Fixes from s-pro (#349)

* fix radio and checkbox inputs for document builder flow * fix unnecessary requests for user data on frontend * fix login with metamask * add validation for the user session cookie * fix wrong formatting
ProxeusApp · Sep 13, 2023 · 6e1842a · 6e1842a
1 parent b005d9f
commit 6e1842a
Show file tree

Hide file tree

Showing 6 changed files with 203 additions and 72 deletions.
diff --git a/main/handlers/api/handlers.go b/main/handlers/api/handlers.go
@@ -632,6 +632,14 @@ func LoginHandler(e echo.Context) (err error) {
 	})
 }
 
+// Validates user session cookie
+func ValidateUserSession(e echo.Context) (err error) {
+	c := e.(*www.Context)
+	c.Session(true)
+
+	return c.NoContent(http.StatusOK)
+}
+
 // Returns an object containing
 //
 //	{
@@ -1133,7 +1141,7 @@ func GetProfilePhotoHandler(e echo.Context) error {
 
 	err := userService.GetProfilePhoto(sess, id, c.Response().Writer)
 	if err != nil {
-		return c.NoContent(http.StatusNotFound)
+		return c.NoContent(http.StatusNoContent)
 	}
 	c.Response().Committed = true
 	c.Response().Header().Set("Content-Type", "image/jpeg")

diff --git a/main/handlers/routes.go b/main/handlers/routes.go
@@ -66,6 +66,7 @@ func MainHostedAPI(e *echo.Echo, s *www.Security, version string) {
 		{GET, PUBLIC, "/api/config", api.ConfigHandler(version)},
 
 		// authentication
+		{GET, PUBLIC, "/api/session/validate", api.ValidateUserSession},
 		{GET, PUBLIC, "/api/session/token", api.GetSessionTokenHandler},
 		{DELETE, USER, "/api/session/token", api.DeleteSessionTokenHandler},
 		{GET, PUBLIC, "/api/challenge", api.ChallengeHandler},       // Need session

diff --git a/ui/core/src/baseApp.js b/ui/core/src/baseApp.js
@@ -73,15 +73,13 @@ export default {
         if (this.me.role >= 100) {
           return true
         }
-      } catch (e) {
-      }
+      } catch (e) {}
       try {
         // check public
         if (item.publicByID[0] === 2) {
           return true
         }
-      } catch (e) {
-      }
+      } catch (e) {}
 
       try {
         // check owner
@@ -92,8 +90,7 @@ export default {
           item.grant[this.me.id][0] === 2) {
           return true
         }
-      } catch (e) {
-      }
+      } catch (e) {}
       try {
         // check group
         if (this.me.role !== 0) {
@@ -102,17 +99,15 @@ export default {
             return true
           }
         }
-      } catch (e) {
-      }
+      } catch (e) {}
 
       // check others
       try {
         if (this.me.role >= 1 && item.groupAndOthers.rights[1] === 2) {
           // others have write rights
           return true
         }
-      } catch (e) {
-      }
+      } catch (e) {}
       return false
     },
     handleError (o) {
@@ -152,14 +147,29 @@ export default {
     },
     setSelectedLang (lang) {
       if (lang) {
-        this.$cookie.set('lang', lang, { expires: '1Y' })
+        this.$cookie.set('lang', lang, {
+          expires: '1Y'
+        })
         this.reloadI18n()
       } else {
         this.$cookie.delete('lang')
         this.$i18n.set(this.fallbackLang())
       }
     },
+    checkUserHasSession () {
+      return !!localStorage.getItem('userhassession')
+    },
+    initUserHasSession () {
+      localStorage.setItem('userhassession', true)
+    },
+    deleteUserHasSession () {
+      localStorage.removeItem('userhassession')
+    },
     loadMe (clb) {
+      if (!this.checkUserHasSession()) {
+        return
+      }
+
       axios.get('/api/me').then((response) => {
         this.me = response.data
         this.$root.$emit('me', this.me)
@@ -171,6 +181,7 @@ export default {
           }
         }
       }, (err) => {
+        this.deleteUserHasSession()
         this.handleError(err)
       })
     },
@@ -305,6 +316,9 @@ export default {
         this.handleError(err)
       })
     },
+    async validateSessionCookie () {
+      return axios.get('/api/session/validate')
+    },
     loadMeta (clb) {
       axios.get('/api/i18n/meta').then((response) => {
         this.meta = response.data
@@ -396,14 +410,14 @@ export default {
       get () {
         return this.$root.$children[0]
       },
-      set (a) {
-      }
+      set (a) {}
     }
   },
   created () {
     const tmpLangToPreventFromWarnings = 'en'
     this.$i18n.fallback(tmpLangToPreventFromWarnings)
     this.$i18n.set(tmpLangToPreventFromWarnings)
+    this.validateSessionCookie()
     this.loadMeta()
     this.loadConfig()
     this.loadMe()

diff --git a/ui/core/src/components/user/TopRightProfile.vue b/ui/core/src/components/user/TopRightProfile.vue
@@ -172,6 +172,7 @@ export default {
     },
     logout () {
       axios.post('/api/logout', null).then(response => {
+        this.app.deleteUserHasSession()
         window.location.replace('/')
       }, (err) => {
         this.app.handleError(err)