Update token generation (#1372)

- Permit only decode token to get map details,
 - If user have token expired, set the token to null and reload the page. This feature will be updated when authentication stategy will be finished.

Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
This commit is contained in:
grégoire parant 2021-08-15 22:51:06 +02:00 committed by GitHub
parent 02a21209ec
commit 8d57886bae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 31 additions and 9 deletions

View File

@ -29,11 +29,24 @@ class ConnectionManager {
}); });
} }
public loadOpenIDScreen() { /**
localUserStore.setAuthToken(null); * @return Promise<void>
*/
public loadOpenIDScreen(): Promise<void> {
const state = localUserStore.generateState(); const state = localUserStore.generateState();
const nonce = localUserStore.generateNonce(); const nonce = localUserStore.generateNonce();
localUserStore.setAuthToken(null);
//TODO refactor this and don't realise previous call
return Axios.get(`http://${PUSHER_URL}/login-screen?state=${state}&nonce=${nonce}`)
.then(() => {
window.location.assign(`http://${PUSHER_URL}/login-screen?state=${state}&nonce=${nonce}`); window.location.assign(`http://${PUSHER_URL}/login-screen?state=${state}&nonce=${nonce}`);
})
.catch((err) => {
console.error(err, "We don't have URL to regenerate authentication user");
//TODO show modal login
window.location.reload();
});
} }
public logout() { public logout() {

View File

@ -174,7 +174,7 @@ export class IoSocketController {
} }
const tokenData = const tokenData =
token && typeof token === "string" ? jwtTokenManager.decodeJWTToken(token) : null; token && typeof token === "string" ? jwtTokenManager.verifyJWTToken(token) : null;
const userIdentifier = tokenData ? tokenData.identifier : ""; const userIdentifier = tokenData ? tokenData.identifier : "";
let memberTags: string[] = []; let memberTags: string[] = [];

View File

@ -6,7 +6,8 @@ import { ADMIN_API_URL } from "../Enum/EnvironmentVariable";
import { GameRoomPolicyTypes } from "../Model/PusherRoom"; import { GameRoomPolicyTypes } from "../Model/PusherRoom";
import { MapDetailsData } from "../Services/AdminApi/MapDetailsData"; import { MapDetailsData } from "../Services/AdminApi/MapDetailsData";
import { socketManager } from "../Services/SocketManager"; import { socketManager } from "../Services/SocketManager";
import { jwtTokenManager } from "../Services/JWTTokenManager"; import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
import { v4 } from "uuid";
export class MapController extends BaseController { export class MapController extends BaseController {
constructor(private App: TemplatedApp) { constructor(private App: TemplatedApp) {
@ -71,8 +72,16 @@ export class MapController extends BaseController {
try { try {
let userId: string | undefined = undefined; let userId: string | undefined = undefined;
if (query.authToken != undefined) { if (query.authToken != undefined) {
const authTokenData = jwtTokenManager.decodeJWTToken(query.authToken as string); let authTokenData: AuthTokenData;
try {
authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string);
userId = authTokenData.identifier; userId = authTokenData.identifier;
} catch (e) {
// Decode token, in this case we don't need to create new token.
authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string, true);
userId = authTokenData.identifier;
console.info("JWT expire, but decoded", userId);
}
} }
const mapDetails = await adminApi.fetchMapDetails(query.playUri as string, userId); const mapDetails = await adminApi.fetchMapDetails(query.playUri as string, userId);

View File

@ -15,9 +15,9 @@ class JWTTokenManager {
return Jwt.sign({ identifier }, SECRET_KEY, { expiresIn: "200d" }); return Jwt.sign({ identifier }, SECRET_KEY, { expiresIn: "200d" });
} }
public decodeJWTToken(token: string): AuthTokenData { public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {
try { try {
return Jwt.verify(token, SECRET_KEY, { ignoreExpiration: false }) as AuthTokenData; return Jwt.verify(token, SECRET_KEY, { ignoreExpiration }) as AuthTokenData;
} catch (e) { } catch (e) {
throw { reason: tokenInvalidException, message: e.message }; throw { reason: tokenInvalidException, message: e.message };
} }