admin/raven-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Can login now without auth

Browse Source
This commit is contained in:
John Cardinal
2020-06-19 16:55:11 +00:00
parent 527c84a81e
commit c1e688d824
5 changed files with 164 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ayanova/devdocs/todo.txt
View File

@@ -6,10 +6,6 @@ WIFI change 5g channel to 52,56,60 and 2g channel to 8
recheck before doing as it seems to vary, maybe someone else's is auto switching recheck before doing as it seems to vary, maybe someone else's is auto switching
todo: server error "red box" messages have \r\n characters in them
set html directly instead of just inserting text?
see gzdialog stuff just done for implementing
todo: Auth is directly fetching, re-route through gzapi instead todo: Auth is directly fetching, re-route through gzapi instead

30
ayanova/src/api/auth.js
View File

@@ -1,30 +0,0 @@
/* Xeslint-disable */
import { processLogin, processLogout } from "./authutil";
export default {
async authenticate(login, password) {
return new Promise(async function doAuth(resolve, reject) {
try {
let loggedInWithKnownPassword =
login == "superuser" && password == "l3tm3in";
let fetchData = await fetch(
window.$gz.api.APIUrl("auth"),
window.$gz.api.fetchPostNoAuthOptions({
login: login,
password: password
})
);
fetchData = await window.$gz.api.status(fetchData);
fetchData = await window.$gz.api.extractBody(fetchData);
await processLogin(fetchData, loggedInWithKnownPassword);
resolve();
} catch (e) {
reject(e);
}
});
},
logout() {
processLogout();
}
};

20
ayanova/src/api/authutil.js
View File

@@ -11,20 +11,15 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
return reject(); return reject();
} }
//is there an error?
if (authResponse.error) {
return reject(authResponse.error);
}
//is token present? //is token present?
if (!authResponse.data || !authResponse.data.token) { if (!authResponse || !authResponse.token) {
window.$gz.store.commit( window.$gz.store.commit(
"logItem", "logItem",
"auth::processLogin -> response contains no data" "auth::processLogin -> response contains no data"
); );
return reject(); return reject();
} }
const token = decode(authResponse.data.token); const token = decode(authResponse.token);
if (!token || !token.iss) { if (!token || !token.iss) {
window.$gz.store.commit( window.$gz.store.commit(
@@ -52,13 +47,13 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
//Put app relevant items into vuex store so app can use them //Put app relevant items into vuex store so app can use them
window.$gz.store.commit("login", { window.$gz.store.commit("login", {
apiToken: authResponse.data.token, apiToken: authResponse.token,
authenticated: true, authenticated: true,
userId: Number(token.id), userId: Number(token.id),
userName: authResponse.data.name, userName: authResponse.name,
roles: authResponse.data.roles, roles: authResponse.roles,
userType: authResponse.data.usertype, userType: authResponse.usertype,
dlt: authResponse.data.dlt dlt: authResponse.dlt
}); });
//log the login //log the login
window.$gz.store.commit( window.$gz.store.commit(
@@ -86,6 +81,7 @@ export function processLogin(authResponse, loggedInWithKnownPassword) {
} catch (err) { } catch (err) {
reject(err); reject(err);
} }
resolve(); resolve();
//------------------------------------------------- //-------------------------------------------------
}); });

