From 30b61d30f4a9ff17981b5f33a713cdae184576b7 Mon Sep 17 00:00:00 2001 From: esurface Date: Thu, 1 Aug 2024 06:08:14 -0400 Subject: [PATCH] Storage auth token vars in sessionStorage in online survey app --- online-survey-app/src/app/app.component.ts | 2 +- .../auth/_components/login/login.component.ts | 2 +- .../auth/_services/authentication.service.ts | 32 +++++++++---------- .../app/core/auth/_services/user.service.ts | 4 +-- .../app/shared/classes/user-database.class.ts | 6 ++-- .../src/app/tangy-forms/tangy-form.service.ts | 2 +- 6 files changed, 24 insertions(+), 24 deletions(-) diff --git a/online-survey-app/src/app/app.component.ts b/online-survey-app/src/app/app.component.ts index 3dcee801f..081f718fc 100644 --- a/online-survey-app/src/app/app.component.ts +++ b/online-survey-app/src/app/app.component.ts @@ -55,7 +55,7 @@ export class AppComponent implements OnInit{ } async sessionTimeoutCheck() { - const token = localStorage.getItem('token'); + const token = sessionStorage.getItem('token'); const claims = JSON.parse(atob(token.split('.')[1])); const expiryTimeInMs = claims['exp'] * 1000; const minutesBeforeExpiry = expiryTimeInMs - (15 * 60 * 1000); // warn 15 minutes before expiry of token diff --git a/online-survey-app/src/app/core/auth/_components/login/login.component.ts b/online-survey-app/src/app/core/auth/_components/login/login.component.ts index b770f708d..4194829b0 100644 --- a/online-survey-app/src/app/core/auth/_components/login/login.component.ts +++ b/online-survey-app/src/app/core/auth/_components/login/login.component.ts @@ -38,7 +38,7 @@ export class LoginComponent implements OnInit { if (window.location.origin.startsWith('http://localhost')) { // If we are running on localhost, we want to use the local server for authentication - localStorage.setItem(this.user.username, this.user.password); + sessionStorage.setItem(this.user.username, this.user.password); this.router.navigate([this.returnUrl]); } else if (await this.authenticationService.login(this.user.username, this.user.password)) { this.router.navigate([this.returnUrl]); diff --git a/online-survey-app/src/app/core/auth/_services/authentication.service.ts b/online-survey-app/src/app/core/auth/_services/authentication.service.ts index ca254dae9..1f67df0f1 100644 --- a/online-survey-app/src/app/core/auth/_services/authentication.service.ts +++ b/online-survey-app/src/app/core/auth/_services/authentication.service.ts @@ -28,9 +28,9 @@ export class AuthenticationService { } } catch (error) { console.error(error); - localStorage.removeItem('token'); - localStorage.removeItem('user_id'); - localStorage.removeItem('permissions'); + sessionStorage.removeItem('token'); + sessionStorage.removeItem('user_id'); + sessionStorage.removeItem('permissions'); return false; } } @@ -50,26 +50,26 @@ export class AuthenticationService { } } catch (error) { console.error(error); - localStorage.removeItem('token'); - localStorage.removeItem('user_id'); - localStorage.removeItem('password'); - localStorage.removeItem('permissions'); + sessionStorage.removeItem('token'); + sessionStorage.removeItem('user_id'); + sessionStorage.removeItem('password'); + sessionStorage.removeItem('permissions'); return false; } } async isLoggedIn():Promise { this._currentUserLoggedIn = false; - this._currentUserLoggedIn = !!localStorage.getItem('user_id'); + this._currentUserLoggedIn = !!sessionStorage.getItem('user_id'); this.currentUserLoggedIn$.next(this._currentUserLoggedIn); return this._currentUserLoggedIn; } async logout() { - localStorage.removeItem('token'); - localStorage.removeItem('user_id'); - localStorage.removeItem('password'); - localStorage.removeItem('permissions'); + sessionStorage.removeItem('token'); + sessionStorage.removeItem('user_id'); + sessionStorage.removeItem('password'); + sessionStorage.removeItem('permissions'); document.cookie = "Authorization=;max-age=-1"; this._currentUserLoggedIn = false; this.currentUserLoggedIn$.next(this._currentUserLoggedIn); @@ -78,7 +78,7 @@ export class AuthenticationService { async extendUserSession() { const appConfig = await this.appConfigService.getAppConfig(); const groupId = appConfig['groupId']; - const accessCode = localStorage.getItem('user_id'); + const accessCode = sessionStorage.getItem('user_id'); try { const data = await this.http.post(`/onlineSurvey/login/${groupId}/${accessCode}`, {groupId, accessCode}, {observe: 'response'}).toPromise(); @@ -98,9 +98,9 @@ export class AuthenticationService { async setTokens(token) { const jwtData = jwtDecode(token); document.cookie = "Authorization=;max-age=-1"; - localStorage.setItem('token', token); - localStorage.setItem('user_id', jwtData['username']); - localStorage.setItem('permissions', JSON.stringify(jwtData['permissions'])); + sessionStorage.setItem('token', token); + sessionStorage.setItem('user_id', jwtData['username']); + sessionStorage.setItem('permissions', JSON.stringify(jwtData['permissions'])); document.cookie = `Authorization=${token}`; } diff --git a/online-survey-app/src/app/core/auth/_services/user.service.ts b/online-survey-app/src/app/core/auth/_services/user.service.ts index 100d81d8d..55c91fd7b 100644 --- a/online-survey-app/src/app/core/auth/_services/user.service.ts +++ b/online-survey-app/src/app/core/auth/_services/user.service.ts @@ -43,7 +43,7 @@ export class UserService { } async getCurrentUser() { - return await localStorage.getItem('user_id'); + return await sessionStorage.getItem('user_id'); } private showError(error: any) { console.log(error); @@ -58,7 +58,7 @@ export class UserService { async getMyUser() { try { - if (localStorage.getItem('user_id') === 'user1') { + if (sessionStorage.getItem('user_id') === 'user1') { return { email: 'user1@tangerinecentral.org', firstName: 'user1', diff --git a/online-survey-app/src/app/shared/classes/user-database.class.ts b/online-survey-app/src/app/shared/classes/user-database.class.ts index 38e681573..97abb819c 100644 --- a/online-survey-app/src/app/shared/classes/user-database.class.ts +++ b/online-survey-app/src/app/shared/classes/user-database.class.ts @@ -24,7 +24,7 @@ export class UserDatabase { } async get(id) { - const token = localStorage.getItem('token'); + const token = sessionStorage.getItem('token'); return (await axios.get(`/group-responses/read/${this.groupId}/${id}`, { headers: { authorization: token }})).data } @@ -33,7 +33,7 @@ export class UserDatabase { } async post(doc) { - const token = localStorage.getItem('token'); + const token = sessionStorage.getItem('token'); if (this.attachHistoryToDocs === undefined) { const appConfig = (await axios.get('./assets/app-config.json', { headers: { authorization: token }})).data this.attachHistoryToDocs = appConfig['attachHistoryToDocs'] @@ -70,7 +70,7 @@ export class UserDatabase { async remove(doc) { // This is not implemented... - const token = localStorage.getItem('token'); + const token = sessionStorage.getItem('token'); return await axios.delete(`/api/${this.groupId}`, doc) } diff --git a/online-survey-app/src/app/tangy-forms/tangy-form.service.ts b/online-survey-app/src/app/tangy-forms/tangy-form.service.ts index f4a48e186..3818ee7be 100644 --- a/online-survey-app/src/app/tangy-forms/tangy-form.service.ts +++ b/online-survey-app/src/app/tangy-forms/tangy-form.service.ts @@ -21,7 +21,7 @@ export class TangyFormService { } initialize(groupId) { - this.userId = localStorage.getItem('user_id') || 'Survey' + this.userId = sessionStorage.getItem('user_id') || 'Survey' this.db = new UserDatabase(this.userId, groupId) }