Merge pull request '#7272 - BUG Redirect To Login when ACL not exists' (!2371) from 7272_bug_redirectToLogin into dev

Reviewed-on: #2371 Reviewed-by: Javi Gallego <jgallego@verdnatura.es> Reviewed-by: Alex Moreno <alexm@verdnatura.es>
2024-05-27 06:56:19 +00:00 · 2024-05-27 06:56:19 +00:00 · 50ef375c6b
parent 8e4e3ae8b8 693356f4cb
commit 50ef375c6b
7 changed files with 78 additions and 26 deletions
--- a/back/methods/vn-user/renew-token.js
+++ b/back/methods/vn-user/renew-token.js
@ -18,15 +18,10 @@ module.exports = Self => {
    Self.renewToken = async function(ctx) {
        const {accessToken: token} = ctx.req;

-        // Check if current token is valid
-
-        const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
-            fields: ['renewPeriod', 'courtesyTime']
+        const {courtesyTime} = await models.AccessTokenConfig.findOne({
+            fields: ['courtesyTime']
        });
-        const now = Date.now();
-        const differenceMilliseconds = now - token.created;
-        const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
-        const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
+        const isNotExceeded = await Self.validateToken(ctx);
        if (isNotExceeded)
            return token;

--- a/back/methods/vn-user/validate-token.js
+++ b/back/methods/vn-user/validate-token.js
@ -0,0 +1,30 @@
+const {models} = require('vn-loopback/server/server');
+module.exports = Self => {
+    Self.remoteMethodCtx('validateToken', {
+        description: 'Validates the current logged user token',
+        accepts: [],
+        accessType: 'READ',
+        returns: {
+            type: 'Boolean',
+            root: true
+        },
+        http: {
+            path: `/validateToken`,
+            verb: 'GET'
+        }
+    });
+
+    Self.validateToken = async function(ctx) {
+        const {accessToken: token} = ctx.req;
+
+        // Check if current token is valid
+        const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
+            fields: ['renewPeriod', 'courtesyTime']
+        });
+        const now = Date.now();
+        const differenceMilliseconds = now - token.created;
+        const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
+        const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
+        return isNotExceeded;
+    };
+};
--- a/back/models/vn-user.js
+++ b/back/models/vn-user.js
@ -15,6 +15,7 @@ module.exports = function(Self) {
    require('../methods/vn-user/renew-token')(Self);
    require('../methods/vn-user/share-token')(Self);
    require('../methods/vn-user/update-user')(Self);
+    require('../methods/vn-user/validate-token')(Self);

    Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');

--- a/back/models/vn-user.json
+++ b/back/models/vn-user.json
@ -113,6 +113,13 @@
            "principalId": "$everyone",
            "permission": "ALLOW"
        },
+        {
+            "property": "validateToken",
+			"accessType": "EXECUTE",
+			"principalType": "ROLE",
+			"principalId": "$authenticated",
+			"permission": "ALLOW"
+		},
        {
            "property": "privileges",
            "accessType": "*",
--- a/front/core/locale/es.yml
+++ b/front/core/locale/es.yml
@ -69,3 +69,4 @@ Send cau: Enviar cau
 By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc
 ExplainReason: Explique el motivo por el que no deberia aparecer este fallo
 You already have the mailAlias: Ya tienes este alias de correo
+Error loading ACLs: Error al cargar los ACLs
--- a/front/core/services/auth.js
+++ b/front/core/services/auth.js
@ -7,16 +7,17 @@ import UserError from 'core/lib/user-error';
 * @property {Boolean} loggedIn Whether the user is currently logged
 */
 export default class Auth {
-    constructor($http, $q, $state, $transitions, $window, vnToken, vnModules, aclService) {
+    constructor($http, $q, vnApp, $translate, $state, $transitions, $window, vnToken, vnModules) {
        Object.assign(this, {
            $http,
            $q,
+            vnApp,
+            $translate,
            $state,
            $transitions,
            $window,
            vnToken,
            vnModules,
-            aclService,
            loggedIn: false
        });
    }
@ -39,9 +40,26 @@ export default class Auth {
            };

            if (this.vnToken.token) {
-                return this.loadAcls()
+                const loadWithRetry = () => {
+                    return this.validateToken()
                        .then(() => true)
-                    .catch(redirectToLogin);
+                        .catch(err => {
+                            switch (err.status) {
+                            case 400:
+                            case 401:
+                                return redirectToLogin();
+                            default:
+                                return new Promise(resolve => {
+                                    setTimeout(() => {
+                                        this.vnApp.showMessage(this.$translate.instant('Loading...'));
+
+                                        resolve(loadWithRetry());
+                                    }, 2000);
+                                });
+                            }
+                        });
+                };
+                return loadWithRetry();
            } else
                return redirectToLogin();
        });
@ -87,13 +105,11 @@ export default class Auth {
            headers: {Authorization: json.data.token}
        }).then(({data}) => {
            this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember);
-            this.loadAcls().then(() => {
            let continueHash = this.$state.params.continue;
            if (continueHash)
                this.$window.location = continueHash;
            else
                this.$state.go('home');
-            });
        }).catch(() => {});
    }

@ -107,24 +123,25 @@ export default class Auth {
        this.vnToken.unset();
        this.loggedIn = false;
        this.vnModules.reset();
-        this.aclService.reset();
+        this.vnModules.aclService.reset();
        this.$state.go('login');

        return promise;
    }

-    loadAcls() {
-        return this.aclService.load()
+    validateToken() {
+        return this.$http.get('VnUsers/validateToken')
            .then(() => {
                this.loggedIn = true;
                this.vnModules.reset();
            })
            .catch(err => {
-                this.vnToken.unset();
                throw err;
            });
    }
 }
-Auth.$inject = ['$http', '$q', '$state', '$transitions', '$window', 'vnToken', 'vnModules', 'aclService'];
+Auth.$inject = [
+    '$http', '$q', 'vnApp', '$translate', '$state',
+    '$transitions', '$window', 'vnToken', 'vnModules'];

 ngModule.service('vnAuth', Auth);
--- a/front/salix/routes.js
+++ b/front/salix/routes.js
@ -12,7 +12,8 @@ function config($stateProvider, $urlRouterProvider) {
            template: '<vn-layout></vn-layout>',
            resolve: {
                config: ['vnConfig', vnConfig => vnConfig.initialize()],
-                token: ['vnToken', vnToken => vnToken.fetchConfig()]
+                token: ['vnToken', vnToken => vnToken.fetchConfig()],
+                acl: ['aclService', aclService => aclService.load()]
            }
        })
        .state('outLayout', {