admin/raven-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Can login now without auth

Browse Source
This commit is contained in:
John Cardinal
2020-06-19 16:55:11 +00:00
parent 527c84a81e
commit c1e688d824
5 changed files with 164 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ayanova/devdocs/todo.txt
View File

@@ -6,10 +6,6 @@ WIFI change 5g channel to 52,56,60 and 2g channel to 8
recheck before doing as it seems to vary, maybe someone else's is auto switching
todo: server error "red box" messages have \r\n characters in them
set html directly instead of just inserting text?
see gzdialog stuff just done for implementing
todo: Auth is directly fetching, re-route through gzapi instead

30
ayanova/src/api/auth.js
View File

@@ -1,30 +0,0 @@
/* Xeslint-disable */
import { processLogin, processLogout } from "./authutil";
export default {
async authenticate(login, password) {
return new Promise(async function doAuth(resolve, reject) {
try {
let loggedInWithKnownPassword =
login == "superuser" && password == "l3tm3in";
let fetchData = await fetch(
window.$gz.api.APIUrl("auth"),
window.$gz.api.fetchPostNoAuthOptions({
login: login,
password: password
})
);
fetchData = await window.$gz.api.status(fetchData);
fetchData = await window.$gz.api.extractBody(fetchData);
await processLogin(fetchData, loggedInWithKnownPassword);
resolve();
} catch (e) {
reject(e);
}
});
},
logout() {
processLogout();
}
};

20
ayanova/src/api/authutil.js
View File

@@ -11,20 +11,15 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
return reject();
}
//is there an error?
if (authResponse.error) {
return reject(authResponse.error);
}
//is token present?
if (!authResponse.data || !authResponse.data.token) {
if (!authResponse || !authResponse.token) {
window.$gz.store.commit(
"logItem",
"auth::processLogin -> response contains no data"
);
return reject();
}
const token = decode(authResponse.data.token);
const token = decode(authResponse.token);
if (!token || !token.iss) {
window.$gz.store.commit(
@@ -52,13 +47,13 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
//Put app relevant items into vuex store so app can use them
window.$gz.store.commit("login", {
apiToken: authResponse.data.token,
apiToken: authResponse.token,
authenticated: true,
userId: Number(token.id),
userName: authResponse.data.name,
roles: authResponse.data.roles,
userType: authResponse.data.usertype,
dlt: authResponse.data.dlt
userName: authResponse.name,
roles: authResponse.roles,
userType: authResponse.usertype,
dlt: authResponse.dlt
});
//log the login
window.$gz.store.commit(
@@ -86,6 +81,7 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
} catch (err) {
reject(err);
}
resolve();
//-------------------------------------------------
});

32
ayanova/src/api/gzapi.js
View File

@@ -452,28 +452,28 @@ export default {
///////////////////////////////////
// POST / PUT DATA TO API SERVER
//
async upsertEx(route, data) {
async upsertEx(route, data, noToken = false) {
try {
let that = this;
//determine if this is a new or existing record
let fetchOptions = undefined;
if (data) {
//data can be blank in a post that triggers an action
if (data.concurrency) {
//has concurrency token, so this is a PUT as it's updating an existing record
fetchOptions = that.fetchPutOptions(data);
} else {
//Does not have a concurrency token so this is a POST as it's posting a new record without a concurrency token
fetchOptions = that.fetchPostOptions(data);
//ensure the route doesn't end in /0 which will happen if it's a new record since the edit forms just send the url here with the ID regardless
if (window.$gz._.endsWith(route, "/0")) {
route = route.slice(0, -2);
}
}
//put?
if (data && data.concurrency) {
fetchOptions = that.fetchPutOptions(data);
} else {
//no data, so this is likely just a trigger post
fetchOptions = that.fetchPostOptions(data);
//post
//ensure the route doesn't end in /0 which will happen if it's a new record
//since the edit forms just send the url here with the ID regardless
if (window.$gz._.endsWith(route, "/0")) {
route = route.slice(0, -2);
}
if (noToken == false) {
fetchOptions = that.fetchPostOptions(data);
} else {
fetchOptions = that.fetchPostNoAuthOptions(data);
}
}
let r = await fetch(that.APIUrl(route), fetchOptions);
that.statusEx(r);
r = await that.extractBodyEx(r);

