Commit 0ab0ca33 authored by Matija Obreza's avatar Matija Obreza
Browse files

Fix: SSR cookie token check and cookie handling

parent 5be68d88
import {loginAppRequest} from 'actions/login';
import {checkTokenRequest} from 'user/actions/public';
import { loginAppRequest } from 'actions/login';
import { checkTokenRequest, loginUser } from 'user/actions/public';
function checkAuthTokenRequest(req, dispatch) {
const token = req.cookies.access_token;
if (token) {
console.log('Checking cookie token', token);
return dispatch(checkTokenRequest(token))
.then((checkedToken) => {
console.log(`User token ${token} is valid, response`, checkedToken);
return dispatch(loginUser(checkedToken));
})
.catch(() => {
console.log('Server: check failed dispatching loginAppRequest');
return dispatch(loginAppRequest());
});
} else {
console.log('Server: No token, dispatching loginAppRequest');
console.log('Server: No token in cookie, dispatching loginAppRequest');
return dispatch(loginAppRequest());
}
}
......@@ -19,12 +24,17 @@ export default function checkAuthToken(req, res, dispatch) {
console.log('Init checkAuthToken method');
return checkAuthTokenRequest(req, dispatch)
.then((data) => {
res.cookie('access_token', data.access_token, { path: '/' });
console.log(`Setting cookie to expire in ${data.exp}ms from`, data);
res.cookie('access_token', data.access_token, { path: '/', maxAge: data.exp });
if (data.authorities) {
res.cookie('authorities', JSON.stringify(data.authorities), { path: '/' });
res.cookie('authorities', JSON.stringify(data.authorities), { path: '/', maxAge: data.exp });
} else {
res.clearCookie('authorities');
res.clearCookie('authorities');
}
return data;
});
}).catch((x) => {
console.log('Failed checkAuthToken, clearing cookies', x);
res.clearCookie('access_token');
res.clearCookie('authorities');
});
}
......@@ -120,6 +120,7 @@ const prerenderer = (html, errHtml) => (req, res) => {
// res.status(500).set('Content-Type', 'text/html').send(errFilledHtml);
})
.then(() => {
console.log('Fetched all component data');
return renderView();
}).then((html) => {
const serverRenderTime = `${Date.now() - startTime}ms`;
......
......@@ -13,7 +13,7 @@ export function checkAccessTokens(dispatch) {
const applicationLogin = () =>
LoginService.loginApp()
.then((data) => {
saveCookies({access_token: data.access_token, authorities: [ROLE_CLIENT]});
saveCookies({access_token: data.access_token, authorities: [ROLE_CLIENT]}, data.exp);
dispatch(loginApp(data));
})
.catch((error) => {
......
......@@ -125,7 +125,7 @@ class Header extends React.Component<IHeaderProps | any, any> {
this.props.logoutRequest()
.then(() => this.props.loginAppRequest())
.then((data) => {
saveCookies({access_token: data.access_token, authorities: [ROLE_CLIENT]});
saveCookies({access_token: data.access_token, authorities: [ROLE_CLIENT]}, data.exp);
this.props.history.push('/login');
});
}
......
......@@ -38,7 +38,7 @@ export const loginRequest = (username, password) => (dispatch) => {
return LoginService.login(username, password)
.then((data) => {
saveCookies(data);
saveCookies(data, data.exp);
return dispatch(loginUser(data));
});
};
......@@ -66,7 +66,7 @@ export const verifyGoogleTokenRequest = (accessToken) => (dispatch, getState) =>
return LoginService.verifyGoogleToken(token, accessToken)
.then((data) => {
saveCookies(data);
saveCookies(data, data.exp);
return dispatch(loginApp(data));
});
};
......
......@@ -35,7 +35,7 @@ class LoginContainer extends React.Component<ILoginContainerProps, void> {
return checkTokenRequest(access_token);
})
.then((data) => {
saveCookies(data);
saveCookies(data, data.exp);
history.push('/dashboard');
return false;
}).catch((e) => {
......@@ -55,7 +55,7 @@ class LoginContainer extends React.Component<ILoginContainerProps, void> {
return checkTokenRequest(access_token);
})
.then((data) => {
saveCookies(data);
saveCookies(data, data.exp);
history.push('/dashboard');
return false;
}).catch((e) => {
......
......@@ -96,10 +96,10 @@ export function cleanFilters(filter, keysToSkip?): string {
return result;
}
export function saveCookies(resp) {
log('Saving cookies');
cookies.set('access_token', resp.access_token, { path: '/' });
cookies.set('authorities', JSON.stringify(resp.authorities), { path: '/' });
export function saveCookies(resp, exp: number) {
log(`Saving cookies to expire after ${exp}ms`);
cookies.set('access_token', resp.access_token, { path: '/', expires: new Date(new Date().getTime() + exp) });
cookies.set('authorities', JSON.stringify(resp.authorities), { path: '/', expires: new Date(new Date().getTime() + exp) });
}
export function clearCookies() {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment