Cleanup AuthAccountHash handling

This commit is contained in:
djmaze 2021-04-28 15:56:31 +02:00
parent 8e5d56e15f
commit 146b2c1001
8 changed files with 32 additions and 130 deletions

View file

@ -101,9 +101,6 @@ class AppUser extends AbstractApp {
setInterval(() => { setInterval(() => {
const currentTime = Date.now(); const currentTime = Date.now();
if (currentTime > (lastTime + interval + 1000)) { if (currentTime > (lastTime + interval + 1000)) {
if (rl.hash.check()) {
this.reload();
}
Remote.jsVersion(iError => { Remote.jsVersion(iError => {
if (100 < iError) { if (100 < iError) {
this.reload(); this.reload();
@ -113,10 +110,6 @@ class AppUser extends AbstractApp {
lastTime = currentTime; lastTime = currentTime;
}, interval); }, interval);
if (rl.hash.check()) {
this.reload();
}
if (SettingsGet('UserBackgroundHash')) { if (SettingsGet('UserBackgroundHash')) {
setTimeout(() => { setTimeout(() => {
const img = userBackground(SettingsGet('UserBackgroundHash')); const img = userBackground(SettingsGet('UserBackgroundHash'));

View file

@ -1,14 +1,12 @@
import { pString, pInt } from 'Common/Utils'; import { pString, pInt } from 'Common/Utils';
import { Settings, SettingsGet } from 'Common/Globals'; import { Settings } from 'Common/Globals';
const const
ROOT = './', ROOT = './',
HASH_PREFIX = '#/', HASH_PREFIX = '#/',
SERVER_PREFIX = './?', SERVER_PREFIX = './?',
VERSION = Settings.app('version'), VERSION = Settings.app('version'),
VERSION_PREFIX = Settings.app('webVersionPath') || 'snappymail/v/' + VERSION + '/', VERSION_PREFIX = Settings.app('webVersionPath') || 'snappymail/v/' + VERSION + '/';
getHash = () => SettingsGet('AuthAccountHash') || '0';
/** /**
* @returns {string} * @returns {string}
@ -40,7 +38,7 @@ export function logoutLink() {
*/ */
export function serverRequestRaw(type, hash, customSpecSuffix) { export function serverRequestRaw(type, hash, customSpecSuffix) {
return SERVER_PREFIX + '/Raw/' + SUB_QUERY_PREFIX + '/' return SERVER_PREFIX + '/Raw/' + SUB_QUERY_PREFIX + '/'
+ (null == customSpecSuffix ? getHash() : customSpecSuffix) + '/' + (null == customSpecSuffix ? rl.hash.get() : customSpecSuffix) + '/'
+ (type + (type
? type + '/' + (hash ? SUB_QUERY_PREFIX + '/' + hash : '') ? type + '/' + (hash ? SUB_QUERY_PREFIX + '/' + hash : '')
: '') : '')
@ -61,7 +59,7 @@ export function attachmentDownload(download, customSpecSuffix) {
* @returns {string} * @returns {string}
*/ */
export function serverRequest(type) { export function serverRequest(type) {
return SERVER_PREFIX + '/' + type + '/' + SUB_QUERY_PREFIX + '/' + getHash() + '/'; return SERVER_PREFIX + '/' + type + '/' + SUB_QUERY_PREFIX + '/' + rl.hash.get() + '/';
} }
/** /**