32
ayanova/src/api/gzapi.js
View File

@@ -452,28 +452,28 @@ export default {
/////////////////////////////////// ///////////////////////////////////
// POST / PUT DATA TO API SERVER // POST / PUT DATA TO API SERVER
// //
async upsertEx(route, data) { async upsertEx(route, data, noToken = false) {
try { try {
let that = this; let that = this;
//determine if this is a new or existing record //determine if this is a new or existing record
let fetchOptions = undefined; let fetchOptions = undefined;
if (data) { //put?
//data can be blank in a post that triggers an action if (data && data.concurrency) {
if (data.concurrency) { fetchOptions = that.fetchPutOptions(data);
//has concurrency token, so this is a PUT as it's updating an existing record
fetchOptions = that.fetchPutOptions(data);
} else {
//Does not have a concurrency token so this is a POST as it's posting a new record without a concurrency token
fetchOptions = that.fetchPostOptions(data);
//ensure the route doesn't end in /0 which will happen if it's a new record since the edit forms just send the url here with the ID regardless
if (window.$gz._.endsWith(route, "/0")) {
route = route.slice(0, -2);
}
}
} else { } else {
//no data, so this is likely just a trigger post //post
fetchOptions = that.fetchPostOptions(data); //ensure the route doesn't end in /0 which will happen if it's a new record
//since the edit forms just send the url here with the ID regardless
if (window.$gz._.endsWith(route, "/0")) {
route = route.slice(0, -2);
}
if (noToken == false) {
fetchOptions = that.fetchPostOptions(data);
} else {
fetchOptions = that.fetchPostNoAuthOptions(data);
}
} }
let r = await fetch(that.APIUrl(route), fetchOptions); let r = await fetch(that.APIUrl(route), fetchOptions);
that.statusEx(r); that.statusEx(r);
r = await that.extractBodyEx(r); r = await that.extractBodyEx(r);

213
ayanova/src/views/login.vue
View File

@@ -85,6 +85,7 @@
<script> <script>
/* xeslint-disable */ /* xeslint-disable */
import auth from "../api/auth"; import auth from "../api/auth";
import { processLogin, processLogout } from "../api/authutil";
export default { export default {
data() { data() {
@@ -269,84 +270,149 @@ export default {
//move focus to password //move focus to password
document.getElementsByName("password")[0].focus(); document.getElementsByName("password")[0].focus();
}, },
login() { async login() {
let vm = this; let vm = this;
if (vm.input.username != "" && vm.input.password != "") { if (vm.input.username != "" && vm.input.password != "") {
vm.errorBadCreds = false; vm.errorBadCreds = false;
auth
.authenticate(vm.input.username, vm.input.password)
.then(() => {
/*public enum LicenseStatus
{
NONE = 0,//fast track
ActiveTrial = 1,//slow track
ExpiredTrial = 2,//fast track
ActivePurchased = 3,//slow track
ExpiredPurchased = 4,//fast track
Revoked = 5//slow track
} */
//check if support and updates has expired and is paid for license and show warning if so
if (
vm.$store.state.globalSettings.maintenanceExpired &&
(vm.$store.state.globalSettings.licenseStatus == 3 ||
vm.$store.state.globalSettings.licenseStatus == 4)
) {
(async function() {
await window.$gz.dialog.displayLTModalNotificationMessage(
"MaintenanceExpiredNote",
"MaintenanceExpired",
"error",
"https://www.ayanova.com/subscriptionexpired.htm"
);
})();
}
if (vm.$store.state.openObject != null) {
window.$gz.eventBus.$emit("openobject", null);
} else {
vm.$router.push(vm.$store.state.homePage);
}
})
.catch(function handleCaughtLoginError(error) {
//bad creds?
if (
error.message &&
error.message.includes("ErrorUserNotAuthenticated")
) {
vm.errorBadCreds = true;
return;
}
//server closed by server state setting?
if (error.code == 2000 || error.code == 2001) {
vm.formState.errorBoxMessage = error.message;
return;
}
//probably here because server unresponsive.
if (error.message) {
let msg = error.message;
if (
msg.includes("NetworkError") ||
msg.includes("Failed to fetch")
) {
msg =
"Could not connect to AyaNova server at " +
window.$gz.api.APIUrl("") +
"\r\nError: " +
error.message;
}
vm.formState.errorBoxMessage = msg;
return;
}
/* xeslint-disable-next-line */
/* //auth directly bypass auth here
server down errors: //==========================
firefox: NetworkError when attempting to fetch resource." let loggedInWithKnownPassword =
brave: Error in login.vue catch: TypeError: Failed to fetch vm.input.username == "superuser" && vm.input.password == "l3tm3in";
chrome: Error in auth.js catch: TypeError: Failed to fetch
*/
//----- try {
let res = await window.$gz.api.upsertEx("auth", {
login: vm.input.username,
password: vm.input.password
}); });
if (res.error) {
//todo, this is shitty if it's just a bad login creds so handle that here instead of in cacth block
debugger;
throw res.error;
}
await processLogin(res.data, loggedInWithKnownPassword);
//check if support and updates has expired and is paid for license and show warning if so
if (
vm.$store.state.globalSettings.maintenanceExpired &&
(vm.$store.state.globalSettings.licenseStatus == 3 ||
vm.$store.state.globalSettings.licenseStatus == 4)
) {
(async function() {
await window.$gz.dialog.displayLTModalNotificationMessage(
"MaintenanceExpiredNote",
"MaintenanceExpired",
"error",
"https://www.ayanova.com/subscriptionexpired.htm"
);
})();
}
if (vm.$store.state.openObject != null) {
window.$gz.eventBus.$emit("openobject", null);
} else {
vm.$router.push(vm.$store.state.homePage);
}
} catch (error) {
//bad creds?
if (
error.message &&
error.message.includes("ErrorUserNotAuthenticated")
) {
vm.errorBadCreds = true;
return;
}
//server closed by server state setting?
if (error.code == 2000 || error.code == 2001) {
vm.formState.errorBoxMessage = error.message;
return;
}
//probably here because server unresponsive.
if (error.message) {
let msg = error.message;
if (
msg.includes("NetworkError") ||
msg.includes("Failed to fetch")
) {
msg =
"Could not connect to AyaNova server at " +
window.$gz.api.APIUrl("") +
"\r\nError: " +
error.message;
}
vm.formState.errorBoxMessage = msg;
return;
}
}
//==========================
//############## OLD AUTH ########################
// auth
// .authenticate(vm.input.username, vm.input.password)
// .then(() => {
// /*public enum LicenseStatus
// {
// NONE = 0,//fast track
// ActiveTrial = 1,//slow track
// ExpiredTrial = 2,//fast track
// ActivePurchased = 3,//slow track
// ExpiredPurchased = 4,//fast track
// Revoked = 5//slow track
// } */
// //check if support and updates has expired and is paid for license and show warning if so
// if (
// vm.$store.state.globalSettings.maintenanceExpired &&
// (vm.$store.state.globalSettings.licenseStatus == 3 ||
// vm.$store.state.globalSettings.licenseStatus == 4)
// ) {
// (async function() {
// await window.$gz.dialog.displayLTModalNotificationMessage(
// "MaintenanceExpiredNote",
// "MaintenanceExpired",
// "error",
// "https://www.ayanova.com/subscriptionexpired.htm"
// );
// })();
// }
// if (vm.$store.state.openObject != null) {
// window.$gz.eventBus.$emit("openobject", null);
// } else {
// vm.$router.push(vm.$store.state.homePage);
// }
// })
// .catch(function handleCaughtLoginError(error) {
// //bad creds?
// if (
// error.message &&
// error.message.includes("ErrorUserNotAuthenticated")
// ) {
// vm.errorBadCreds = true;
// return;
// }
// //server closed by server state setting?
// if (error.code == 2000 || error.code == 2001) {
// vm.formState.errorBoxMessage = error.message;
// return;
// }
// //probably here because server unresponsive.
// if (error.message) {
// let msg = error.message;
// if (
// msg.includes("NetworkError") ||
// msg.includes("Failed to fetch")
// ) {
// msg =
// "Could not connect to AyaNova server at " +
// window.$gz.api.APIUrl("") +
// "\r\nError: " +
// error.message;
// }
// vm.formState.errorBoxMessage = msg;
// return;
// }
// });
//#################################################
} }
} }
}, },
@@ -354,7 +420,8 @@ export default {
//very important as this in conjunction with the menu options means //very important as this in conjunction with the menu options means
//navigation guards work properly by just sending people here //navigation guards work properly by just sending people here
next(() => { next(() => {
auth.logout(); // auth.logout();
processLogout();
next(); next();
}); });
} }