mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-05 00:27:25 +00:00
remove /admin/me call, which is no longer available, and use the new api_credentials Object, which used to be a String.
add X-Requested-With header to requests so 401's are not returned by daemon.py.
This commit is contained in:
downtownallday
parent
9ea03e18c9
commit
763cdfcd7e
@ -29,22 +29,20 @@ const app = {
|
|||||||
},
|
},
|
||||||
|
|
||||||
data: {
|
data: {
|
||||||
me: null,
|
|
||||||
},
|
},
|
||||||
|
|
||||||
mounted: function() {
|
mounted: function() {
|
||||||
this.getMe();
|
this.ensure_authenticated();
|
||||||
},
|
},
|
||||||
|
|
||||||
methods: {
|
methods: {
|
||||||
getMe: function() {
|
ensure_authenticated: function() {
|
||||||
axios.get('me').then(response => {
|
axios.get('reports/uidata/user-list')
|
||||||
this.me = new Me(response.data);
|
.catch(error => {
|
||||||
}).catch(error => {
|
this.handleError(error);
|
||||||
this.handleError(error);
|
});
|
||||||
});
|
|
||||||
},
|
},
|
||||||
|
|
||||||
handleError: function(error) {
|
handleError: function(error) {
|
||||||
if (error instanceof AuthenticationError) {
|
if (error instanceof AuthenticationError) {
|
||||||
console.log(error);
|
console.log(error);
|
||||||
|
|||||||
@ -2,17 +2,60 @@ import { AuthenticationError } from './exceptions.js';
|
|||||||
|
|
||||||
|
|
||||||
export class Me {
|
export class Me {
|
||||||
/* construct with return value from GET /me */
|
/*
|
||||||
|
* construct with return value from GET /admin/login or undefined
|
||||||
|
* if already logged in
|
||||||
|
*/
|
||||||
constructor(me) {
|
constructor(me) {
|
||||||
Object.assign(this, me);
|
if (me) {
|
||||||
|
Object.assign(this, me);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
var cred = Me.get_api_credentials();
|
||||||
|
if (cred) {
|
||||||
|
this.user_id = cred.username;
|
||||||
|
this.user_email = cred.username;
|
||||||
|
this.session_key = cred.session_key;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
is_authenticated() {
|
is_authenticated() {
|
||||||
return this.api_key || this.user_id;
|
return true && this.user_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
get_email() {
|
get_email() {
|
||||||
return this.user_email || this.user_id;
|
return this.user_email;
|
||||||
|
}
|
||||||
|
|
||||||
|
get_user_id() {
|
||||||
|
return this.user_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
get_authorization() {
|
||||||
|
if (! this.user_id || ! this.session_key) return null;
|
||||||
|
return 'Basic ' + window.btoa(this.user_id + ':' + this.session_key);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* get api credentials from session storage
|
||||||
|
*
|
||||||
|
* returns: {
|
||||||
|
* username: String,
|
||||||
|
* session_key: String
|
||||||
|
* }
|
||||||
|
*
|
||||||
|
* or null, if no credentials are in session storage
|
||||||
|
*/
|
||||||
|
static get_api_credentials() {
|
||||||
|
var cred = null;
|
||||||
|
// code is from templates/index.html for "recall saved user
|
||||||
|
// credentials"
|
||||||
|
if (typeof sessionStorage != 'undefined' && sessionStorage.getItem("miab-cp-credentials"))
|
||||||
|
cred = JSON.parse(sessionStorage.getItem("miab-cp-credentials"));
|
||||||
|
else if (typeof localStorage != 'undefined' && localStorage.getItem("miab-cp-credentials"))
|
||||||
|
cred = JSON.parse(localStorage.getItem("miab-cp-credentials"));
|
||||||
|
return cred;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -25,18 +68,15 @@ export function init_authentication_interceptors() {
|
|||||||
|
|
||||||
// requests: attach non-session based auth (admin panel)
|
// requests: attach non-session based auth (admin panel)
|
||||||
axios.interceptors.request.use(request => {
|
axios.interceptors.request.use(request => {
|
||||||
var api_credentials = null;
|
var me = new Me();
|
||||||
// code from templates/index.html for "recall saved user
|
var auth = me.get_authorization();
|
||||||
// credentials" (but, without the split(':'))
|
if (auth && request.headers.authorization === undefined) {
|
||||||
if (typeof sessionStorage != 'undefined' && sessionStorage.getItem("miab-cp-credentials"))
|
request.headers.authorization = auth;
|
||||||
api_credentials = sessionStorage.getItem("miab-cp-credentials");
|
|
||||||
else if (typeof localStorage != 'undefined' && localStorage.getItem("miab-cp-credentials"))
|
|
||||||
api_credentials = localStorage.getItem("miab-cp-credentials");
|
|
||||||
// end
|
|
||||||
|
|
||||||
if (api_credentials) {
|
|
||||||
request.headers.authorization = 'Basic ' + window.btoa(api_credentials);
|
|
||||||
}
|
}
|
||||||
|
// prevent daemon.py's @authorized_personnel_only from sending
|
||||||
|
// 401 responses, which cause the browser to pop up a
|
||||||
|
// credentials dialog box
|
||||||
|
request.headers['X-Requested-With'] = 'XMLHttpRequest';
|
||||||
return request;
|
return request;
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -56,9 +96,10 @@ export function init_authentication_interceptors() {
|
|||||||
url = response.config.baseURL + sep + url;
|
url = response.config.baseURL + sep + url;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (url == '/admin/me')
|
if (url == '/admin/login')
|
||||||
{
|
{
|
||||||
// non-session/admin login
|
// non-flask-session/admin login, which always
|
||||||
|
// returns 200, even for failed logins
|
||||||
throw new AuthenticationError(
|
throw new AuthenticationError(
|
||||||
null,
|
null,
|
||||||
'not authenticated',
|
'not authenticated',
|
||||||
@ -78,7 +119,7 @@ export function init_authentication_interceptors() {
|
|||||||
if (error.response.status == 403 &&
|
if (error.response.status == 403 &&
|
||||||
error.response.data == 'login_required')
|
error.response.data == 'login_required')
|
||||||
{
|
{
|
||||||
// session login
|
// flask session login
|
||||||
throw new AuthenticationError(error, auth_required_msg);
|
throw new AuthenticationError(error, auth_required_msg);
|
||||||
}
|
}
|
||||||
else if ((error.response.status == 403 ||
|
else if ((error.response.status == 403 ||
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user