View file

@ -1,5 +1,4 @@
import { Notification } from 'Common/Enums'; import { Notification } from 'Common/Enums';
import { Settings } from 'Common/Globals';
import { isArray, pInt, pString } from 'Common/Utils'; import { isArray, pInt, pString } from 'Common/Utils';
import { serverRequest } from 'Common/Links'; import { serverRequest } from 'Common/Links';
@ -8,13 +7,6 @@ let iJsonErrorCount = 0,
const getURL = (add = '') => serverRequest('Json') + add, const getURL = (add = '') => serverRequest('Json') + add,
updateToken = data => {
if (data.UpdateToken) {
rl.hash.set();
Settings.set('AuthAccountHash', data.UpdateToken);
}
},
checkResponseError = data => { checkResponseError = data => {
const err = data ? data.ErrorCode : null; const err = data ? data.ErrorCode : null;
if (Notification.InvalidToken === err && 10 < ++iTokenErrorCount) { if (Notification.InvalidToken === err && 10 < ++iTokenErrorCount) {
@ -97,12 +89,8 @@ export class AbstractFetchRemote
undefined === iTimeout ? 30000 : pInt(iTimeout), undefined === iTimeout ? 30000 : pInt(iTimeout),
data => { data => {
let cached = false; let cached = false;
if (data) { if (data && data.Time) {
if (data.Time) { cached = pInt(data.Time) > Date.now() - start;
cached = pInt(data.Time) > Date.now() - start;
}
updateToken(data);
} }
let iError = 0; let iError = 0;
@ -188,8 +176,6 @@ export class AbstractFetchRemote
if (!data) { if (!data) {
return Promise.reject(Notification.JsonParse); return Promise.reject(Notification.JsonParse);
} }
updateToken(data);
/* /*
let isCached = false, type = ''; let isCached = false, type = '';
if (data && data.Time) { if (data && data.Time) {

View file

@ -1,9 +1,9 @@
const storage = localStorage, const
CLIENT_SIDE_STORAGE_INDEX_NAME = 'rlcsc', CLIENT_SIDE_STORAGE_INDEX_NAME = 'rlcsc',
getStorage = () => { getStorage = () => {
try { try {
const value = storage.getItem(CLIENT_SIDE_STORAGE_INDEX_NAME) || null; const value = localStorage.getItem(CLIENT_SIDE_STORAGE_INDEX_NAME);
return null == value ? null : JSON.parse(value); return value ? JSON.parse(value) : null;
} catch (e) { } catch (e) {
return null; return null;
} }
@ -19,7 +19,7 @@ export function set(key, data) {
storageResult['p' + key] = data; storageResult['p' + key] = data;
try { try {
storage.setItem(CLIENT_SIDE_STORAGE_INDEX_NAME, JSON.stringify(storageResult)); localStorage.setItem(CLIENT_SIDE_STORAGE_INDEX_NAME, JSON.stringify(storageResult));
return true; return true;
} catch (e) { } catch (e) {
return false; return false;
@ -32,10 +32,7 @@ export function set(key, data) {
*/ */
export function get(key) { export function get(key) {
try { try {
key = 'p' + key; return (getStorage() || {})['p' + key];
const storageResult = getStorage();
return storageResult && null != storageResult[key] ? storageResult[key] : null;
} catch (e) { } catch (e) {
return null; return null;
} }

View file

@ -38,12 +38,6 @@ const
} }
return win[name]; return win[name];
}, },
STORAGE_KEY = '__rlA',
TIME_KEY = '__rlT',
AUTH_KEY = 'AuthAccountHash',
storage = Storage('session'),
timestamp = () => Math.round(Date.now() / 1000),
setTimestamp = () => storage.setItem(TIME_KEY, timestamp()),
showError = () => { showError = () => {
eId('rl-loading').hidden = true; eId('rl-loading').hidden = true;
@ -91,33 +85,13 @@ doc.documentElement.classList.toggle('rl-mobile', 'mobile' === layout || (!layou
let pStep = 0, let pStep = 0,
progress = eId('progressjs'), progress = eId('progressjs'),
rlspecauth = '',
RL_APP_DATA = {}; RL_APP_DATA = {};
win.rl = { win.rl = {
hash: { hash: {
// getHash get: () => rlspecauth || '0',
get: () => storage.getItem(STORAGE_KEY) || null, clear: () => rlspecauth = ''
// setHash
set: () => {
storage.setItem(STORAGE_KEY, RL_APP_DATA && RL_APP_DATA[AUTH_KEY]
? RL_APP_DATA[AUTH_KEY] : '');
setTimestamp();
},
// clearHash
clear: () => {
storage.setItem(STORAGE_KEY, '');
setTimestamp();
},
// checkTimestamp
check: () => {
if (timestamp() > (parseInt(storage.getItem(TIME_KEY) || 0, 10) || 0) + 3600000) {
// 60m
rl.hash.clear();
return true;
}
return false;
}
}, },
data: () => RL_APP_DATA, data: () => RL_APP_DATA,
adminArea: () => admin, adminArea: () => admin,
@ -140,8 +114,7 @@ win.rl = {
initData: appData => { initData: appData => {
RL_APP_DATA = appData; RL_APP_DATA = appData;
rlspecauth = appData['AuthAccountHash'];
rl.hash.set();
if (appData) { if (appData) {
loadScript(appData.StaticLibJsLink) loadScript(appData.StaticLibJsLink)
@ -162,12 +135,9 @@ p.set(1);
Storage('local'); Storage('local');
// init section
setInterval(setTimestamp, 60000); // 1m
eId('app-css').href = eId('app-css').dataset.href; eId('app-css').href = eId('app-css').dataset.href;
loadScript(`./?/${admin ? 'Admin' : ''}AppData/${rl.hash.get() || '0'}/${Math.random().toString().substr(2)}/`) loadScript(`./?/${admin ? 'Admin' : ''}AppData/${rl.hash.get()}/${Math.random().toString().substr(2)}/`)
.then(() => {}); .then(() => {});
})(this); })(this);

View file

@ -111,11 +111,6 @@ class Actions
*/ */
private $sSpecAuthToken; private $sSpecAuthToken;
/**
* @var string
*/
private $sUpdateAuthToken;
/** /**
* @access private * @access private
*/ */
@ -140,7 +135,6 @@ class Actions
$this->oSuggestionsProvider = null; $this->oSuggestionsProvider = null;
$this->sSpecAuthToken = ''; $this->sSpecAuthToken = '';
$this->sUpdateAuthToken = '';
$this->bIsJson = false; $this->bIsJson = false;
$oConfig = $this->Config(); $oConfig = $this->Config();
@ -156,13 +150,6 @@ class Actions
return $this; return $this;
} }
public function SetUpdateAuthToken(string $sUpdateAuthToken): self
{
$this->sUpdateAuthToken = $sUpdateAuthToken;
return $this;
}
public function SetIsJson(bool $bIsJson): self public function SetIsJson(bool $bIsJson): self
{ {
$this->bIsJson = $bIsJson; $this->bIsJson = $bIsJson;
@ -175,11 +162,6 @@ class Actions
return $this->sSpecAuthToken; return $this->sSpecAuthToken;
} }
public function GetUpdateAuthToken(): string
{
return $this->sUpdateAuthToken;
}
public function GetIsJson(): bool public function GetIsJson(): bool
{ {
return $this->bIsJson; return $this->bIsJson;
@ -506,7 +488,7 @@ class Actions
} }
} }
public function GetSpecAuthTokenWithDeletion(): string public function GetSpecAuthTokenCookie(): string
{ {
return Utils::GetCookie(self::AUTH_SPEC_TOKEN_KEY, ''); return Utils::GetCookie(self::AUTH_SPEC_TOKEN_KEY, '');
} }

View file

@ -187,12 +187,6 @@ class ServiceActions
if (\is_array($aResponseItem)) if (\is_array($aResponseItem))
{ {
$aResponseItem['Time'] = (int) ((\microtime(true) - $_SERVER['REQUEST_TIME_FLOAT']) * 1000); $aResponseItem['Time'] = (int) ((\microtime(true) - $_SERVER['REQUEST_TIME_FLOAT']) * 1000);
$sUpdateToken = $this->oActions->GetUpdateAuthToken();
if ($sUpdateToken)
{
$aResponseItem['UpdateToken'] = $sUpdateToken;
}
} }
$this->Plugins()->RunHook('filter.json-response', array($sAction, &$aResponseItem)); $this->Plugins()->RunHook('filter.json-response', array($sAction, &$aResponseItem));
@ -889,16 +883,14 @@ class ServiceActions
return $sResult; return $sResult;
} }
// rlspecauth / AuthAccountHash
public function getAuthAccountHash(bool $bAdmin) : string public function getAuthAccountHash(bool $bAdmin) : string
{ {
static $sAuthAccountHash = null; static $sAuthAccountHash = null;
if (null === $sAuthAccountHash) { if (null === $sAuthAccountHash) {
$sAuthAccountHash = ''; $sAuthAccountHash = '';
if (!$bAdmin && 0 === \strlen($this->oActions->GetSpecAuthLogoutTokenWithDeletion())) { if (!$bAdmin && 0 === \strlen($this->oActions->GetSpecAuthLogoutTokenWithDeletion())) {
$sAuthAccountHash = $this->oActions->GetSpecAuthTokenWithDeletion(); $sAuthAccountHash = $this->oActions->GetSpecAuthTokenCookie() ?: $this->oActions->GetSpecAuthToken();
if (empty($sAuthAccountHash)) {
$sAuthAccountHash = $this->oActions->GetSpecAuthToken();
}
if (empty($sAuthAccountHash)) { if (empty($sAuthAccountHash)) {
$oAccount = $this->oActions->GetAccountFromSignMeToken(); $oAccount = $this->oActions->GetAccountFromSignMeToken();
if ($oAccount) try if ($oAccount) try

View file

@ -14,8 +14,6 @@ class Utils
*/ */
static $CookieDefaultSecure = null; static $CookieDefaultSecure = null;
static $Cookies = null;
public static function EncryptString(string $sString, string $sKey) : string public static function EncryptString(string $sString, string $sKey) : string
{ {
return \MailSo\Base\Crypt::Encrypt($sString, $sKey); return \MailSo\Base\Crypt::Encrypt($sString, $sKey);
@ -188,21 +186,11 @@ class Utils
*/ */
public static function GetCookie(string $sName, $mDefault = null) public static function GetCookie(string $sName, $mDefault = null)
{ {
if (null === static::$Cookies) return isset($_COOKIE[$sName]) ? $_COOKIE[$sName] : $mDefault;
{
static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array();
}
return isset(static::$Cookies[$sName]) ? static::$Cookies[$sName] : $mDefault;
} }
public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0, ?string $sPath = null, ?string $sDomain = null, ?bool $bSecure = null, bool $bHttpOnly = true) public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0, ?string $sPath = null, ?string $sDomain = null, ?bool $bSecure = null, bool $bHttpOnly = true)
{ {
if (null === static::$Cookies)
{
static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array();
}
if (null === $sPath) if (null === $sPath)
{ {
$sPath = static::$CookieDefaultPath; $sPath = static::$CookieDefaultPath;
@ -214,7 +202,7 @@ class Utils
$bSecure = static::$CookieDefaultSecure; $bSecure = static::$CookieDefaultSecure;
} }
static::$Cookies[$sName] = $sValue; $_COOKIE[$sName] = $sValue;
\setcookie($sName, $sValue, array( \setcookie($sName, $sValue, array(
'expires' => $iExpire, 'expires' => $iExpire,
'path' => $sPath, 'path' => $sPath,
@ -227,22 +215,18 @@ class Utils
public static function ClearCookie(string $sName) public static function ClearCookie(string $sName)
{ {
if (null === static::$Cookies) if (isset($_COOKIE[$sName])) {
{ $sPath = static::$CookieDefaultPath;
static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array(); unset($_COOKIE[$sName]);
\setcookie($sName, '', array(
'expires' => \time() - 3600 * 24 * 30,
'path' => $sPath && 0 < \strlen($sPath) ? $sPath : '/',
// 'domain' => null,
'secure' => static::$CookieDefaultSecure,
'httponly' => true,
'samesite' => 'Strict'
));
} }
$sPath = static::$CookieDefaultPath;
unset(static::$Cookies[$sName]);
\setcookie($sName, '', array(
'expires' => \time() - 3600 * 24 * 30,
'path' => $sPath && 0 < \strlen($sPath) ? $sPath : '/',
// 'domain' => null,
'secure' => static::$CookieDefaultSecure,
'httponly' => true,
'samesite' => 'Strict'
));
} }
public static function UrlEncode(string $sV, bool $bEncode = false) : string public static function UrlEncode(string $sV, bool $bEncode = false) : string