Figure out user manager for account user
parent
3492558e06
commit
95a8e64fbb
|
@ -36,14 +36,19 @@ import (
|
|||
|
||||
/*
|
||||
TODO
|
||||
use token auth in "SubscribeDialog"
|
||||
upload files based on user limit
|
||||
database migration
|
||||
publishXHR + poll should pick current user, not from userManager
|
||||
reserve topics
|
||||
purge accounts that were not logged into in X
|
||||
reset daily limits for users
|
||||
store users
|
||||
"user list" shows * twice
|
||||
"ntfy access everyone user4topic <bla>" twice -> UNIQUE constraint error
|
||||
Account usage not updated "in real time"
|
||||
Sync:
|
||||
- "mute" setting
|
||||
- figure out what settings are "web" or "phone"
|
||||
UI:
|
||||
- Subscription dotmenu dropdown: Move to nav bar, or make same as profile dropdown
|
||||
- "Logout and delete local storage" option
|
||||
Pages:
|
||||
- Home
|
||||
- Password reset
|
||||
|
@ -52,7 +57,6 @@ import (
|
|||
-
|
||||
Polishing:
|
||||
aria-label for everything
|
||||
|
||||
Tests:
|
||||
- APIs
|
||||
- CRUD tokens
|
||||
|
|
|
@ -84,10 +84,10 @@ const (
|
|||
`
|
||||
selectTopicPermsQuery = `
|
||||
SELECT read, write
|
||||
FROM user_access
|
||||
JOIN user ON user.user = '*' OR user.user = ?
|
||||
WHERE ? LIKE user_access.topic
|
||||
ORDER BY user.user DESC
|
||||
FROM user_access a
|
||||
JOIN user u ON u.id = a.user_id
|
||||
WHERE (u.user = '*' OR u.user = ?) AND ? LIKE a.topic
|
||||
ORDER BY u.user DESC
|
||||
`
|
||||
)
|
||||
|
||||
|
|
|
@ -175,6 +175,7 @@
|
|||
"prefs_notifications_delete_after_one_month_description": "Notifications are auto-deleted after one month",
|
||||
"prefs_users_title": "Manage users",
|
||||
"prefs_users_description": "Add/remove users for your protected topics here. Please note that username and password are stored in the browser's local storage.",
|
||||
"prefs_users_description_no_sync": "Users and passwords are not synchronized to your account.",
|
||||
"prefs_users_table": "Users table",
|
||||
"prefs_users_add_button": "Add user",
|
||||
"prefs_users_edit_button": "Edit user",
|
||||
|
|
|
@ -6,8 +6,8 @@ import {
|
|||
accountTokenUrl,
|
||||
accountUrl,
|
||||
fetchLinesIterator,
|
||||
maybeWithBasicAuth,
|
||||
maybeWithBearerAuth,
|
||||
withBasicAuth,
|
||||
withBearerAuth,
|
||||
topicShortUrl,
|
||||
topicUrl,
|
||||
topicUrlAuth,
|
||||
|
@ -31,7 +31,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Checking auth for ${url}`);
|
||||
const response = await fetch(url, {
|
||||
method: "POST",
|
||||
headers: maybeWithBasicAuth({}, user)
|
||||
headers: withBasicAuth({}, user.username, user.password)
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -50,7 +50,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Logging out from ${url} using token ${token}`);
|
||||
const response = await fetch(url, {
|
||||
method: "DELETE",
|
||||
headers: maybeWithBearerAuth({}, token)
|
||||
headers: withBearerAuth({}, token)
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -83,7 +83,7 @@ class AccountApi {
|
|||
const url = accountUrl(config.baseUrl);
|
||||
console.log(`[AccountApi] Fetching user account ${url}`);
|
||||
const response = await fetch(url, {
|
||||
headers: maybeWithBearerAuth({}, session.token())
|
||||
headers: withBearerAuth({}, session.token())
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -100,7 +100,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Deleting user account ${url}`);
|
||||
const response = await fetch(url, {
|
||||
method: "DELETE",
|
||||
headers: maybeWithBearerAuth({}, session.token())
|
||||
headers: withBearerAuth({}, session.token())
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -114,7 +114,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Changing account password ${url}`);
|
||||
const response = await fetch(url, {
|
||||
method: "POST",
|
||||
headers: maybeWithBearerAuth({}, session.token()),
|
||||
headers: withBearerAuth({}, session.token()),
|
||||
body: JSON.stringify({
|
||||
password: newPassword
|
||||
})
|
||||
|
@ -131,7 +131,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Extending user access token ${url}`);
|
||||
const response = await fetch(url, {
|
||||
method: "PATCH",
|
||||
headers: maybeWithBearerAuth({}, session.token())
|
||||
headers: withBearerAuth({}, session.token())
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -146,7 +146,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Updating user account ${url}: ${body}`);
|
||||
const response = await fetch(url, {
|
||||
method: "PATCH",
|
||||
headers: maybeWithBearerAuth({}, session.token()),
|
||||
headers: withBearerAuth({}, session.token()),
|
||||
body: body
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
|
@ -162,7 +162,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Adding user subscription ${url}: ${body}`);
|
||||
const response = await fetch(url, {
|
||||
method: "POST",
|
||||
headers: maybeWithBearerAuth({}, session.token()),
|
||||
headers: withBearerAuth({}, session.token()),
|
||||
body: body
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
|
@ -181,7 +181,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Updating user subscription ${url}: ${body}`);
|
||||
const response = await fetch(url, {
|
||||
method: "PATCH",
|
||||
headers: maybeWithBearerAuth({}, session.token()),
|
||||
headers: withBearerAuth({}, session.token()),
|
||||
body: body
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
|
@ -199,7 +199,7 @@ class AccountApi {
|
|||
console.log(`[AccountApi] Removing user subscription ${url}`);
|
||||
const response = await fetch(url, {
|
||||
method: "DELETE",
|
||||
headers: maybeWithBearerAuth({}, session.token())
|
||||
headers: withBearerAuth({}, session.token())
|
||||
});
|
||||
if (response.status === 401 || response.status === 403) {
|
||||
throw new UnauthorizedError();
|
||||
|
@ -208,6 +208,10 @@ class AccountApi {
|
|||
}
|
||||
}
|
||||
|
||||
sync() {
|
||||
// TODO
|
||||
}
|
||||
|
||||
startWorker() {
|
||||
if (this.timer !== null) {
|
||||
return;
|
||||
|
|
|
@ -5,9 +5,9 @@ import {
|
|||
accountSubscriptionUrl,
|
||||
accountTokenUrl,
|
||||
accountUrl,
|
||||
fetchLinesIterator,
|
||||
maybeWithBasicAuth,
|
||||
maybeWithBearerAuth,
|
||||
fetchLinesIterator, maybeWithAuth,
|
||||
withBasicAuth,
|
||||
withBearerAuth,
|
||||
topicShortUrl,
|
||||
topicUrl,
|
||||
topicUrlAuth,
|
||||
|
@ -24,7 +24,7 @@ class Api {
|
|||
? topicUrlJsonPollWithSince(baseUrl, topic, since)
|
||||
: topicUrlJsonPoll(baseUrl, topic);
|
||||
const messages = [];
|
||||
const headers = maybeWithBasicAuth({}, user);
|
||||
const headers = maybeWithAuth({}, user);
|
||||
console.log(`[Api] Polling ${url}`);
|
||||
for await (let line of fetchLinesIterator(url, headers)) {
|
||||
console.log(`[Api, ${shortUrl}] Received message ${line}`);
|
||||
|
@ -45,7 +45,7 @@ class Api {
|
|||
const response = await fetch(baseUrl, {
|
||||
method: 'PUT',
|
||||
body: JSON.stringify(body),
|
||||
headers: maybeWithBasicAuth(headers, user)
|
||||
headers: maybeWithAuth(headers, user)
|
||||
});
|
||||
if (response.status < 200 || response.status > 299) {
|
||||
throw new Error(`Unexpected response: ${response.status}`);
|
||||
|
@ -111,7 +111,7 @@ class Api {
|
|||
const url = topicUrlAuth(baseUrl, topic);
|
||||
console.log(`[Api] Checking auth for ${url}`);
|
||||
const response = await fetch(url, {
|
||||
headers: maybeWithBasicAuth({}, user)
|
||||
headers: maybeWithAuth({}, user)
|
||||
});
|
||||
if (response.status >= 200 && response.status <= 299) {
|
||||
return true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import {basicAuth, encodeBase64Url, topicShortUrl, topicUrlWs} from "./utils";
|
||||
import {basicAuth, bearerAuth, encodeBase64Url, topicShortUrl, topicUrlWs} from "./utils";
|
||||
|
||||
const retryBackoffSeconds = [5, 10, 15, 20, 30];
|
||||
|
||||
|
@ -96,12 +96,18 @@ class Connection {
|
|||
params.push(`since=${this.since}`);
|
||||
}
|
||||
if (this.user) {
|
||||
const auth = encodeBase64Url(basicAuth(this.user.username, this.user.password));
|
||||
params.push(`auth=${auth}`);
|
||||
params.push(`auth=${this.authParam()}`);
|
||||
}
|
||||
const wsUrl = topicUrlWs(this.baseUrl, this.topic);
|
||||
return (params.length === 0) ? wsUrl : `${wsUrl}?${params.join('&')}`;
|
||||
}
|
||||
|
||||
authParam() {
|
||||
if (this.user.password) {
|
||||
return encodeBase64Url(basicAuth(this.user.username, this.user.password));
|
||||
}
|
||||
return encodeBase64Url(bearerAuth(this.user.token));
|
||||
}
|
||||
}
|
||||
|
||||
export class ConnectionState {
|
||||
|
|
|
@ -109,7 +109,7 @@ class ConnectionManager {
|
|||
|
||||
const makeConnectionId = async (subscription, user) => {
|
||||
return (user)
|
||||
? hashCode(`${subscription.id}|${user.username}|${user.password}`)
|
||||
? hashCode(`${subscription.id}|${user.username}|${user.password ?? ""}|${user.token ?? ""}`)
|
||||
: hashCode(`${subscription.id}`);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,21 +1,46 @@
|
|||
import db from "./db";
|
||||
import session from "./Session";
|
||||
|
||||
class UserManager {
|
||||
async all() {
|
||||
return db.users.toArray();
|
||||
const users = await db.users.toArray();
|
||||
if (session.exists()) {
|
||||
users.unshift(this.localUser());
|
||||
}
|
||||
return users;
|
||||
}
|
||||
|
||||
async get(baseUrl) {
|
||||
if (session.exists() && baseUrl === config.baseUrl) {
|
||||
return this.localUser();
|
||||
}
|
||||
return db.users.get(baseUrl);
|
||||
}
|
||||
|
||||
async save(user) {
|
||||
if (user.baseUrl === config.baseUrl) {
|
||||
return;
|
||||
}
|
||||
await db.users.put(user);
|
||||
}
|
||||
|
||||
async delete(baseUrl) {
|
||||
if (session.exists() && baseUrl === config.baseUrl) {
|
||||
return;
|
||||
}
|
||||
await db.users.delete(baseUrl);
|
||||
}
|
||||
|
||||
localUser() {
|
||||
if (!session.exists()) {
|
||||
return null;
|
||||
}
|
||||
return {
|
||||
baseUrl: config.baseUrl,
|
||||
username: session.username(),
|
||||
token: session.token() // Not "password"!
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
const userManager = new UserManager();
|
||||
|
|
|
@ -99,17 +99,17 @@ export const unmatchedTags = (tags) => {
|
|||
else return tags.filter(tag => !(tag in emojis));
|
||||
}
|
||||
|
||||
export const maybeWithBasicAuth = (headers, user) => {
|
||||
if (user) {
|
||||
headers['Authorization'] = `Basic ${encodeBase64(`${user.username}:${user.password}`)}`;
|
||||
export const maybeWithAuth = (headers, user) => {
|
||||
if (user && user.password) {
|
||||
return withBasicAuth(headers, user.username, user.password);
|
||||
} else if (user && user.token) {
|
||||
return withBearerAuth(headers, user.token);
|
||||
}
|
||||
return headers;
|
||||
}
|
||||
|
||||
export const maybeWithBearerAuth = (headers, token) => {
|
||||
if (token) {
|
||||
headers['Authorization'] = `Bearer ${token}`;
|
||||
}
|
||||
export const withBasicAuth = (headers, username, password) => {
|
||||
headers['Authorization'] = basicAuth(username, password);
|
||||
return headers;
|
||||
}
|
||||
|
||||
|
@ -117,6 +117,15 @@ export const basicAuth = (username, password) => {
|
|||
return `Basic ${encodeBase64(`${username}:${password}`)}`;
|
||||
}
|
||||
|
||||
export const withBearerAuth = (headers, token) => {
|
||||
headers['Authorization'] = bearerAuth(token);
|
||||
return headers;
|
||||
}
|
||||
|
||||
export const bearerAuth = (token) => {
|
||||
return `Bearer ${token}`;
|
||||
}
|
||||
|
||||
export const encodeBase64 = (s) => {
|
||||
return Base64.encode(s);
|
||||
}
|
||||
|
|
|
@ -88,7 +88,7 @@ const Stats = () => {
|
|||
</div>
|
||||
<LinearProgress variant="determinate" value={account.limits.emails > 0 ? normalize(account.stats.emails, account.limits.emails) : 100} />
|
||||
</Pref>
|
||||
<Pref labelId={"attachments"} title={t("Attachment storage")} subtitle={t("5 MB per file")}>
|
||||
<Pref labelId={"attachments"} title={t("Attachment storage")} subtitle={t("{{filesize}} per file", { filesize: formatBytes(account.limits.attachment_file_size) })}>
|
||||
<div>
|
||||
<Typography variant="body2" sx={{float: "left"}}>{formatBytes(account.stats.attachment_total_size)}</Typography>
|
||||
<Typography variant="body2" sx={{float: "right"}}>{account.limits.attachment_total_size > 0 ? t("of {{limit}}", { limit: formatBytes(account.limits.attachment_total_size) }) : t("Unlimited")}</Typography>
|
||||
|
@ -153,8 +153,7 @@ const ChangePassword = () => {
|
|||
} catch (e) {
|
||||
console.log(`[Account] Error changing password`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
// TODO show error
|
||||
}
|
||||
|
@ -238,13 +237,11 @@ const DeleteAccount = () => {
|
|||
setDialogOpen(false);
|
||||
console.debug(`[Account] Account deleted`);
|
||||
// TODO delete local storage
|
||||
session.reset();
|
||||
window.location.href = routes.app;
|
||||
session.resetAndRedirect(routes.app);
|
||||
} catch (e) {
|
||||
console.log(`[Account] Error deleting account`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
// TODO show error
|
||||
}
|
||||
|
|
|
@ -124,8 +124,7 @@ const SettingsIcons = (props) => {
|
|||
} catch (e) {
|
||||
console.log(`[ActionBar] Error unsubscribing`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -272,8 +271,7 @@ const ProfileIcon = (props) => {
|
|||
try {
|
||||
await accountApi.logout();
|
||||
} finally {
|
||||
session.reset();
|
||||
window.location.href = routes.app;
|
||||
session.resetAndRedirect(routes.app);
|
||||
}
|
||||
};
|
||||
return (
|
||||
|
|
|
@ -123,8 +123,7 @@ const Layout = () => {
|
|||
} catch (e) {
|
||||
