mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Just force logout on InvalidToken error immediatley.
This commit is contained in:
parent
67e2a971ea
commit
bdb6b9bb8b
5 changed files with 27 additions and 58 deletions
|
|
@ -1,30 +1,28 @@
|
||||||
import { Notification } from 'Common/Enums';
|
import { Notification } from 'Common/Enums';
|
||||||
import { isArray, pInt, pString } from 'Common/Utils';
|
import { isArray, pInt, pString } from 'Common/Utils';
|
||||||
import { serverRequest } from 'Common/Links';
|
import { serverRequest } from 'Common/Links';
|
||||||
|
import { getNotification } from 'Common/Translator';
|
||||||
|
|
||||||
let iJsonErrorCount = 0,
|
let iJsonErrorCount = 0;
|
||||||
iTokenErrorCount = 0;
|
|
||||||
|
|
||||||
const getURL = (add = '') => serverRequest('Json') + add,
|
const getURL = (add = '') => serverRequest('Json') + add,
|
||||||
|
|
||||||
checkResponseError = data => {
|
checkResponseError = data => {
|
||||||
const err = data ? data.ErrorCode : null;
|
const err = data ? data.ErrorCode : null;
|
||||||
if (Notification.InvalidToken === err && 10 < ++iTokenErrorCount) {
|
if (Notification.InvalidToken === err) {
|
||||||
|
alert(getNotification(err));
|
||||||
rl.logoutReload();
|
rl.logoutReload();
|
||||||
} else {
|
} else if ([
|
||||||
if ([
|
Notification.AuthError,
|
||||||
Notification.AuthError,
|
Notification.ConnectionError,
|
||||||
Notification.ConnectionError,
|
Notification.DomainNotAllowed,
|
||||||
Notification.DomainNotAllowed,
|
Notification.AccountNotAllowed,
|
||||||
Notification.AccountNotAllowed,
|
Notification.MailServerError,
|
||||||
Notification.MailServerError,
|
Notification.UnknownNotification,
|
||||||
Notification.UnknownNotification,
|
Notification.UnknownError
|
||||||
Notification.UnknownError
|
].includes(err)
|
||||||
].includes(err)
|
) {
|
||||||
) {
|
if (7 < ++iJsonErrorCount) {
|
||||||
++iJsonErrorCount;
|
|
||||||
}
|
|
||||||
if (data.Logout || 7 < iJsonErrorCount) {
|
|
||||||
rl.logoutReload();
|
rl.logoutReload();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -158,7 +156,7 @@ export class AbstractFetchRemote
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
if (data.Result) {
|
if (data.Result) {
|
||||||
iJsonErrorCount = iTokenErrorCount = 0;
|
iJsonErrorCount = 0;
|
||||||
} else {
|
} else {
|
||||||
checkResponseError(data);
|
checkResponseError(data);
|
||||||
iError = data.ErrorCode || Notification.UnknownError
|
iError = data.ErrorCode || Notification.UnknownError
|
||||||
|
|
|
||||||
|
|
@ -1439,6 +1439,9 @@ class Actions
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws \RainLoop\Exceptions\ClientException
|
||||||
|
*/
|
||||||
private function initMailClientConnection(): ?Model\Account
|
private function initMailClientConnection(): ?Model\Account
|
||||||
{
|
{
|
||||||
$oAccount = null;
|
$oAccount = null;
|
||||||
|
|
|
||||||
|
|
@ -240,7 +240,8 @@ trait UserAuth
|
||||||
if (!isset($_COOKIE[Utils::SESSION_TOKEN])) {
|
if (!isset($_COOKIE[Utils::SESSION_TOKEN])) {
|
||||||
// \MailSo\Base\Http::StatusHeader(401);
|
// \MailSo\Base\Http::StatusHeader(401);
|
||||||
$this->Logout(true);
|
$this->Logout(true);
|
||||||
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined', true);
|
// $sAdditionalMessage = $this->StaticI18N('SESSION_UNDEFINED');
|
||||||
|
throw new ClientException(Notifications::InvalidToken, null, 'Session undefined');
|
||||||
}
|
}
|
||||||
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
|
$oMainAuthAccount = MainAccount::NewInstanceFromTokenArray(
|
||||||
$this,
|
$this,
|
||||||
|
|
@ -255,7 +256,8 @@ trait UserAuth
|
||||||
Utils::ClearCookie(Utils::SESSION_TOKEN);
|
Utils::ClearCookie(Utils::SESSION_TOKEN);
|
||||||
// \MailSo\Base\Http::StatusHeader(401);
|
// \MailSo\Base\Http::StatusHeader(401);
|
||||||
$this->Logout(true);
|
$this->Logout(true);
|
||||||
throw new ClientException(Notifications::AuthError, null, 'Session gone', true);
|
// $sAdditionalMessage = $this->StaticI18N('SESSION_GONE');
|
||||||
|
throw new ClientException(Notifications::InvalidToken, null, 'Session gone');
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$oAccount = $this->GetAccountFromSignMeToken();
|
$oAccount = $this->GetAccountFromSignMeToken();
|
||||||
|
|
@ -268,7 +270,7 @@ trait UserAuth
|
||||||
// Extend session cookie lifetime
|
// Extend session cookie lifetime
|
||||||
$this->StorageProvider()->Put($this->oMainAuthAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true');
|
$this->StorageProvider()->Put($this->oMainAuthAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true');
|
||||||
} else if ($bThrowExceptionOnFalse) {
|
} else if ($bThrowExceptionOnFalse) {
|
||||||
throw new ClientException(Notifications::AuthError);
|
throw new ClientException(Notifications::InvalidToken, null, 'Account undefined');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -425,8 +427,7 @@ trait UserAuth
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->Config()->Get('labs', 'imap_show_login_alert', true)) {
|
if ($this->Config()->Get('labs', 'imap_show_login_alert', true)) {
|
||||||
throw new ClientException(Notifications::AuthError,
|
throw new ClientException(Notifications::AuthError, $oException, $oException->getAlertFromStatus());
|
||||||
$oException, $oException->getAlertFromStatus());
|
|
||||||
} else {
|
} else {
|
||||||
throw new ClientException(Notifications::AuthError, $oException);
|
throw new ClientException(Notifications::AuthError, $oException);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -8,42 +8,21 @@ namespace RainLoop\Exceptions;
|
||||||
*/
|
*/
|
||||||
class ClientException extends Exception
|
class ClientException extends Exception
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* @var bool
|
|
||||||
*/
|
|
||||||
private $bLogoutOnException;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
private $sAdditionalMessage;
|
private $sAdditionalMessage;
|
||||||
|
|
||||||
public function __construct(int $iCode, ?\Throwable $oPrevious = null, string $sAdditionalMessage = '', bool $bLogoutOnException = false)
|
public function __construct(int $iCode, ?\Throwable $oPrevious = null, string $sAdditionalMessage = '')
|
||||||
{
|
{
|
||||||
parent::__construct(\RainLoop\Notifications::GetNotificationsMessage($iCode, $oPrevious),
|
parent::__construct(\RainLoop\Notifications::GetNotificationsMessage($iCode, $oPrevious),
|
||||||
$iCode, $oPrevious);
|
$iCode, $oPrevious);
|
||||||
|
|
||||||
$this->sAdditionalMessage = $sAdditionalMessage ?: ($oPrevious ? $oPrevious->getMessage() : '');
|
$this->sAdditionalMessage = $sAdditionalMessage ?: ($oPrevious ? $oPrevious->getMessage() : '');
|
||||||
|
|
||||||
$this->bLogoutOnException = $bLogoutOnException;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getAdditionalMessage() : string
|
public function getAdditionalMessage() : string
|
||||||
{
|
{
|
||||||
return $this->sAdditionalMessage;
|
return $this->sAdditionalMessage;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getLogoutOnException() : bool
|
|
||||||
{
|
|
||||||
return $this->bLogoutOnException;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function setLogoutOnException(bool $bLogoutOnException, string $sAdditionalLogoutMessage = '') : self
|
|
||||||
{
|
|
||||||
$this->bLogoutOnException = $bLogoutOnException;
|
|
||||||
|
|
||||||
$this->sAdditionalMessage = $sAdditionalLogoutMessage;
|
|
||||||
|
|
||||||
return $this;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -95,7 +95,7 @@ class ServiceActions
|
||||||
$this->Config()->Get('security', 'csrf_protection', false) &&
|
$this->Config()->Get('security', 'csrf_protection', false) &&
|
||||||
($_POST['XToken'] ?? '') !== Utils::GetCsrfToken())
|
($_POST['XToken'] ?? '') !== Utils::GetCsrfToken())
|
||||||
{
|
{
|
||||||
throw new Exceptions\ClientException(Notifications::InvalidToken);
|
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'CSRF failed');
|
||||||
}
|
}
|
||||||
else if (!empty($sAction))
|
else if (!empty($sAction))
|
||||||
{
|
{
|
||||||
|
|
@ -165,18 +165,6 @@ class ServiceActions
|
||||||
|
|
||||||
$aResponseItem = $this->oActions->ExceptionResponse(
|
$aResponseItem = $this->oActions->ExceptionResponse(
|
||||||
empty($sAction) ? 'Unknown' : $sAction, $oException);
|
empty($sAction) ? 'Unknown' : $sAction, $oException);
|
||||||
|
|
||||||
if (\is_array($aResponseItem) && $oException instanceof Exceptions\ClientException)
|
|
||||||
{
|
|
||||||
if ($oException->getLogoutOnException())
|
|
||||||
{
|
|
||||||
$aResponseItem['Logout'] = true;
|
|
||||||
if ($oException->getAdditionalMessage())
|
|
||||||
{
|
|
||||||
$this->oActions->SetSpecLogoutCustomMgsWithDeletion($oException->getAdditionalMessage());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (\is_array($aResponseItem))
|
if (\is_array($aResponseItem))
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue