Skip to content

Commit

Permalink
feat(auth): hacking support for public access
Browse files Browse the repository at this point in the history 
baw-server mostly supports the notion of public read access to pages. The client never recieved such love.

This is a hacky implementation. It spits a lot of errors but should work generally allow access as long as API resources do not return 401s.

Work for #298
  • Loading branch information
@atruskie
atruskie committed Oct 29, 2019
1 parent 4ea3058 commit 4f22e82
Show file tree
Hide file tree
Showing 6 changed files with 45 additions and 25 deletions.
5 changes: 5 additions & 0 deletions src/app/recordings/recentRecordings/recentRecordings.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ angular.module("bawApp.recordings.recentRecordings", [])
}

function sitesFormat(response) {
if (!response) {
console.warn("bawApp.recordings.recentRecordings.sitesFormat:: empty response for get sites, skipping site format");
return;
}

var sites = response.data.data.reduce(function(state, current) {
state[current.id] = current;
return state;
Expand Down
12 changes: 0 additions & 12 deletions src/components/directives/auth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,18 +46,6 @@ angular.module("angular-auth", ["http-auth-interceptor"])
obj[constants.rails.loginRedirectQsp] = $location.absUrl();
url = $url.formatUri(url, obj);
$window.location = url;
/*
// TODO: add extra checks to stop multiple animations
var isOpen = isLoginBoxOpen();
if(!isOpen){
console.warn("showing login window");
login.slideDown('slow', function () {
main.hide();
});
}*/
});

scope.$on("event:auth-loginConfirmed", function () {
Expand Down
10 changes: 5 additions & 5 deletions src/components/models/userProfile.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,11 @@ angular
// ensure preferences are always updated
this.preferences = Object.assign({}, constants.defaultProfile.preferences, this.preferences);

this.imageUrls = this.imageUrls.reduce((s, c) => {
c.url = paths.api.root + c.url;
s[c.size] = c;
return s;
}, {});
this.imageUrls = this.imageUrls ? this.imageUrls.reduce((state, current) => {
current.url = paths.api.root + current.url;
state[current.size] = current;
return state;
}, {}) : [];
}

get url() {
Expand Down
26 changes: 25 additions & 1 deletion src/components/services/angularHttpAuth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,22 @@ angular
function (authService, $rootScope, $q, paths) {
const authHeader = "Authorization";

// Okay: here is my hacked attempt to allow public access to the client site in an afternoon!
// We'll make the wild assumption that GETs that fail authentication are fine and only redirect
// if another verb is used. The exception here is `.../filter` which is just a sneaky GET
// disguised as a POST.
function requireAuthentication(url, method) {
if (method === "GET") {
return false;
}
else if (method === "POST" && url.includes("/filter")) {
return false;
}
else {
return true;
}
}

return {
request: function request(config) {

Expand Down Expand Up @@ -115,6 +131,12 @@ angular
return config;
}

// if this request doesn't need to be authenticated, then do not buffer it in the
// pending authentication buffer.
if (!requireAuthentication(config.url, config.method)) {
return config;
}

// otherwise, an auth token is not available
// queue the request up
console.warn("authHttpInterceptor:request: deferring request, auth token not available", config.url);
Expand All @@ -134,7 +156,9 @@ angular
return $q.reject(rejection);
},
responseError: function error(response) {
if (response.status === 401) {
// push the failed response to the buffer to try again
// but do not do it if we want to skip authentication
if (response.status === 401 && requireAuthentication(response.config.url, response.config.method)) {
var deferred = $q.defer();
authService.pushResponseToBuffer(response.config, deferred);

Expand Down
8 changes: 3 additions & 5 deletions src/components/services/authenticator.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ angular
}

if (data.authToken === undefined) {
throw "The authorisation token can not be undefined at this point";
throw "The authorization token can not be undefined at this point";
}

that.authenticated = true;
Expand Down Expand Up @@ -128,11 +128,9 @@ angular

function checkLoginFailure(data, status, headers, config) {
console.error(
"Ping login service failure - this should not happen",
"bawApp.services.authenticator.checkLoginFailure:: Ping login service failure. The user may not be logged in yet?",
data,
status,
headers,
config
status
);
}
}])
Expand Down
9 changes: 7 additions & 2 deletions src/components/services/site.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,17 @@ angular
.factory(
"Site",
[
"$resource", "bawResource", "$http", "conf.paths", "lodash", "QueryBuilder", "baw.models.Site",
function ($resource, bawResource, $http, paths, _, QueryBuilder, SiteModel) {
"$q", "$resource", "bawResource", "$http", "conf.paths", "lodash", "QueryBuilder", "baw.models.Site",
function ($q, $resource, bawResource, $http, paths, _, QueryBuilder, SiteModel) {
var resource = bawResource(paths.api.routes.site.flattenedAbsolute, {siteId: "@siteId"});

var url = paths.api.routes.site.filterAbsolute;
resource.getSitesByIds = function (siteIds) {
if (!siteIds || siteIds.length === 0) {
console.warn("bawApp.services.site.getSitesByIds:: No siteIds provided returning promise rejection");
return $q.resolve(null);
}

var query = QueryBuilder.create(function (q) {
return q.in("id", siteIds)
.project({include: ["id", "name"]})
Expand Down

0 comments on commit 4f22e82

Please sign in to comment.