* Added Much better session Management, key updating and deleting
* Force reload of JS if app numbers dont match * Added cool tag display on side of note * Cleaned up a bunch of code and tweaked little things to be better
This commit is contained in:
parent
d2624628d8
commit
071aaf22cd
@ -23,22 +23,76 @@ export default {
|
||||
data: function(){
|
||||
return {
|
||||
// loggedIn:
|
||||
fetchingInProgress: false, //Prevent start getting token while fetch is in progress
|
||||
blockUntilNextRequest: false //If token was just renewed, don't fetch more until next request
|
||||
}
|
||||
},
|
||||
|
||||
//Axios response interceptor
|
||||
// - Gets new session tokens from server and uses them in app
|
||||
beforeCreate: function(){
|
||||
|
||||
//Before all requests going out
|
||||
axios.interceptors.request.use(
|
||||
(config) => {
|
||||
|
||||
//Enable token fetching after another request is made
|
||||
if(this.blockUntilNextRequest){
|
||||
this.fetchingInProgress = false
|
||||
this.blockUntilNextRequest = false
|
||||
}
|
||||
|
||||
return config
|
||||
},
|
||||
(error) => {
|
||||
return Promise.reject(error)
|
||||
}
|
||||
)
|
||||
|
||||
// Add a response interceptor, token can be renewed on every response
|
||||
axios.interceptors.response.use(
|
||||
(response) => {
|
||||
|
||||
if(typeof response.headers.remaininguses !== 'undefined'){
|
||||
|
||||
// console.log(response.headers.remaininguses)
|
||||
//Look at remaining uses of token, if its less than five, request a new one
|
||||
if(response.headers.remaininguses < 10 && !this.fetchingInProgress && !this.blockUntilNextRequest){
|
||||
this.fetchingInProgress = true
|
||||
const currentToken = localStorage.getItem('loginToken')
|
||||
this.$io.emit('renew_session_token', currentToken)
|
||||
}
|
||||
}
|
||||
|
||||
return response
|
||||
},
|
||||
(error) => {
|
||||
return Promise.reject(error)
|
||||
}
|
||||
)
|
||||
|
||||
//Puts token into state on page load
|
||||
let token = localStorage.getItem('loginToken')
|
||||
let username = localStorage.getItem('username')
|
||||
|
||||
// const socket = io({ path:'/socket' });
|
||||
const socket = this.$io
|
||||
socket.on('connect', () => {
|
||||
//
|
||||
if(token && token.length > 0){
|
||||
|
||||
this.$store.commit('setSocketIoSocket', socket.id)
|
||||
//setup username display
|
||||
this.$store.commit('setUsername', username)
|
||||
|
||||
//Set session token on every request if set
|
||||
axios.defaults.headers.common['authorizationtoken'] = token
|
||||
|
||||
//Setup websockets into vue instance
|
||||
const socket = this.$io
|
||||
socket.on('connect', () => {
|
||||
|
||||
//Put user into personal event room for live note updates, etc
|
||||
this.$io.emit('user_connect', token)
|
||||
})
|
||||
}
|
||||
|
||||
this.$io.emit('user_connect', token)
|
||||
})
|
||||
|
||||
//Detect if user is on a mobile browser and set a flag in store
|
||||
this.$store.commit('detectIsUserOnMobile')
|
||||
@ -49,11 +103,6 @@ export default {
|
||||
this.$store.commit('toggleNightMode', themeNumber)
|
||||
}
|
||||
|
||||
//Put user data into global store on load
|
||||
if(token){
|
||||
this.$store.commit('setLoginToken', {token, username})
|
||||
}
|
||||
|
||||
},
|
||||
mounted: function(){
|
||||
|
||||
@ -63,6 +112,17 @@ export default {
|
||||
this.$store.dispatch('fetchAndUpdateUserTotals')
|
||||
