Merge branch '6264-renewToken' of https://gitea.verdnatura.es/verdnatura/salix into 6274-loginWorkerTimeControl

2023-12-05 14:12:00 +01:00 · 2023-12-05 14:12:00 +01:00 · bb186bafe0
parent 25006a938b a5fb07bf12
commit bb186bafe0
11 changed files with 132 additions and 22 deletions
--- a/back/methods/vn-user/renew-token.js
+++ b/back/methods/vn-user/renew-token.js
@ -1,5 +1,15 @@
 const UserError = require('vn-loopback/util/user-error');
 const {models} = require('vn-loopback/server/server');
 const DEFAULT_COURTESY_TIME = 60;
 const handlePromiseLogout = (Self, {id}, courtesyTime = DEFAULT_COURTESY_TIME) => {
    new Promise(res => {
        setTimeout(() => {
            res(Self.logout(id));
        }
        , courtesyTime * 1000);
    });
 };
 module.exports = Self => {
    Self.remoteMethodCtx('renewToken', {
        description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it',
@ -16,20 +26,18 @@ module.exports = Self => {
    });
    Self.renewToken = async function(ctx) {
-        const models = Self.app.models;
+        const {accessToken: token} = ctx.req;
        const token = ctx.req.accessToken;
-        const now = new Date();
+        // Check if current token is valid
-        const differenceMilliseconds = now - token.created;
+        const isValid = await Self.validateToken(token);
-        const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
+        if (isValid) throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
-        const fields = ['renewPeriod', 'courtesyTime'];
+        const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
        const accessTokenConfig = await models.AccessTokenConfig.findOne({fields});
-        if (differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime)
+        // Schedule to remove current token
-            throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
+        handlePromiseLogout(Self, token, courtesyTime);
-        await Self.logout(token.id);
+        // Create new accessToken
        const user = await Self.findById(token.userId);
        const accessToken = await user.createAccessToken();
--- a/back/methods/vn-user/specs/renew-token.spec.js
+++ b/back/methods/vn-user/specs/renew-token.spec.js
@ -0,0 +1,49 @@
 const {models} = require('vn-loopback/server/server');
 describe('Renew Token', () => {
    const startingTime = Date.now();
    let ctx = null;
    beforeAll(async() => {
        const unAuthCtx = {
            req: {
                headers: {},
                connection: {
                    remoteAddress: '127.0.0.1'
                },
                getLocale: () => 'en'
            },
            args: {}
        };
        let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
        let accessToken = await models.AccessToken.findById(login.token);
        ctx = {req: {accessToken: accessToken}};
    });
    beforeEach(() => {
        jasmine.clock().install();
        jasmine.clock().mockDate(new Date(startingTime));
    });
    afterEach(() => {
        jasmine.clock().uninstall();
    });
    it('should renew process', async() => {
        jasmine.clock().mockDate(new Date(startingTime + 21600000));
        const {id} = await models.VnUser.renewToken(ctx);
        expect(id).not.toEqual(ctx.req.accessToken.id);
    });
    it('NOT should renew', async() => {
        let error;
        try {
            await models.VnUser.renewToken(ctx);
        } catch (e) {
            error = e;
        }
        expect(error).toBeDefined();
        expect(error.statusCode).toBe(400);
        expect(error.message).toEqual('The renew period has not been exceeded');
    });
 });
--- a/back/methods/vn-user/specs/validate-token.spec.js
+++ b/back/methods/vn-user/specs/validate-token.spec.js
@ -0,0 +1,43 @@
 const {models} = require('vn-loopback/server/server');
 describe('Validate Token', () => {
    const startingTime = Date.now();
    let ctx = null;
    beforeAll(async() => {
        const unAuthCtx = {
            req: {
                headers: {},
                connection: {
                    remoteAddress: '127.0.0.1'
                },
                getLocale: () => 'en'
            },
            args: {}
        };
        let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
        let accessToken = await models.AccessToken.findById(login.token);
        ctx = {req: {accessToken: accessToken}};
    });
    beforeEach(() => {
        jasmine.clock().install();
