Commit 37f14d79 authored by Piotr Gawron's avatar Piotr Gawron
Browse files

session id is not visible from client side therefore before any query is made...

session id is not visible from client side therefore before any query is made we need to make sure that token will be obtained with valid token
parent a7bea901
......@@ -17,6 +17,7 @@ var Comment = require('./map/data/Comment');
var Configuration = require('./Configuration');
var Drug = require('./map/data/Drug');
var ConfigurationType = require('./ConfigurationType');
var Functions = require('./Functions');
var IdentifiedElement = require('./map/data/IdentifiedElement');
var InvalidCredentialsError = require('./InvalidCredentialsError');
var LayoutAlias = require('./map/data/LayoutAlias');
......@@ -129,6 +130,20 @@ ServerConnector.sendGetRequest = function (url, description) {
});
};
function isSessionExpiredError(error) {
if (error instanceof NetworkError) {
if (error.statusCode === HttpStatus.FORBIDDEN) {
if (error.content.indexOf('"reason":"Invalid token"') >= 0) {
return true;
}
if (error.content.indexOf('"reason":"Missing cookie') >= 0) {
return true;
}
}
}
return false;
}
ServerConnector.sendRequest = function (params) {
var self = this;
if (arguments.length > 1) {
......@@ -154,17 +169,21 @@ ServerConnector.sendRequest = function (params) {
}).then(function () {
return content;
}, function (error) {
if (error instanceof NetworkError) {
if (error.statusCode === HttpStatus.FORBIDDEN && error.content.indexOf('"reason":"Invalid token"') >= 0) {
self.getSessionData().setToken(undefined);
if (self.getSessionData().getLogin() === "anonymous") {
var promise = Promise.resolve();
if (isSessionExpiredError(error)) {
self.getSessionData().setToken(undefined);
var login = self.getSessionData().getLogin();
promise = self.login().then(function () {
if (login === "anonymous" || login === undefined) {
window.location.reload(false);
} else {
window.location.href = ServerConnector.getServerBaseUrl() + "login.xhtml?from=" + encodeURI(window.location.href);
}
}
});
}
return Promise.reject(error);
return promise.then(function () {
return Promise.reject(error);
});
});
};
......@@ -219,30 +238,6 @@ ServerConnector.sendPatchRequest = function (url, json) {
});
};
ServerConnector.getToken = function () {
var self = this;
var login = self.getSessionData(null).getLogin();
var token = self.getSessionData(null).getToken();
if (token === undefined || login === undefined) {
return self.login();
} else {
// if the project is not initialized then check if we can download data
// using current token
if (self.getSessionData().getProject() === null) {
return self.getConfiguration().then(function () {
return token;
// if there was an error accessing configuration it means our token is
// invalid
}, function () {
return self.login();
});
} else {
return Promise.resolve(token);
}
}
};
ServerConnector.getApiBaseUrl = function () {
return this.getServerBaseUrl() + "/api/";
};
......@@ -1334,11 +1329,12 @@ ServerConnector.getComments = function (params) {
ServerConnector.getSessionData = function (project) {
if (this._sessionData === undefined) {
this._sessionData = new SessionData(project);
this._sessionData = new SessionData(null);
}
if (project !== undefined && this._sessionData.getProject() === null) {
this._sessionData.setProject(project);
}
return this._sessionData;
};
......@@ -1364,6 +1360,14 @@ ServerConnector.getClosestElementsByCoordinates = function (params) {
});
};
ServerConnector.createSession = function () {
var self = this;
return self.getConfiguration().catch(function (error) {
if (isSessionExpiredError(error)) {
return self.login();
}
});
};
ServerConnector.login = function (login, password) {
var self = this;
var params = {};
......
......@@ -159,6 +159,7 @@ SessionData.prototype.setToken = function(token) {
SessionData.prototype.getToken = function() {
var key = SessionObjectType.TOKEN;
var value = Cookies.get(key);
Cookies.set('name', 'value', { expires: 7, path: '' });
return value;
};
......
......@@ -153,12 +153,6 @@ ProjectInfoPanel.prototype._createInfoPanelGui = function () {
type: "a",
href: ServerConnector.getServerBaseUrl() + "/export.xhtml?id=" + projectId,
content: '<i class="fa fa-mail-forward">&nbsp;EXPORT',
onclick: function () {
//TODO session expired hack (it should be done on the export.xhtml web page)
if (ServerConnector.getSessionData().getToken() === undefined) {
exportButton.href = ServerConnector.getServerBaseUrl() + "login.xhtml?from=" + encodeURI(exportButton.href);
}
},
xss: false
});
liElement = Functions.createElement({
......
......@@ -243,7 +243,8 @@ function create(params) {
+ "<img src='resources/images/icons/ajax-loader.gif'/>" + "</div>";
// make sure that we are logged in
return ServerConnector.getToken().then(function () {
// make sure that we are logged in
return ServerConnector.createSession().then(function () {
return ServerConnector.getConfiguration();
}).then(function (configuration) {
params.setConfiguration(configuration);
......@@ -505,9 +506,10 @@ function createLogin(params) {
params = new CustomMapOptions(params);
}
initGlobals(params);
return ServerConnector.getToken().then(function () {
// make sure that we are logged in
return ServerConnector.createSession().then(function () {
return ServerConnector.getConfiguration();
}).then(function (footer) {
}).then(function (configuration) {
var loginDiv = createLoginDiv(params);
params.getElement().appendChild(loginDiv);
return createFooter(params);
......@@ -529,9 +531,7 @@ function createExport(params) {
var result;
// make sure that we are logged in
return ServerConnector.getToken().then(function () {
return ServerConnector.getConfiguration();
}).then(function (configuration) {
return ServerConnector.getConfiguration().then(function (configuration) {
params.setConfiguration(configuration);
return getProject(params);
}).then(function (project) {
......@@ -559,7 +559,7 @@ function createAdmin(params) {
var result;
// make sure that we are logged in
return ServerConnector.getToken().then(function () {
return ServerConnector.createSession().then(function () {
return ServerConnector.getConfiguration();
}).then(function (configuration) {
params.setConfiguration(configuration);
......
......@@ -227,19 +227,6 @@ describe('ServerConnector', function () {
});
});
it('getToken', function () {
ServerConnector.getSessionData(null).setToken(undefined);
var originalFun = ServerConnector.login;
ServerConnector.login = function () {
return Promise.resolve("TOKEN");
};
return ServerConnector.getToken().then(function (token) {
assert.ok(token !== undefined);
}).finally(function () {
ServerConnector.login = originalFun;
});
});
it('getModelDownloadUrl', function () {
return ServerConnector.getModelDownloadUrl({
backgroundOverlayId: "cv14081"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment