Just force logout on InvalidToken error immediatley.

This commit is contained in:
djmaze 2021-12-14 21:12:38 +01:00
parent 67e2a971ea
commit bdb6b9bb8b
5 changed files with 27 additions and 58 deletions

View file

@ -1,18 +1,18 @@
import { Notification } from 'Common/Enums'; import { Notification } from 'Common/Enums';
import { isArray, pInt, pString } from 'Common/Utils'; import { isArray, pInt, pString } from 'Common/Utils';
import { serverRequest } from 'Common/Links'; import { serverRequest } from 'Common/Links';
import { getNotification } from 'Common/Translator';
let iJsonErrorCount = 0, let iJsonErrorCount = 0;
iTokenErrorCount = 0;
const getURL = (add = '') => serverRequest('Json') + add, const getURL = (add = '') => serverRequest('Json') + add,
checkResponseError = data => { checkResponseError = data => {
const err = data ? data.ErrorCode : null; const err = data ? data.ErrorCode : null;
if (Notification.InvalidToken === err && 10 < ++iTokenErrorCount) { if (Notification.InvalidToken === err) {
alert(getNotification(err));
rl.logoutReload(); rl.logoutReload();
} else { } else if ([
if ([
Notification.AuthError, Notification.AuthError,
Notification.ConnectionError, Notification.ConnectionError,
Notification.DomainNotAllowed, Notification.DomainNotAllowed,
@ -22,9 +22,7 @@ checkResponseError = data => {
Notification.UnknownError Notification.UnknownError
].includes(err) ].includes(err)
) { ) {
++iJsonErrorCount; if (7 < ++iJsonErrorCount) {
}
if (data.Logout || 7 < iJsonErrorCount) {
rl.logoutReload(); rl.logoutReload();
} }
} }
@ -158,7 +156,7 @@ export class AbstractFetchRemote
} }
*/ */
if (data.Result) { if (data.Result) {
iJsonErrorCount = iTokenErrorCount = 0; iJsonErrorCount = 0;
} else { } else {
checkResponseError(data); checkResponseError(data);
iError = data.ErrorCode || Notification.UnknownError iError = data.ErrorCode || Notification.UnknownError

View file

@ -1439,6 +1439,9 @@ class Actions
} }
} }
/**
* @throws \RainLoop\Exceptions\ClientException
*/
private function initMailClientConnection(): ?Model\Account private function initMailClientConnection(): ?Model\Account
{ {
$oAccount = null; $oAccount = null;

View file

@ -240,7 +240,8 @@ trait UserAuth
if (!isset($_COOKIE[Utils::SESSION_TOKEN])) { if (!isset($_COOKIE[Utils::SESSION_TOKEN])) {
// \MailSo\Base\Http::StatusHeader(401); // \MailSo\Base\Http::StatusHeader(401);
$this->Logout(true); $this->Logout(true);
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined', true); // $sAdditionalMessage = $this->StaticI18N('SESSION_UNDEFINED');
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined');
} }
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray( $oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
$this, $this,
@ -255,7 +256,8 @@ trait UserAuth
Utils::ClearCookie(Utils::SESSION_TOKEN); Utils::ClearCookie(Utils::SESSION_TOKEN);
// \MailSo\Base\Http::StatusHeader(401); // \MailSo\Base\Http::StatusHeader(401);
$this->Logout(true); $this->Logout(true);
throw new ClientException(Notifications::AuthError, null, 'Session gone', true); // $sAdditionalMessage = $this->StaticI18N('SESSION_GONE');
throw new ClientException(Notifications::InvalidToken, null, 'Session gone');
} }
} else { } else {
$oAccount = $this->GetAccountFromSignMeToken(); $oAccount = $this->GetAccountFromSignMeToken();
@ -268,7 +270,7 @@ trait UserAuth
// Extend session cookie lifetime // Extend session cookie lifetime
$this->StorageProvider()->Put($this->oMainAuthAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true'); $this->StorageProvider()->Put($this->oMainAuthAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true');
} else if ($bThrowExceptionOnFalse) { } else if ($bThrowExceptionOnFalse) {
throw new ClientException(Notifications::AuthError); throw new ClientException(Notifications::InvalidToken, null, 'Account undefined');
} }
} }
@ -425,8 +427,7 @@ trait UserAuth
} }
if ($this->Config()->Get('labs', 'imap_show_login_alert', true)) { if ($this->Config()->Get('labs', 'imap_show_login_alert', true)) {
throw new ClientException(Notifications::AuthError, throw new ClientException(Notifications::AuthError, $oException, $oException->getAlertFromStatus());
$oException, $oException->getAlertFromStatus());
} else { } else {
throw new ClientException(Notifications::AuthError, $oException); throw new ClientException(Notifications::AuthError, $oException);
} }

View file

@ -8,42 +8,21 @@ namespace RainLoop\Exceptions;
*/ */
class ClientException extends Exception class ClientException extends Exception
{ {
/**
* @var bool
*/
private $bLogoutOnException;
/** /**
* @var string * @var string
*/ */
private $sAdditionalMessage; private $sAdditionalMessage;
public function __construct(int $iCode, ?\Throwable $oPrevious = null, string $sAdditionalMessage = '', bool $bLogoutOnException = false) public function __construct(int $iCode, ?\Throwable $oPrevious = null, string $sAdditionalMessage = '')
{ {
parent::__construct(\RainLoop\Notifications::GetNotificationsMessage($iCode, $oPrevious), parent::__construct(\RainLoop\Notifications::GetNotificationsMessage($iCode, $oPrevious),
$iCode, $oPrevious); $iCode, $oPrevious);
$this->sAdditionalMessage = $sAdditionalMessage ?: ($oPrevious ? $oPrevious->getMessage() : ''); $this->sAdditionalMessage = $sAdditionalMessage ?: ($oPrevious ? $oPrevious->getMessage() : '');
$this->bLogoutOnException = $bLogoutOnException;
} }
public function getAdditionalMessage() : string public function getAdditionalMessage() : string
{ {
return $this->sAdditionalMessage; return $this->sAdditionalMessage;
} }
public function getLogoutOnException() : bool
{
return $this->bLogoutOnException;
}
public function setLogoutOnException(bool $bLogoutOnException, string $sAdditionalLogoutMessage = '') : self
{
$this->bLogoutOnException = $bLogoutOnException;
$this->sAdditionalMessage = $sAdditionalLogoutMessage;
return $this;
}
} }

View file

@ -95,7 +95,7 @@ class ServiceActions
$this->Config()->Get('security', 'csrf_protection', false) && $this->Config()->Get('security', 'csrf_protection', false) &&
($_POST['XToken'] ?? '') !== Utils::GetCsrfToken()) ($_POST['XToken'] ?? '') !== Utils::GetCsrfToken())
{ {
throw new Exceptions\ClientException(Notifications::InvalidToken); throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'CSRF failed');
} }
else if (!empty($sAction)) else if (!empty($sAction))
{ {
@ -165,18 +165,6 @@ class ServiceActions
$aResponseItem = $this->oActions->ExceptionResponse( $aResponseItem = $this->oActions->ExceptionResponse(
empty($sAction) ? 'Unknown' : $sAction, $oException); empty($sAction) ? 'Unknown' : $sAction, $oException);
if (\is_array($aResponseItem) && $oException instanceof Exceptions\ClientException)
{
if ($oException->getLogoutOnException())
{
$aResponseItem['Logout'] = true;
if ($oException->getAdditionalMessage())
{
$this->oActions->SetSpecLogoutCustomMgsWithDeletion($oException->getAdditionalMessage());
}
}
}
} }
if (\is_array($aResponseItem)) if (\is_array($aResponseItem))