        jasmine.clock().mockDate(new Date(startingTime));
    });
    afterEach(() => {
        jasmine.clock().uninstall();
    });
    it('Token is not expired', async() => {
        const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
        expect(isValid).toBeTrue();
    });
    it('Token is expired', async() => {
        jasmine.clock().mockDate(new Date(startingTime + 21600000));
        const isValid = await models.VnUser.validateToken(ctx.req.accessToken);
        expect(isValid).toBeFalse();
    });
 });
--- a/back/methods/vn-user/validate-token.js
+++ b/back/methods/vn-user/validate-token.js
@ -1,3 +1,4 @@
 const {models} = require('vn-loopback/server/server');
 module.exports = Self => {
    Self.remoteMethod('validateToken', {
        description: 'Validates the current logged user token',
@ -11,7 +12,13 @@ module.exports = Self => {
        }
    });
-    Self.validateToken = async function() {
+    Self.validateToken = async function(token) {
-        return true;
+        const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
        const now = Date.now();
        const differenceMilliseconds = now - token.created;
        const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
        const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
        return isValid;
    };
 };
--- a/db/changes/234601/00-updateCourtesyTime.sql
+++ b/db/changes/234601/00-updateCourtesyTime.sql
@ -0,0 +1,4 @@
 --  Auto-generated SQL script #202311061003
 UPDATE salix.accessTokenConfig
 	SET courtesyTime=60
 	WHERE id=1;
--- a/db/dump/fixtures.sql
+++ b/db/dump/fixtures.sql
@ -2968,9 +2968,9 @@ INSERT INTO `vn`.`wagonTypeTray` (`id`, `typeFk`, `height`, `colorFk`)
        (2, 1, 50, 2),
        (3, 1, 0, 3);
-INSERT INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `renewInterval`)
+INSERT INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `courtesyTime`, `renewInterval`)
    VALUES
-        (1, 21600, 300);
+        (1, 21600, 60, 300);
 INSERT INTO `vn`.`travelConfig` (`id`, `warehouseInFk`, `warehouseOutFk`, `agencyFk`, `companyFk`)
    VALUES
--- a/front/core/services/token.js
+++ b/front/core/services/token.js
@ -82,7 +82,7 @@ export default class Token {
            if (!data) return;
            this.renewPeriod = data.renewPeriod;
            this.stopRenewer();
-            this.inservalId = setInterval(() => this.checkValidity(), data.renewInterval * 1000);
+            this.intervalId = setInterval(() => this.checkValidity(), data.renewInterval * 1000);
        });
    }
@ -113,7 +113,7 @@ export default class Token {
    }
    stopRenewer() {
-        clearInterval(this.inservalId);
+        clearInterval(this.intervalId);
    }
 }
 Token.$inject = ['vnInterceptor', '$http', '$rootScope'];
--- a/loopback/server/boot/date.js
+++ b/loopback/server/boot/date.js
@ -1,6 +1,5 @@
 module.exports = () => {
-    Date.vnUTC = () => {
+    Date.vnUTC = (env = process.env.NODE_ENV) => {
        const env = process.env.NODE_ENV;
        if (!env || env === 'development')
            return new Date(Date.UTC(2001, 0, 1, 11));
--- a/loopback/server/middleware.json
+++ b/loopback/server/middleware.json
@ -39,7 +39,7 @@
    "./middleware/salix-version": {}
  },
  "parse": {
-    "body-parser#json":{} 
+    "body-parser#json":{}
  },
  "routes": {
    "loopback#rest": {
--- a/loopback/server/middleware/current-user.js
+++ b/loopback/server/middleware/current-user.js
@ -1,5 +1,5 @@
 module.exports = function(options) {
-    return function(req, res, next) {
+    return async function(req, res, next) {
        if (!req.accessToken)
            return next();
--- a/modules/account/back/methods/account/specs/change-password.spec.js
+++ b/modules/account/back/methods/account/specs/change-password.spec.js
@ -2,7 +2,7 @@ const {models} = require('vn-loopback/server/server');
 describe('account changePassword()', () => {
    const userId = 70;
-    const unauthCtx = {
+    const unAuthCtx = {
        req: {
            headers: {},
            connection: {
@ -79,7 +79,7 @@ describe('account changePassword()', () => {
                        passExpired: yesterday
                    }
                    , options);
-                await models.VnUser.signIn(unauthCtx, 'trainee', 'nightmare', options);
+                await models.VnUser.signIn(unAuthCtx, 'trainee', 'nightmare', options);
            } catch (e) {
                if (e.message != 'Pass expired')
                    throw e;