Mercurial > gemma
annotate client/src/stores/user.js @ 484:2ac37419f593
Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Fri, 24 Aug 2018 11:36:11 +0200 |
| parents | 516f0f84fe39 |
| children | 04a6bea229e4 |
| rev | line source |
|---|---|
| 6 | 1 import { HTTP } from "../lib/http"; |
| 2 | |
| 3 | 3 const User = { |
| 4 namespaced: true, | |
| 5 state: { | |
|
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
6 authenticated: false, |
|
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
7 expires: null, |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
8 roles: [], |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
9 user: "" |
| 3 | 10 }, |
| 11 getters: { | |
|
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
12 isAuthenticated: state => { |
| 3 | 13 return state.authenticated; |
|
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
14 }, |
|
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
15 userinfo: state => { |
|
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
16 return state.user; |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
17 }, |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
18 roles: state => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
19 return state.roles; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
20 }, |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
21 expires: state => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
22 return state.expires; |
|
278
9c1dfadb53aa
feat: usermanagement - route established and secured
Thomas Junk <thomas.junk@intevation.de>
parents:
249
diff
changeset
|
23 }, |
|
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
24 isWaterwayAdmin: state => { |
|
278
9c1dfadb53aa
feat: usermanagement - route established and secured
Thomas Junk <thomas.junk@intevation.de>
parents:
249
diff
changeset
|
25 return state.roles.includes("waterway_admin"); |
|
284
96860b2bbc0d
fix: User management only for sysadmin
Thomas Junk <thomas.junk@intevation.de>
parents:
278
diff
changeset
|
26 }, |
|
285
8e22d1f16f81
refactor: better variable naming
Thomas Junk <thomas.junk@intevation.de>
parents:
284
diff
changeset
|
27 isSysAdmin: state => { |
|
284
96860b2bbc0d
fix: User management only for sysadmin
Thomas Junk <thomas.junk@intevation.de>
parents:
278
diff
changeset
|
28 return state.roles.includes("sys_admin"); |
| 3 | 29 } |
| 30 }, | |
| 31 mutations: { | |
|
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
32 auth_success: (state, data) => { |
|
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
33 const { token, user, expires, roles } = data; |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
34 localStorage.setItem("expires", expires); |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
35 localStorage.setItem("roles", roles); |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
36 localStorage.setItem("token", token); |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
37 localStorage.setItem("user", user); |
|
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
38 state.expires = expires; |
|
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
39 state.roles = roles; |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
40 state.user = user; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
41 state.authenticated = true; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
42 }, |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
43 clear_auth: state => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
44 state.authenticated = false; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
45 state.expires = null; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
46 state.roles = []; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
47 state.user = ""; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
48 localStorage.clear(); |
| 6 | 49 }, |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
50 set_user: (state, name) => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
51 state.user = name; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
52 }, |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
53 set_roles: (state, roles) => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
54 state.roles = roles; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
55 }, |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
56 set_expires: (state, expires) => { |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
57 state.expires = expires; |
|
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
58 }, |
|
162
9908260d1e6a
Refactor: Login expiry refactored to lib
Thomas Junk <thomas.junk@intevation.de>
parents:
160
diff
changeset
|
59 set_authenticate: state => { |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
60 state.authenticated = true; |
| 3 | 61 } |
| 62 }, | |
| 63 actions: { | |
| 6 | 64 login({ commit }, user) { |
|
454
516f0f84fe39
client: change login method from GET to POST
Bernhard Reiter <bernhard@intevation.de>
parents:
285
diff
changeset
|
65 // using POST is a bit more secure than GET |
| 6 | 66 return new Promise((resolve, reject) => { |
|
454
516f0f84fe39
client: change login method from GET to POST
Bernhard Reiter <bernhard@intevation.de>
parents:
285
diff
changeset
|
67 // axios will add the application/x-www-form-urlencoded header this way |
|
484
2ac37419f593
Implemented wamos/issue114 (Improve code consistency: For login use json body, disallow GET).
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
454
diff
changeset
|
68 HTTP.post("/login", user) |
| 6 | 69 .then(response => { |
|
158
992e17912405
feat: Improve login against real db
Thomas Junk <thomas.junk@intevation.de>
parents:
13
diff
changeset
|
70 commit("auth_success", response.data); |
| 6 | 71 resolve(response); |
| 72 }) | |
| 73 .catch(error => { | |
|
160
061209505028
feat: Login and logout with session restoration implemented
Thomas Junk <thomas.junk@intevation.de>
parents:
158
diff
changeset
|
74 commit("clear_auth"); |
| 6 | 75 reject(error); |
| 76 }); | |
| 77 }); | |
| 3 | 78 } |
| 79 } | |
| 80 }; | |
| 81 | |
| 82 export default User; |