diff --git a/src/_helpers/router.js b/src/_helpers/router.js index 451ef8a..a71685c 100644 --- a/src/_helpers/router.js +++ b/src/_helpers/router.js @@ -108,7 +108,7 @@ export const router = new Router({ { path: '/login', component: LoginPage }, { path: '/logout', component: LogoutPage }, { path: '/forgotPassword', component: ForgotPasswordPage }, - { path: '/applogin', component: AppLoginPage }, + { path: '/appLogin', component: AppLoginPage }, { path: '/admin/accounts', component: AccountsPage }, { path: '/admin/new_account', component: ProfilePage }, @@ -125,8 +125,14 @@ export const router = new Router({ ] }); +const publicPages = [ + '/login', '/logout', '/register', '/appLogin', + '/forgotPassword', '/resetPassword', + '/action', '/auth', + '/activate', '/legal' +]; + router.beforeEach((to, from, next) => { - const publicPages = ['/login', '/logout', '/forgotPassword', '/resetPassword', '/register', '/action', '/auth', '/activate', '/legal']; const authRequired = !publicPages.includes(to.path) && publicPages.filter(p => to.path.startsWith(p)).length === 0; const user = util.currentUser(); diff --git a/src/_helpers/util.js b/src/_helpers/util.js index d2cc08e..1bc5dad 100644 --- a/src/_helpers/util.js +++ b/src/_helpers/util.js @@ -30,8 +30,11 @@ export const util = { logout: function() { return localStorage.clear(); }, - authHeader: function() { - // return authorization header with jwt token + authHeader: function(session) { + if (typeof session !== 'undefined' && session !== null && session.length && session.length >= 10) { + return { 'X-Bubble-Session': session }; + } + let user = util.currentUser(); if (user && user.token) { @@ -41,10 +44,10 @@ export const util = { } }, - getWithAuth: function() { + getWithAuth: function(session) { return { method: 'GET', - headers: util.authHeader() + headers: util.authHeader(session) }; }, @@ -135,7 +138,6 @@ export const util = { if (response.status === 401) { console.log('handleCrudResponse: unauthenticated request: ' + JSON.stringify(data)); util.logout(); - vue.$route.replace('/login'); } else if (response.status === 404) { // todo: show nicer error message diff --git a/src/_services/user.service.js b/src/_services/user.service.js index ec14dc7..0b198d0 100644 --- a/src/_services/user.service.js +++ b/src/_services/user.service.js @@ -84,8 +84,8 @@ function searchAccounts(query, messages, errors) { return fetch(`${config.apiUrl}/search/account`, util.postWithAuth(query)).then(util.handleCrudResponse(messages, errors)); } -function getMe(messages, errors) { - return fetch(`${config.apiUrl}/me`, util.getWithAuth()).then( +function getMe(messages, errors, session) { + return fetch(`${config.apiUrl}/me`, util.getWithAuth(session)).then( response => { if (!response.ok && response.status === 404) util.logout(); return response; diff --git a/src/_store/account.module.js b/src/_store/account.module.js index ff6d134..d3898a7 100644 --- a/src/_store/account.module.js +++ b/src/_store/account.module.js @@ -38,14 +38,14 @@ const actions = { refreshUser({ commit }) { commit('refreshUser', JSON.parse(localStorage.getItem(util.USER_KEY))); }, - checkSession({ commit }, { messages, errors }) { + checkSession({ commit }, { messages, errors, session, uri }) { commit('checkSessionRequest'); - userService.getMe(messages, errors) + userService.getMe(messages, errors, session) .then( - user => commit('checkSessionSuccess', user), + user => commit('checkSessionSuccess', {user, uri}), error => { commit('checkSessionFailure', error); - if (error ==== 'Unauthorized' || error === 'Not Found' || error === 'Forbidden' ) { + if (error === 'Unauthorized' || error === 'Not Found' || error === 'Forbidden' ) { userService.logout(messages, errors).then( ok => router.replace('/login'), error => router.replace('/login') @@ -202,17 +202,20 @@ const mutations = { state.user = user; }, checkSessionRequest(state) {}, - checkSessionSuccess(state, user) { + checkSessionSuccess(state, {user, uri}) { + let hasUri = typeof uri !== 'undefined' && uri != null; if (user.token) { - if (util.currentUser() === null) { + if (util.currentUser() === null && !hasUri) { // we must have logged out while this request was in flight... do nothing state.user = null; } else { localStorage.setItem(util.USER_KEY, JSON.stringify(user)); + state.status = Object.assign({}, state.status, {loggingIn: false, loggedIn: true}); state.user = user; } } state.locale = (typeof user.locale !== 'undefined' && user.locale !== null ? user.locale : state.locale); + if (hasUri && user.token) router.replace(uri); }, checkSessionFailure(state, error) { state.user = null; diff --git a/src/auth/AppLoginPage.vue b/src/auth/AppLoginPage.vue index 450dc01..747ab1b 100644 --- a/src/auth/AppLoginPage.vue +++ b/src/auth/AppLoginPage.vue @@ -24,7 +24,6 @@ let session = this.$route.query.session; let uri = this.$route.query.uri; - if (!this.$route.query.hasOwnProperty('session') || typeof session === 'undefined' || session === null) { console.warn('AppLoginPage.created: session parameter is empty, sending to login page'); if (util.userLoggedIn()) { @@ -34,7 +33,7 @@ return; } - if (typeof uri !== 'undefined' && uri !== null && uri.length > 0 && uri[0] !== '/') { + if (typeof uri === 'undefined' || uri === null || (uri.length > 0 && uri[0] !== '/')) { console.warn('AppLoginPage.created: uri parameter is not empty, sending to login page'); this.$router.replace('/login'); return; @@ -48,11 +47,8 @@ if (uri.startsWith('/appLogin')) { uri = '/'; } - user.token = session; localStorage.setItem(util.USER_KEY, JSON.stringify(user)); - this.checkSession({messages: this.messages, errors: this.errors}); - this.$router.push({path: uri}); - return; + this.checkSession({messages: this.messages, errors: this.errors, session: session, uri: uri}); }, methods: { ...mapActions('account', ['login', 'logout', 'checkSession']),