Mercurial > gemma
annotate client/src/stores/user.js @ 484:2ac37419f593
Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Fri, 24 Aug 2018 11:36:11 +0200 |
parents | 516f0f84fe39 |
children | 04a6bea229e4 |
rev | line source |
---|---|
6 | 1 import { HTTP } from "../lib/http"; |
2 | |
3 | 3 const User = { |
4 namespaced: true, | |
5 state: { | |
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
6 authenticated: false, |
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
7 expires: null, |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
8 roles: [], |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
9 user: "" |
3 | 10 }, |
11 getters: { | |
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
12 isAuthenticated: state => { |
3 | 13 return state.authenticated; |
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
14 }, |
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
15 userinfo: state => { |
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
16 return state.user; |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
17 }, |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
18 roles: state => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
19 return state.roles; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
20 }, |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
21 expires: state => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
22 return state.expires; |
278
9c1dfadb53aa
feat: usermanagement - route established and secured
Thomas Junk <thomas.junk@intevation.de>
parents:
249
diff
changeset
|
23 }, |
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
24 isWaterwayAdmin: state => { |
278
9c1dfadb53aa
feat: usermanagement - route established and secured
Thomas Junk <thomas.junk@intevation.de>
parents:
249
diff
changeset
|
25 return state.roles.includes("waterway_admin"); |
284
96860b2bbc0d
fix: User management only for sysadmin
Thomas Junk <thomas.junk@intevation.de>
parents:
278
diff
changeset
|
26 }, |
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
27 isSysAdmin: state => { |
284
96860b2bbc0d
fix: User management only for sysadmin
Thomas Junk <thomas.junk@intevation.de>
parents:
278
diff
changeset
|
28 return state.roles.includes("sys_admin"); |
3 | 29 } |
30 }, | |
31 mutations: { | |
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
32 auth_success: (state, data) => { |
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
33 const { token, user, expires, roles } = data; |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
34 localStorage.setItem("expires", expires); |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
35 localStorage.setItem("roles", roles); |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
36 localStorage.setItem("token", token); |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
37 localStorage.setItem("user", user); |
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
38 state.expires = expires; |
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
39 state.roles = roles; |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
40 state.user = user; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
41 state.authenticated = true; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
42 }, |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
43 clear_auth: state => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
44 state.authenticated = false; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
45 state.expires = null; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
46 state.roles = []; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
47 state.user = ""; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
48 localStorage.clear(); |
6 | 49 }, |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
50 set_user: (state, name) => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
51 state.user = name; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
52 }, |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
53 set_roles: (state, roles) => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
54 state.roles = roles; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
55 }, |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
56 set_expires: (state, expires) => { |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
57 state.expires = expires; |
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
58 }, |
162
9908260d1e6a
Refactor: Login expiry refactored to lib
Thomas Junk <thomas.junk@intevation.de>
parents:
160
diff
changeset
|
59 set_authenticate: state => { |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
60 state.authenticated = true; |
3 | 61 } |
62 }, | |
63 actions: { | |
6 | 64 login({ commit }, user) { |
454
516f0f84fe39
client: change login method from GET to POST
Bernhard Reiter <bernhard@intevation.de>
parents:
285
diff
changeset
|
65 // using POST is a bit more secure than GET |
6 | 66 return new Promise((resolve, reject) => { |
454
516f0f84fe39
client: change login method from GET to POST
Bernhard Reiter <bernhard@intevation.de>
parents:
285
diff
changeset
|
67 // axios will add the application/x-www-form-urlencoded header this way |
484
2ac37419f593
Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
454
diff
changeset
|
68 HTTP.post("/login", user) |
6 | 69 .then(response => { |
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
70 commit("auth_success", response.data); |
6 | 71 resolve(response); |
72 }) | |
73 .catch(error => { | |
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
74 commit("clear_auth"); |
6 | 75 reject(error); |
76 }); | |
77 }); | |
3 | 78 } |
79 } | |
80 }; | |
81 | |
82 export default User; |