console.log(`[App] Error fetching account`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
}
|
||||
})();
|
||||
|
|
|
@ -270,6 +270,7 @@ const Users = () => {
|
|||
</Typography>
|
||||
<Paragraph>
|
||||
{t("prefs_users_description")}
|
||||
{session.exists() && <>{" " + t("prefs_users_description_no_sync")}</>}
|
||||
</Paragraph>
|
||||
{users?.length > 0 && <UserTable users={users}/>}
|
||||
</CardContent>
|
||||
|
@ -319,7 +320,6 @@ const UserTable = (props) => {
|
|||
}
|
||||
};
|
||||
return (
|
||||
<div>
|
||||
<Table size="small" aria-label={t("prefs_users_table")}>
|
||||
<TableHead>
|
||||
<TableRow>
|
||||
|
@ -338,6 +338,8 @@ const UserTable = (props) => {
|
|||
aria-label={t("prefs_users_table_user_header")}>{user.username}</TableCell>
|
||||
<TableCell aria-label={t("prefs_users_table_base_url_header")}>{user.baseUrl}</TableCell>
|
||||
<TableCell align="right">
|
||||
{user.baseUrl !== config.baseUrl &&
|
||||
<>
|
||||
<IconButton onClick={() => handleEditClick(user)}
|
||||
aria-label={t("prefs_users_edit_button")}>
|
||||
<EditIcon/>
|
||||
|
@ -346,6 +348,8 @@ const UserTable = (props) => {
|
|||
aria-label={t("prefs_users_delete_button")}>
|
||||
<CloseIcon/>
|
||||
</IconButton>
|
||||
</>
|
||||
}
|
||||
</TableCell>
|
||||
</TableRow>
|
||||
))}
|
||||
|
@ -359,12 +363,6 @@ const UserTable = (props) => {
|
|||
onSubmit={handleDialogSubmit}
|
||||
/>
|
||||
</Table>
|
||||
{session.exists() &&
|
||||
<Typography>
|
||||
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
||||
</Typography>
|
||||
}
|
||||
</div>
|
||||
);
|
||||
};
|
||||
|
||||
|
|
|
@ -17,7 +17,15 @@ import IconButton from "@mui/material/IconButton";
|
|||
import InsertEmoticonIcon from '@mui/icons-material/InsertEmoticon';
|
||||
import {Close} from "@mui/icons-material";
|
||||
import MenuItem from "@mui/material/MenuItem";
|
||||
import {formatBytes, maybeWithBasicAuth, topicShortUrl, topicUrl, validTopic, validUrl} from "../app/utils";
|
||||
import {
|
||||
formatBytes,
|
||||
maybeWithAuth,
|
||||
withBasicAuth,
|
||||
topicShortUrl,
|
||||
topicUrl,
|
||||
validTopic,
|
||||
validUrl
|
||||
} from "../app/utils";
|
||||
import Box from "@mui/material/Box";
|
||||
import AttachmentIcon from "./AttachmentIcon";
|
||||
import DialogFooter from "./DialogFooter";
|
||||
|
@ -132,7 +140,7 @@ const PublishDialog = (props) => {
|
|||
const body = (attachFile) ? attachFile : message;
|
||||
try {
|
||||
const user = await userManager.get(baseUrl);
|
||||
const headers = maybeWithBasicAuth({}, user);
|
||||
const headers = maybeWithAuth({}, user);
|
||||
const progressFn = (ev) => {
|
||||
if (ev.loaded > 0 && ev.total > 0) {
|
||||
setStatus(t("publish_dialog_progress_uploading_detail", {
|
||||
|
@ -180,8 +188,7 @@ const PublishDialog = (props) => {
|
|||
} catch (e) {
|
||||
console.log(`[PublishDialog] Retrieving attachment limits failed`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
} else {
|
||||
setAttachFileError(""); // Reset error (rely on server-side checking)
|
||||
}
|
||||
|
|
|
@ -40,8 +40,7 @@ const SubscribeDialog = (props) => {
|
|||
} catch (e) {
|
||||
console.log(`[SubscribeDialog] Subscribing to topic ${topic} failed`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -74,8 +74,7 @@ export const useAutoSubscribe = (subscriptions, selected) => {
|
|||
} catch (e) {
|
||||
console.log(`[App] Auto-subscribing failed`, e);
|
||||
if ((e instanceof UnauthorizedError)) {
|
||||
session.reset();
|
||||
window.location.href = routes.login;
|
||||
session.resetAndRedirect(routes.login);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue