#6274 workerTimeControl #1858
|
|
@ -1,14 +1,5 @@
|
|||
const UserError = require('vn-loopback/util/user-error');
|
||||
const {models} = require('vn-loopback/server/server');
|
||||
|
||||
const handlePromiseLogout = (Self, {id}, courtesyTime) => {
|
||||
new Promise(res => {
|
||||
setTimeout(() => {
|
||||
res(Self.logout(id));
|
||||
}
|
||||
, courtesyTime * 1000);
|
||||
});
|
||||
};
|
||||
module.exports = Self => {
|
||||
Self.remoteMethodCtx('renewToken', {
|
||||
description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it',
|
||||
|
|
@ -28,14 +19,26 @@ module.exports = Self => {
|
|||
const {accessToken: token} = ctx.req;
|
||||
|
||||
// Check if current token is valid
|
||||
const isValid = await validateToken(token);
|
||||
if (isValid)
|
||||
|
||||
const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
|
||||
fields: ['renewPeriod', 'courtesyTime']
|
||||
});
|
||||
const now = Date.now();
|
||||
const differenceMilliseconds = now - token.created;
|
||||
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
|
||||
const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
|
||||
if (isNotExceeded)
|
||||
return token;
|
||||
|
||||
const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['courtesyTime']});
|
||||
|
||||
// Schedule to remove current token
|
||||
handlePromiseLogout(Self, token, courtesyTime);
|
||||
setTimeout(async() => {
|
||||
try {
|
||||
await Self.logout(token.id);
|
||||
} catch (err) {
|
||||
// eslint-disable-next-line no-console
|
||||
console.error(err);
|
||||
}
|
||||
}, courtesyTime * 1000);
|
||||
|
||||
// Create new accessToken
|
||||
const user = await Self.findById(token.userId);
|
||||
|
|
@ -43,14 +46,4 @@ module.exports = Self => {
|
|||
|
||||
return {id: accessToken.id, ttl: accessToken.ttl};
|
||||
};
|
||||
|
||||
async function validateToken(token) {
|
||||
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
|
||||
const now = Date.now();
|
||||
const differenceMilliseconds = now - token.created;
|
||||
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
|
||||
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
|
||||
|
||||
return isValid;
|
||||
}
|
||||
};
|
||||
|
|
|
|||
|
|
@ -30,7 +30,6 @@ describe('Renew Token', () => {
|
|||
it('should renew token', async() => {
|
||||
const mockDate = new Date(startingTime + 26600000);
|
||||
jasmine.clock().mockDate(mockDate);
|
||||
console.log(startingTime, mockDate)
|
||||
const {id} = await models.VnUser.renewToken(ctx);
|
||||
|
||||
expect(id).not.toEqual(ctx.req.accessToken.id);
|
||||
|
|
|
|||
|
|
@ -95,27 +95,30 @@
|
|||
"principalType": "ROLE",
|
||||
"principalId": "$everyone",
|
||||
"permission": "ALLOW"
|
||||
},
|
||||
{
|
||||
"property": "recoverPassword",
|
||||
"accessType": "EXECUTE",
|
||||
"principalType": "ROLE",
|
||||
"principalId": "$everyone",
|
||||
"permission": "ALLOW"
|
||||
},
|
||||
{
|
||||
"property": "validateAuth",
|
||||
}, {
|
||||
"property": "recoverPassword",
|
||||
"accessType": "EXECUTE",
|
||||
"principalType": "ROLE",
|
||||
"principalId": "$everyone",
|
||||
"permission": "ALLOW"
|
||||
},
|
||||
{
|
||||
}, {
|
||||
"property": "validateAuth",
|
||||
"accessType": "EXECUTE",
|
||||
"principalType": "ROLE",
|
||||
"principalId": "$everyone",
|
||||
"permission": "ALLOW"
|
||||
}, {
|
||||
"property": "privileges",
|
||||
"accessType": "*",
|
||||
"principalType": "ROLE",
|
||||
"principalId": "$authenticated",
|
||||
"permission": "ALLOW"
|
||||
}, {
|
||||
"property": "renewToken",
|
||||
"accessType": "WRITE",
|
||||
"principalType": "ROLE",
|
||||
"principalId": "$authenticated",
|
||||
"permission": "ALLOW"
|
||||
}
|
||||
],
|
||||
"scopes": {
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
DELETE FROM `salix`.`ACL`
|
||||
WHERE model = 'VnUser'
|
||||
AND property = 'renewToken';
|
||||
|
||||
INSERT INTO `account`.`role` (name, description)
|
||||
VALUES ('timeControl','Tablet para fichar');
|
||||
|
||||
|
|
@ -8,7 +12,6 @@ INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalTyp
|
|||
VALUES
|
||||
('WorkerTimeControl', 'login', 'READ', 'ALLOW', 'ROLE', 'timeControl'),
|
||||
('WorkerTimeControl', 'getClockIn', 'READ', 'ALLOW', 'ROLE', 'timeControl'),
|
||||
('WorkerTimeControl', 'clockIn', 'WRITE', 'ALLOW', 'ROLE', 'timeControl'),
|
||||
('VnUser', 'renewToken', 'WRITE', 'ALLOW', 'ROLE', 'timeControl');
|
||||
('WorkerTimeControl', 'clockIn', 'WRITE', 'ALLOW', 'ROLE', 'timeControl');
|
||||
|
||||
CALL `account`.`role_sync`();
|
||||
|
|
|
|||
Loading…
Reference in New Issue