Merge pull request '#6930 - Use ScopedToken when share Multimedia files' (!202) from 6930_scopedToken_Multimedia into dev

Reviewed-on: #202 Reviewed-by: Alex Moreno <alexm@verdnatura.es>
2024-03-15 09:08:20 +00:00 · 2024-03-15 09:08:20 +00:00 · 26e54923de
parent 278ebbe070 efb3ae6e2a
commit 26e54923de
21 changed files with 93 additions and 48 deletions
--- a/src/boot/axios.js
+++ b/src/boot/axios.js
@ -11,7 +11,7 @@ axios.defaults.baseURL = '/api/';

 const onRequest = (config) => {
    const token = session.getToken();
-    if (token.length && config.headers) {
+    if (token.length && !config.headers.Authorization) {
        config.headers.Authorization = token;
    }

--- a/src/components/NavBar.vue
+++ b/src/components/NavBar.vue
@ -10,12 +10,12 @@ import UserPanel from 'components/UserPanel.vue';
 import VnBreadcrumbs from './common/VnBreadcrumbs.vue';

 const { t } = useI18n();
-const session = useSession();
 const stateStore = useStateStore();
 const quasar = useQuasar();
 const state = useState();
 const user = state.getUser();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();
 const appName = 'Lilium';

 onMounted(() => stateStore.setMounted());
--- a/src/components/UserPanel.vue
+++ b/src/components/UserPanel.vue
@ -44,7 +44,7 @@ const darkMode = computed({
 });

 const user = state.getUser();
-const token = session.getToken();
+const token = session.getTokenMultimedia();

 onMounted(async () => {
    updatePreferences();
--- a/src/components/ui/VnAvatar.vue
+++ b/src/components/ui/VnAvatar.vue
@ -10,8 +10,8 @@ const $props = defineProps({
    size: { type: String, default: null },
    title: { type: String, default: null },
 });
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();
 const { t } = useI18n();

 const title = computed(() => $props.title ?? t('globals.system'));
--- a/src/composables/downloadFile.js
+++ b/src/composables/downloadFile.js
@ -1,8 +1,8 @@
 import { useSession } from 'src/composables/useSession';
 import { getUrl } from './getUrl';

-const session = useSession();
-const token = session.getToken();
+const {getTokenMultimedia} = useSession();
+const token =  getTokenMultimedia();

 export async function downloadFile(dmsId) {
    let appUrl = await getUrl('', 'lilium');
--- a/src/composables/useSession.js
+++ b/src/composables/useSession.js
@ -1,6 +1,7 @@
 import { useState } from './useState';
 import { useRole } from './useRole';
 import { useUserConfig } from './useUserConfig';
+import axios from 'axios';


 export function useSession() {
@ -10,21 +11,54 @@ export function useSession() {

        return localToken || sessionToken || '';
    }
+    function getTokenMultimedia() {
+        const localTokenMultimedia = localStorage.getItem('tokenMultimedia');
+        const sessionTokenMultimedia = sessionStorage.getItem('tokenMultimedia');
+
+        return localTokenMultimedia || sessionTokenMultimedia || '';
+    }

    function setToken(data) {
        if (data.keepLogin) {
            localStorage.setItem('token', data.token);
+            localStorage.setItem('tokenMultimedia', data.tokenMultimedia);
        } else {
            sessionStorage.setItem('token', data.token);
+            sessionStorage.setItem('tokenMultimedia', data.tokenMultimedia);
        }
    }

-    function destroy() {
-        if (localStorage.getItem('token'))
+    async function destroy() {
+          if (localStorage.getItem('tokenMultimedia')){
+            await axios.post('VnUsers/logoutMultimedia',  null, {
+                headers: {Authorization: localStorage.getItem('tokenMultimedia') }
+            });
+            localStorage.removeItem('tokenMultimedia')
+
+        }
+        if (localStorage.getItem('token')){
+            await axios.post('VnUsers/logout',  null, {
+                headers: {Authorization: localStorage.getItem('token') }
+            });
            localStorage.removeItem('token')
+        }
+
+
+         if (sessionStorage.getItem('tokenMultimedia')){
+            await axios.post('VnUsers/logoutMultimedia',  null, {
+                headers: {Authorization: sessionStorage.getItem('tokenMultimedia') }
+            });
+            sessionStorage.removeItem('tokenMultimedia')
+
+        }
+        if (sessionStorage.getItem('token')){
+            await axios.post('VnUsers/logout',  null, {
+                headers: {Authorization: sessionStorage.getItem('token') }
+            });
+            sessionStorage.removeItem('token')
+        }
+

-        if (sessionStorage.getItem('token'))
-            sessionStorage.removeItem('token');

        const { setUser } = useState();

@ -37,8 +71,8 @@ export function useSession() {
        });
    }

-    async function login(token, keepLogin) {
-        setToken({ token, keepLogin });
+    async function login(token, tokenMultimedia, keepLogin) {
+        setToken({ token, tokenMultimedia, keepLogin });

        await useRole().fetch();
        await useUserConfig().fetch();
@ -53,6 +87,7 @@ export function useSession() {

    return {
        getToken,
+        getTokenMultimedia,
        setToken,
        destroy,
        login,
--- a/src/pages/Claim/Card/ClaimBasicData.vue
+++ b/src/pages/Claim/Card/ClaimBasicData.vue
@ -13,8 +13,8 @@ import { useSession } from 'src/composables/useSession';

 const route = useRoute();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();

 const claimFilter = {
    fields: [
--- a/src/pages/Claim/Card/ClaimPhoto.vue
+++ b/src/pages/Claim/Card/ClaimPhoto.vue
@ -11,8 +11,8 @@ import FetchData from 'components/FetchData.vue';
 const router = useRouter();
 const quasar = useQuasar();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();

 const claimId = computed(() => router.currentRoute.value.params.id);

--- a/src/pages/Claim/Card/ClaimSummary.vue
+++ b/src/pages/Claim/Card/ClaimSummary.vue
@ -14,8 +14,8 @@ import ItemDescriptorProxy from 'src/pages/Item/Card/ItemDescriptorProxy.vue';

 const route = useRoute();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();

 const $props = defineProps({
    id: {
--- a/src/pages/Customer/Card/CustomerBasicData.vue
+++ b/src/pages/Customer/Card/CustomerBasicData.vue
@ -11,8 +11,8 @@ import VnInput from 'src/components/common/VnInput.vue';

 const route = useRoute();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();

 const workers = ref([]);
 const workersCopy = ref([]);
--- a/src/pages/Entry/EntryLatestBuys.vue
+++ b/src/pages/Entry/EntryLatestBuys.vue
@ -20,8 +20,8 @@ import { dashIfEmpty } from 'src/filters';
 import { useArrayData } from 'composables/useArrayData';

 const router = useRouter();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();
 const stateStore = useStateStore();
 const { t } = useI18n();

--- a/src/pages/Item/Card/ItemDescriptor.vue
+++ b/src/pages/Item/Card/ItemDescriptor.vue
@ -41,7 +41,7 @@ const quasar = useQuasar();
 const route = useRoute();
 const router = useRouter();
 const { t } = useI18n();
-const { getToken } = useSession();
+const { getTokenMultimedia } = useSession();
 const state = useState();
 const user = state.getUser();

@ -79,7 +79,7 @@ onMounted(async () => {
 });

 const getItemAvatar = async () => {
-    const token = getToken();
+    const token = getTokenMultimedia();
    const timeStamp = `timestamp=${Date.now()}`;
    image.value = `/api/Images/catalog/200x200/${entityId.value}/download?access_token=${token}&${timeStamp}`;
 };
--- a/src/pages/Login/LoginMain.vue
+++ b/src/pages/Login/LoginMain.vue
@ -30,8 +30,15 @@ async function onSubmit() {
        const { data } = await axios.post('Accounts/login', params);

        if (!data) return;
+        const {
+            data: { multimediaToken },
+        } = await axios.get('VnUsers/ShareToken', {
+            headers: { Authorization: data.token },
+        });

-        await session.login(data.token, keepLogin.value);
+        if (!multimediaToken) return;
+
+        await session.login(data.token, multimediaToken.id, keepLogin.value);

        quasar.notify({
            message: t('login.loginSuccess'),
--- a/src/pages/Order/Card/OrderCatalogItem.vue
+++ b/src/pages/Order/Card/OrderCatalogItem.vue
@ -11,8 +11,8 @@ import toCurrency from '../../../filters/toCurrency';

 const DEFAULT_PRICE_KG = 0;

-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();
 const { t } = useI18n();

 defineProps({
--- a/src/pages/Order/OrderLines.vue
+++ b/src/pages/Order/OrderLines.vue
@ -17,9 +17,9 @@ import axios from 'axios';

 const route = useRoute();
 const { t } = useI18n();
-const session = useSession();
+const { getTokenMultimedia } = useSession();
 const quasar = useQuasar();
-const token = session.getToken();
+const token = getTokenMultimedia();
 const orderSummary = ref({
    total: null,
    vat: null,
--- a/src/pages/Route/Cmr/CmrList.vue
+++ b/src/pages/Route/Cmr/CmrList.vue
@ -12,8 +12,8 @@ import CustomerDescriptorProxy from 'pages/Customer/Card/CustomerDescriptorProxy

 const stateStore = useStateStore();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();
 const selected = ref([]);

 const columns = computed(() => [
--- a/src/pages/Route/RouteList.vue
+++ b/src/pages/Route/RouteList.vue
@ -133,10 +133,10 @@ const showRouteReport = () => {
    let url;

    if (selectedRows.value.length <= 1) {
-        url = `api/Routes/${idString}/driver-route-pdf?access_token=${session.getToken()}`;
+        url = `api/Routes/${idString}/driver-route-pdf?access_token=${session.getTokenMultimedia()}`;
    } else {
        const params = new URLSearchParams({
-            access_token: session.getToken(),
+            access_token: session.getTokenMultimedia(),
            id: idString,
        });
        url = `api/Routes/downloadZip?${params.toString()}`;
--- a/src/pages/Wagon/WagonCounter.vue
+++ b/src/pages/Wagon/WagonCounter.vue
@ -7,8 +7,8 @@ import VnConfirm from 'components/ui/VnConfirm.vue';

 const quasar = useQuasar();
 const { t } = useI18n();
-const session = useSession();
-const token = session.getToken();
+const { getTokenMultimedia } = useSession();
+const token = getTokenMultimedia();

 const counters = ref({
    alquilerBandeja: { count: 0, id: 96001, title: 'CC Bandeja', isTray: true },
--- a/src/pages/Worker/Card/WorkerDescriptor.vue
+++ b/src/pages/Worker/Card/WorkerDescriptor.vue
@ -22,7 +22,7 @@ const $props = defineProps({

 const route = useRoute();
 const { t } = useI18n();
-const { getToken } = useSession();
+const { getTokenMultimedia } = useSession();

 const entityId = computed(() => {
    return $props.id || route.params.id;
@ -56,7 +56,7 @@ const filter = {
 const sip = computed(() => worker.value?.sip && worker.value.sip.extension);

 function getWorkerAvatar() {
-    const token = getToken();
+    const token = getTokenMultimedia();
    return `/api/Images/user/160x160/${entityId.value}/download?access_token=${token}`;
 }
 const data = ref(useCardDescription());
--- a/test/vitest/tests/composables/useSession.spec.js
+++ b/test/vitest/tests/composables/useSession.spec.js
@ -54,7 +54,8 @@ describe('session', () => {
            expect(localStorage.getItem('token')).toEqual('tokenToBeGone');
            expect(user.value).toEqual(previousUser);

-            session.destroy();
+            vi.spyOn(axios, 'post').mockResolvedValue({ data: true });
+            await session.destroy();

            user = state.getUser();
            expect(localStorage.getItem('token')).toBeNull();
@ -92,9 +93,10 @@ describe('session', () => {
            });

            const expectedToken = 'mySessionToken';
+            const expectedTokenMultimedia = 'mySessionTokenMultimedia';
            const keepLogin = false;

-            await session.login(expectedToken, keepLogin);
+            await session.login(expectedToken,expectedTokenMultimedia, keepLogin);

            const roles = state.getRoles();
            const localToken = localStorage.getItem('token');
@ -104,7 +106,7 @@ describe('session', () => {
            expect(localToken).toBeNull();
            expect(sessionToken).toEqual(expectedToken);

-            session.destroy(); // this clears token and user for any other test
+           await session.destroy(); // this clears token and user for any other test
        });

        it('should fetch the user roles and then set token in the localStorage', async () => {
@ -114,9 +116,10 @@ describe('session', () => {
            });

            const expectedToken = 'myLocalToken';
+            const expectedTokenMultimedia = 'myLocalTokenMultimedia';
            const keepLogin = true;

-            await session.login(expectedToken, keepLogin);
+            await session.login(expectedToken, expectedTokenMultimedia, keepLogin);

            const roles = state.getRoles();
            const localToken = localStorage.getItem('token');
@ -126,7 +129,7 @@ describe('session', () => {
            expect(localToken).toEqual(expectedToken);
            expect(sessionToken).toBeNull();

-            session.destroy(); // this clears token and user for any other test
+            await session.destroy(); // this clears token and user for any other test
        });
    });
 });
--- a/test/vitest/tests/pages/Login/Login.spec.js
+++ b/test/vitest/tests/pages/Login/Login.spec.js
@ -22,9 +22,9 @@ describe('Login', () => {
                darkMode: false,
            },
        };
-        vi.spyOn(axios, 'post').mockResolvedValue({ data: { token: 'token' } });
+        vi.spyOn(axios, 'post').mockResolvedValueOnce({ data: { token: 'token' } });
        vi.spyOn(axios, 'get').mockResolvedValue({
-            data: { roles: [], user: expectedUser },
+            data: { roles: [], user: expectedUser , multimediaToken: {id:'multimediaToken' }},
        });
        vi.spyOn(vm.quasar, 'notify');

@ -36,7 +36,7 @@ describe('Login', () => {
        expect(vm.quasar.notify).toHaveBeenCalledWith(
            expect.objectContaining({ type: 'positive' })
        );
-        vm.session.destroy();
+        await vm.session.destroy();
    });

    it('should not set the token into session if any error occurred', async () => {