213
ayanova/src/views/login.vue
View File

@@ -85,6 +85,7 @@
<script>
/* xeslint-disable */
import auth from "../api/auth";
import { processLogin, processLogout } from "../api/authutil";
export default {
data() {
@@ -269,84 +270,149 @@ export default {
//move focus to password
document.getElementsByName("password")[0].focus();
},
login() {
async login() {
let vm = this;
if (vm.input.username != "" && vm.input.password != "") {
vm.errorBadCreds = false;
auth
.authenticate(vm.input.username, vm.input.password)
.then(() => {
/*public enum LicenseStatus
{
NONE = 0,//fast track
ActiveTrial = 1,//slow track
ExpiredTrial = 2,//fast track
ActivePurchased = 3,//slow track
ExpiredPurchased = 4,//fast track
Revoked = 5//slow track
} */
//check if support and updates has expired and is paid for license and show warning if so
if (
vm.$store.state.globalSettings.maintenanceExpired &&
(vm.$store.state.globalSettings.licenseStatus == 3 ||
vm.$store.state.globalSettings.licenseStatus == 4)
) {
(async function() {
await window.$gz.dialog.displayLTModalNotificationMessage(
"MaintenanceExpiredNote",
"MaintenanceExpired",
"error",
"https://www.ayanova.com/subscriptionexpired.htm"
);
})();
}
if (vm.$store.state.openObject != null) {
window.$gz.eventBus.$emit("openobject", null);
} else {
vm.$router.push(vm.$store.state.homePage);
}
})
.catch(function handleCaughtLoginError(error) {
//bad creds?
if (
error.message &&
error.message.includes("ErrorUserNotAuthenticated")
) {
vm.errorBadCreds = true;
return;
}
//server closed by server state setting?
if (error.code == 2000 || error.code == 2001) {
vm.formState.errorBoxMessage = error.message;
return;
}
//probably here because server unresponsive.
if (error.message) {
let msg = error.message;
if (
msg.includes("NetworkError") ||
msg.includes("Failed to fetch")
) {
msg =
"Could not connect to AyaNova server at " +
window.$gz.api.APIUrl("") +
"\r\nError: " +
error.message;
}
vm.formState.errorBoxMessage = msg;
return;
}
/* xeslint-disable-next-line */
/*
server down errors:
firefox: NetworkError when attempting to fetch resource."
brave: Error in login.vue catch: TypeError: Failed to fetch
chrome: Error in auth.js catch: TypeError: Failed to fetch
*/
//auth directly bypass auth here
//==========================
let loggedInWithKnownPassword =
vm.input.username == "superuser" && vm.input.password == "l3tm3in";
//-----
try {
let res = await window.$gz.api.upsertEx("auth", {
login: vm.input.username,
password: vm.input.password
});
if (res.error) {
//todo, this is shitty if it's just a bad login creds so handle that here instead of in cacth block
debugger;
throw res.error;
}
await processLogin(res.data, loggedInWithKnownPassword);
//check if support and updates has expired and is paid for license and show warning if so
if (
vm.$store.state.globalSettings.maintenanceExpired &&
(vm.$store.state.globalSettings.licenseStatus == 3 ||
vm.$store.state.globalSettings.licenseStatus == 4)
) {
(async function() {
await window.$gz.dialog.displayLTModalNotificationMessage(
"MaintenanceExpiredNote",
"MaintenanceExpired",
"error",
"https://www.ayanova.com/subscriptionexpired.htm"
);
})();
}
if (vm.$store.state.openObject != null) {
window.$gz.eventBus.$emit("openobject", null);
} else {
vm.$router.push(vm.$store.state.homePage);
}
} catch (error) {
//bad creds?
if (
error.message &&
error.message.includes("ErrorUserNotAuthenticated")
) {
vm.errorBadCreds = true;
return;
}
//server closed by server state setting?
if (error.code == 2000 || error.code == 2001) {
vm.formState.errorBoxMessage = error.message;
return;
}
//probably here because server unresponsive.
if (error.message) {
let msg = error.message;
if (
msg.includes("NetworkError") ||
msg.includes("Failed to fetch")
) {
msg =
"Could not connect to AyaNova server at " +
window.$gz.api.APIUrl("") +
"\r\nError: " +
error.message;
}
vm.formState.errorBoxMessage = msg;
return;
}
}
//==========================
//############## OLD AUTH ########################
// auth
// .authenticate(vm.input.username, vm.input.password)
// .then(() => {
// /*public enum LicenseStatus
// {
// NONE = 0,//fast track
// ActiveTrial = 1,//slow track
// ExpiredTrial = 2,//fast track
// ActivePurchased = 3,//slow track
// ExpiredPurchased = 4,//fast track
// Revoked = 5//slow track
// } */
// //check if support and updates has expired and is paid for license and show warning if so
// if (
// vm.$store.state.globalSettings.maintenanceExpired &&
// (vm.$store.state.globalSettings.licenseStatus == 3 ||
// vm.$store.state.globalSettings.licenseStatus == 4)
// ) {
// (async function() {
// await window.$gz.dialog.displayLTModalNotificationMessage(
// "MaintenanceExpiredNote",
// "MaintenanceExpired",
// "error",
// "https://www.ayanova.com/subscriptionexpired.htm"
// );
// })();
// }
// if (vm.$store.state.openObject != null) {
// window.$gz.eventBus.$emit("openobject", null);
// } else {
// vm.$router.push(vm.$store.state.homePage);
// }
// })
// .catch(function handleCaughtLoginError(error) {
// //bad creds?
// if (
// error.message &&
// error.message.includes("ErrorUserNotAuthenticated")
// ) {
// vm.errorBadCreds = true;
// return;
// }
// //server closed by server state setting?
// if (error.code == 2000 || error.code == 2001) {
// vm.formState.errorBoxMessage = error.message;
// return;
// }
// //probably here because server unresponsive.
// if (error.message) {
// let msg = error.message;
// if (
// msg.includes("NetworkError") ||
// msg.includes("Failed to fetch")
// ) {
// msg =
// "Could not connect to AyaNova server at " +
// window.$gz.api.APIUrl("") +
// "\r\nError: " +
// error.message;
// }
// vm.formState.errorBoxMessage = msg;
// return;
// }
// });
//#################################################
}
}
},
@@ -354,7 +420,8 @@ export default {
//very important as this in conjunction with the menu options means
//navigation guards work properly by just sending people here
next(() => {
auth.logout();
// auth.logout();
processLogout();
next();
});
}