Merge pull request #105 from Fabszn/i95_enhance_authen_mechanism

I95 enhance authen mechanism
Fabszn · Apr 11, 2023 · 2a538c5 · 2a538c5
2 parents 76ad302 + 61dd02f
commit 2a538c5
Show file tree

Hide file tree

Showing 10 changed files with 166 additions and 94 deletions.
diff --git a/front/src/app/components/informations.vue b/front/src/app/components/informations.vue
@@ -126,7 +126,7 @@ export default defineComponent({
     const adminState = ref(false);
     const toast = useToast();
     const refreshInfoList = ref(0);
-    const readOnlyContent = new Boolean(true)
+    const readOnlyContent = new Boolean(true);
 
     return {
       toast,
@@ -183,32 +183,34 @@ export default defineComponent({
       this.dialogState = true;
     },
     saveInformation: function () {
-      fetch("/api/informations", {
-        headers: shared.tokenHandle(),
-        body: JSON.stringify({
-          title: this.title,
-          content: this.content,
-        }),
-        method: "POST",
-      })
-        .then((response) => response.json())
-        .then((p) => {
-          this.items = map2Information(p);
-          this.title = "";
-          this.content = "";
-          reloadUnRead.bind(this)();
-        });
+      shared.securityAccess(this.$router, (p) =>
+        fetch("/api/informations", {
+          headers: shared.tokenHandle(),
+          body: JSON.stringify({
+            title: this.title,
+            content: this.content,
+          }),
+          method: "POST",
+        })
+          .then((response) => response.json())
+          .then((p) => {
+            this.items = map2Information(p);
+            this.title = "";
+            this.content = "";
+            reloadUnRead.bind(this)();
+          })
+      );
       this.dialogState = false;
     },
     archiveInformation: function (infoId) {
-      fetch("/api/informations/_archive/" + infoId, {
+      shared.securityAccess(this.$router, (p) =>fetch("/api/informations/_archive/" + infoId, {
         headers: shared.tokenHandle(),
         method: "PATCH",
       })
         .then((response) => response.json())
         .then((p) => {
           this.items = map2Information(p);
-        });
+        }));
       this.dialogStateRead = false;
     },
     isNewInfo: function (infoId) {
@@ -239,14 +241,14 @@ function reloadUnRead() {
 }
 
 function markInfoAsRead(infoId) {
-  return fetch("/api/informations/_markAsRead/" + infoId, {
+  return shared.securityAccess(this.$router, (p) =>fetch("/api/informations/_markAsRead/" + infoId, {
     headers: shared.tokenHandle(),
     method: "PATCH",
   })
     .then((response) => response.json())
     .then((p) => {
       this.unReadInfoId = p;
-    });
+    }));
 }
 
 function map2Information(jsonresp) {
@@ -268,10 +270,9 @@ function map2Information(jsonresp) {
   font-size: 16px;
   cursor: pointer;
   text-align: center;
-  
 }
 
-button:hover{
+button:hover {
   color: #30260f;
   background-color: burlywood;
 }
@@ -293,13 +294,13 @@ button:hover{
   background-color: #7d210d;
 }
 
-.content-edit{
+.content-edit {
   border-radius: 10px;
   background-color: rgb(248, 248, 246);
   color: #30260f;
 }
 
-.title-edit{
+.title-edit {
   border-radius: 10px;
   margin: 5px;
 }

diff --git a/front/src/app/components/loadApp.vue b/front/src/app/components/loadApp.vue
@@ -0,0 +1,35 @@
+<template>
+  <div class="spinner">
+    <div>Please wait while loading Floxx ....</div>
+    <div><b-spinner label="Loading..."></b-spinner></div>
+  </div>
+</template>
+<script>
+import _ from "lodash";
+import shared from "../shared";
+export default {
+  created: function () {
+    fetch("try-reco", {
+      headers: shared.tokenHandle(),
+      method: "POST",
+    })
+      .then((response) => response.json())
+      .then((p) => {
+        shared.storeToken(p.token, p.isAdmin, p.name);
+        this.$store.commit("setUsername", p.name);
+        this.$router.push("/menu");
+      })
+      .catch((err) => {
+        console.info("error");
+        this.$router.push("/login");
+      });
+  },
+};
+</script>
+
+<style  scoped>
+.spinner {
+  display: flex;
+  justify-content: center;
+}
+</style>
diff --git a/front/src/app/components/mainMenu.vue b/front/src/app/components/mainMenu.vue
@@ -48,7 +48,10 @@
         v-on:click="informations"
       >
         Informations
-        <span :class="{'text-bg-danger': this.isUnreadMessage}" class="badge text-bg-secondary" >{{ this.nbUnreadMessage }}</span
+        <span
+          :class="{ 'text-bg-danger': this.isUnreadMessage }"
+          class="badge text-bg-secondary"
+          >{{ this.nbUnreadMessage }}</span
         >
       </button>
     </div>
@@ -78,17 +81,17 @@ export default {
     this.adminState = shared.readAdminEtat();
   },
   created() {
-    fetch("/api/informations/_unread", {
-      method: "GET",
-      headers: shared.tokenHandle(),
-    })
-      .then((response) => response.json())
-      .then((p) => {
-        this.nbUnreadMessage = _.size(p);
-        this.isUnreadMessage = this.nbUnreadMessage > 0;
-      });
-
-    shared.securityAccess(this.$router, (p) => {});
+    shared.securityAccess(this.$router, (p) => {
+      fetch("/api/informations/_unread", {
+        method: "GET",
+        headers: shared.tokenHandle(),
+      })
+        .then((response) => response.json())
+        .then((p) => {
+          this.nbUnreadMessage = _.size(p);
+          this.isUnreadMessage = this.nbUnreadMessage > 0;
+        });
+    });
   },
   methods: {
     navToOverf: function () {
@@ -109,16 +112,15 @@ export default {
     backDisconnect: function () {
       shared.cleanToken();
       this.$store.commit("setUsername", "");
-      this.$router.push("/");
+      this.$router.push("/login");
     },
   },
 };
 </script>
 
 
 <style  scoped>
-button:hover{
-  
+button:hover {
   background-color: #3b8a4b;
 }
 .block {

diff --git a/front/src/app/components/reload.vue b/front/src/app/components/reload.vue
diff --git a/front/src/app/index.ts b/front/src/app/index.ts
@@ -49,14 +49,7 @@ const router = createRouter({
     routes
 });
 
-const app = createApp(App, {
-
-    mounted: function () {
-        if (window.location.pathname == "") {
-            this.$router.push("/reload/" + window.location.pathname);
-        }
-    }
-})
+const app = createApp(App)
 
 
 

diff --git a/front/src/app/routeur-config.js b/front/src/app/routeur-config.js
@@ -9,12 +9,17 @@ import mappingRCR from './components/admins/mappingRCR.vue'
 import mySlots from './components/mySlots.vue'
 import planning from './components/desktop/planning.vue'
 import allactivesslots from './components/AllActiveSlots.vue'
-import reload from './components/reload.vue'
 import statistiques from './components/admins/statistiques.vue'
 import informations from './components/informations.vue'
+import loadapp from './components/loadApp.vue'
 
 export const routes = [{
     path: '/',
+    component: loadapp,
+    children: []
+}, {
+
+    path: '/login',
     component: login,
     children: []
 }, {
@@ -61,10 +66,6 @@ export const routes = [{
     path: '/statistics',
     component: statistiques,
     children: []
-}, {
-    path: '/reload/:pathRoute',
-    component: reload,
-    children: []
 }, {
     path: '/informations',
     component: informations,

diff --git a/httpEngine/src/main/scala/org/floxx/env/api/StaticApi.scala b/httpEngine/src/main/scala/org/floxx/env/api/StaticApi.scala
@@ -18,7 +18,9 @@ object StaticApi {
   val excludePaths =Seq("infos", "favicon.ico")
 
   def api=  HttpRoutes.of[ApiTask] {
-    case req @ GET -> Root  => static("/assets/index.html", req)
+    case req @ GET -> Root  => {
+      static("/assets/index.html", req)
+    }
 
     case req @ GET -> Root / path if path.contains("index") && path.endsWith(".js") => {
       static(s"/assets/${path}", req)

diff --git a/httpEngine/src/main/scala/org/floxx/env/api/entriesPointApi.scala b/httpEngine/src/main/scala/org/floxx/env/api/entriesPointApi.scala
@@ -1,43 +1,85 @@
 package org.floxx.env.api
 
-import org.http4s.HttpRoutes
+import org.http4s.{ HttpDate, HttpRoutes, Request,ResponseCookie, SameSite }
 import io.circe.generic.auto._
-import org.floxx.BuildInfo
+import org.floxx.{ domain, BuildInfo }
 import org.floxx.domain.AuthUser.Mdp
 import org.floxx.domain.User.SimpleUser
 import org.floxx.env.service.securityService
 import org.floxx.env.service.securityService.AuthenticatedUser
 import org.http4s.circe._
 import org.http4s.dsl.Http4sDsl
+
+import zio.{ URIO, ZIO }
 import zio.interop.catz._
 
+import java.time.{ ZoneId, ZonedDateTime }
+
+
 object entriesPointApi {
 
-  val dsl =  Http4sDsl[ApiTask]
+  val dsl = Http4sDsl[ApiTask]
 
   import dsl._
 
   case class LoginResquest(login: String, mdp: String)
-  object LoginResquest{
+  object LoginResquest {
 
-    implicit val formatMdp =  jsonOf[ApiTask, Mdp]
-    implicit val formatSimpleUserId =  jsonOf[ApiTask, SimpleUser.Id]
-    implicit val formatLoginRequest =  jsonOf[ApiTask, LoginResquest]
+    implicit val formatMdp          = jsonOf[ApiTask, Mdp]
+    implicit val formatSimpleUserId = jsonOf[ApiTask, SimpleUser.Id]
+    implicit val formatLoginRequest = jsonOf[ApiTask, LoginResquest]
   }
 
   implicit val decoder = jsonOf[ApiTask, LoginResquest]
   implicit val d       = jsonEncoderOf[ApiTask, AuthenticatedUser]
-  case class User(name:String,token:String, isAdmin:Boolean)
+  case class User(name: String, token: String, isAdmin: Boolean)
+
 
+  val floxx_auth = "floxx_auth"
   def api = HttpRoutes.of[ApiTask] {
+    case req @ POST -> Root / "try-reco" => {
+
+      for {
+        info <- processCookie(req)
+        response <- info.fold(BadRequest("auth has failed")) {
+          case (token, userInfo) =>
+            Ok(
+              AuthenticatedUser(
+                s"${userInfo.firstName.value} ${userInfo.lastName.value}",
+                token,
+                userInfo.isAdmin
+              )
+            )
+        }
+      } yield response
+
+    }
     case req @ POST -> Root / "login" =>
       for {
         loginInfo <- req.as[LoginResquest]
         auth <- securityService.authentification(SimpleUser.Id(loginInfo.login), Mdp(loginInfo.mdp))
+        now <- ZIO.attempt(HttpDate.unsafeFromZonedDateTime(ZonedDateTime.now(ZoneId.of("Europe/Paris")).plusHours(24)))
         resp <- Ok(auth)
-      } yield resp
-    case _ @ GET -> Root / "infos" =>
+      } yield resp.addCookie(
+        ResponseCookie(
+          floxx_auth,
+          auth.token,
+          expires  = Some(now),
+          maxAge   = None,
+          httpOnly = true,
+          secure   = true,
+          sameSite = Option(SameSite.Strict)
+        )
+      )
+    case _ @GET -> Root / "infos" =>
       Ok(BuildInfo.version)
   }
 
+  private def processCookie(req: Request[ApiTask]): URIO[securityService.SecurityService, Option[(String, domain.AuthUser)]] =
+    (for {
+      r <- ZIO.attempt(req.cookies.find(c => c.name == floxx_auth)).some
+      userInfo <- securityService.checkAuthentification(r.content).some
+      u <- securityService.loadUserById(userInfo.userId).some
+    } yield (r.content, u)).option
+
 }
diff --git a/httpEngine/src/main/scala/org/floxx/env/api/package.scala b/httpEngine/src/main/scala/org/floxx/env/api/package.scala
@@ -30,9 +30,9 @@ package object api {
 
   def authUser(conf: GlobalConfig): Kleisli[OT, Request[ApiTask], UserInfo] =
     Kleisli(
-      request =>
+      request => {
         OptionT(
-          ZIO.attempt(
+           ZIO.attempt(
             request.headers
               .get(Authorization.name)
               .map(
@@ -62,6 +62,7 @@ package object api {
               }
           )
         )
+      }
     )
 
 }