update'" @click="toggleStage()")
span {{ stage=="Login" ? "Register" : "Login" }}
i.material-icons send
button(v-if="stage!='Update'" @click="toggleStage()")
span {{ stage=="Login" ? "Register" : "Login" }}
- button(v-else
onClick="location.replace('/logout'
)")
+ button(v-else
@click="doLogout(
)")
span Logout
#dialog(:style="{display: displayInfo}") {{ infoMsg }}
</template>
span Logout
#dialog(:style="{display: displayInfo}") {{ infoMsg }}
</template>
@@
-39,9
+39,9
@@
export default {
name: 'my-upsert-user',
data: function() {
return {
name: 'my-upsert-user',
data: function() {
return {
- user:
Object.assign({}, store.state.user)
,
+ user:
store.state.user
,
nameOrEmail: "", //for login
nameOrEmail: "", //for login
- stage: (store.state.user.id > 0 ? "Update" : "Login"), //TODO?
+ logStage: "Login", //or Register
infoMsg: "",
enterTime: Number.MAX_SAFE_INTEGER, //for a basic anti-bot strategy
};
infoMsg: "",
enterTime: Number.MAX_SAFE_INTEGER, //for a basic anti-bot strategy
};
@@
-61,6
+61,9
@@
export default {
displayInfo: function() {
return (this.infoMsg.length > 0 ? "block" : "none");
},
displayInfo: function() {
return (this.infoMsg.length > 0 ? "block" : "none");
},
+ stage: function() {
+ return this.user.id > 0 ? "Update" : this.logStage;
+ },
},
methods: {
trySetEnterTime: function(event) {
},
methods: {
trySetEnterTime: function(event) {
@@
-69,7
+72,7
@@
export default {
},
toggleStage: function() {
// Loop login <--> register (update is for logged-in users)
},
toggleStage: function() {
// Loop login <--> register (update is for logged-in users)
- this.
stage = (this.s
tage == "Login" ? "Register" : "Login");
+ this.
logStage = (this.logS
tage == "Login" ? "Register" : "Login");
},
ajaxUrl: function() {
switch (this.stage)
},
ajaxUrl: function() {
switch (this.stage)
@@
-137,6
+140,18
@@
export default {
}
);
},
}
);
},
+ doLogout: function() {
+ ajax(
+ "/logout",
+ "GET",
+ () => {
+ this.user.id = 0;
+ this.user.name = "";
+ this.user.email = "";
+ this.user.notify = false;
+ }
+ );
+ },
},
};
</script>
},
};
</script>
diff --git
a/client/src/router.js
b/client/src/router.js
index
89bdf73
..
0f03849
100644
(file)
--- a/
client/src/router.js
+++ b/
client/src/router.js
@@
-32,13
+32,11
@@
export default new Router({
path: "/authenticate/:token",
name: "authenticate",
beforeEnter: (to, from, next) => {
path: "/authenticate/:token",
name: "authenticate",
beforeEnter: (to, from, next) => {
- console.log("ajax call authenticate");
ajax(
"/authenticate",
"GET",
{token: to.params["token"]},
(res) => {
ajax(
"/authenticate",
"GET",
{token: to.params["token"]},
(res) => {
- console.log(res);
store.state.user.id = res.id;
store.state.user.name = res.name;
store.state.user.email = res.email;
store.state.user.id = res.id;
store.state.user.name = res.name;
store.state.user.email = res.email;
@@
-48,25
+46,8
@@
export default new Router({
}
);
},
}
);
},
- redirect: "/",
- },
- {
- path: "/logout",
- name: "logout",
- beforeEnter: (to, from, next) => {
- ajax(
- "/logout",
- "GET",
- () => {
- store.state.user.id = 0;
- store.state.user.name = "";
- store.state.user.email = "";
- store.state.user.notify = false;
- next();
- }
- );
- },
- redirect: "/",
+ component: Hall,
+ //redirect: "/", //problem: redirection before end of AJAX request
},
// {
// path: "/about",
},
// {
// path: "/about",
diff --git
a/client/src/utils/ajax.js
b/client/src/utils/ajax.js
index
0a50a10
..
1d181fa
100644
(file)
--- a/
client/src/utils/ajax.js
+++ b/
client/src/utils/ajax.js
@@
-47,9
+47,8
@@
export function ajax(url, method, data, success, error)
}
xhr.open(method, params.serverUrl + url, true);
xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
}
xhr.open(method, params.serverUrl + url, true);
xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
- // Next line because logout and authenticate set (cross-domain in dev mode) cookies
- if (url.startsWith("/authenticate") || url.startsWith("/logout"))
- xhr.withCredentials = true;
+ // Next line to allow cross-domain cookies in dev mode (TODO: if...)
+ xhr.withCredentials = true;
if (["POST","PUT"].includes(method))
{
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
if (["POST","PUT"].includes(method))
{
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
diff --git
a/server/routes/all.js
b/server/routes/all.js
index
982f2a4
..
45eb21b
100644
(file)
--- a/
server/routes/all.js
+++ b/
server/routes/all.js
@@
-1,4
+1,10
@@
var router = require("express").Router();
var router = require("express").Router();
+var access = require("../utils/access");
+
+// To avoid a weird preflight AJAX request error in dev mode...
+router.get("/", access.ajax, (req,res) => {
+ res.json({});
+});
router.use("/", require("./challenges"));
//router.use("/", require("./games"));
router.use("/", require("./challenges"));
//router.use("/", require("./games"));
diff --git
a/server/routes/users.js
b/server/routes/users.js
index
4b142d7
..
d633d81
100644
(file)
--- a/
server/routes/users.js
+++ b/
server/routes/users.js
@@
-17,7
+17,6
@@
router.get("/whoami", access.ajax, (req,res) => {
});
};
const anonymous = {name:"", email:"", id:0, notify:false};
});
};
const anonymous = {name:"", email:"", id:0, notify:false};
- console.log(req.cookies); //TODO: cookie not found after authenticate ?
if (!req.cookies.token)
return callback(anonymous);
UserModel.getOne("sessionToken", req.cookies.token, function(err, user) {
if (!req.cookies.token)
return callback(anonymous);
UserModel.getOne("sessionToken", req.cookies.token, function(err, user) {
@@
-42,9
+41,7
@@
function setAndSendLoginToken(subject, to, res)
params.siteURL + "/#/authenticate/" + token + "\\n" +
"Token will expire in " + params.token.expire/(1000*60) + " minutes."
sendEmail(params.mail.noreply, to.email, subject, body, err => {
params.siteURL + "/#/authenticate/" + token + "\\n" +
"Token will expire in " + params.token.expire/(1000*60) + " minutes."
sendEmail(params.mail.noreply, to.email, subject, body, err => {
- // "id" is generally the only info missing on client side,
- // but the name is also unknown if log-in with the email.
- res.json(err || {id: to.id, name: to.name});
+ res.json(err || {});
});
});
}
});
});
}