})
|
||||
|
||||
this.$io.on('recievend_new_token', newToken => {
|
||||
|
||||
// console.log('Got a new token')
|
||||
|
||||
axios.defaults.headers.common['authorizationtoken'] = newToken
|
||||
localStorage.setItem('loginToken', newToken)
|
||||
|
||||
//Disable getting new tokens until next request
|
||||
this.blockUntilNextRequest = true
|
||||
})
|
||||
|
||||
},
|
||||
computed: {
|
||||
loggedIn () {
|
||||
|
@ -17,6 +17,10 @@
|
||||
|
||||
|
||||
:root {
|
||||
|
||||
--main-accent: #16ab39;
|
||||
|
||||
/*theme colors */
|
||||
--body_bg_color: #f5f6f7;
|
||||
--small_element_bg_color: #fff;
|
||||
--text_color: #3d3d3d;
|
||||
|
@ -248,7 +248,7 @@
|
||||
|
||||
|
||||
|
||||
<div v-on:click="reloadPage" class="version-display">
|
||||
<div v-on:click="reloadPage" class="version-display" v-if="version != 0" >
|
||||
<i :class="`${getVersionIcon()} icon`"></i> {{ version }}
|
||||
</div>
|
||||
|
||||
@ -267,7 +267,7 @@
|
||||
},
|
||||
data: function(){
|
||||
return {
|
||||
version: '2.3.4',
|
||||
version: '0',
|
||||
username: '',
|
||||
collapsed: false,
|
||||
mobile: false,
|
||||
@ -277,6 +277,7 @@
|
||||
}
|
||||
},
|
||||
beforeCreate: function(){
|
||||
|
||||
},
|
||||
mounted: function(){
|
||||
this.mobile = this.$store.getters.getIsUserOnMobile
|
||||
@ -288,6 +289,7 @@
|
||||
|
||||
if(this.loggedIn){
|
||||
this.$store.dispatch('fetchAndUpdateUserTotals')
|
||||
this.version = localStorage.getItem('currentVersion')
|
||||
}
|
||||
|
||||
},
|
||||
@ -347,11 +349,12 @@
|
||||
.catch(error => { this.$bus.$emit('notification', 'Failed to create note') })
|
||||
},
|
||||
destroyLoginToken() {
|
||||
axios.post('/api/user/logout').then( response => {
|
||||
axios.post('/api/user/logout')
|
||||
setTimeout(() => {
|
||||
this.$bus.$emit('notification', 'Logged Out')
|
||||
this.$store.commit('destroyLoginToken')
|
||||
this.$router.push('/')
|
||||
})
|
||||
}, 200)
|
||||
},
|
||||
toggleNightMode(){
|
||||
this.$store.commit('toggleNightMode')
|
||||
|
@ -98,13 +98,15 @@
|
||||
//Login user if we have a valid token
|
||||
if(data && data.token && data.token.length > 0){
|
||||
|
||||
const token = data.token
|
||||
const username = this.username
|
||||
//Set username to local session
|
||||
this.$store.commit('setUsername', this.username)
|
||||
|
||||
this.$store.commit('setLoginToken', {token, username})
|
||||
const token = data.token
|
||||
|
||||
//Setup socket io after user logs in
|
||||
axios.defaults.headers.common['authorizationtoken'] = token
|
||||
this.$io.emit('user_connect', token)
|
||||
localStorage.setItem('loginToken', token)
|
||||
|
||||
//Redirect user to notes section after login
|
||||
this.$router.push('/notes')
|
||||
@ -113,7 +115,7 @@
|
||||
register(){
|
||||
|
||||
if( this.username.length == 0 || this.password.length == 0 ){
|
||||
this.$bus.$emit('notification', 'Username and Password Required')
|
||||
this.$bus.$emit('notification', 'Unable to Sign Up - Username and Password Required')
|
||||
return
|
||||
}
|
||||
|
||||
@ -121,19 +123,19 @@
|
||||
.then(({data}) => {
|
||||
|
||||
if(data == false){
|
||||
this.$bus.$emit('notification', 'Username already in use')
|
||||
this.$bus.$emit('notification', 'Unable to Sign Up - Username already in use')
|
||||
}
|
||||
|
||||
this.finalizeLogin(data)
|
||||
})
|
||||
.catch(error => {
|
||||
this.$bus.$emit('notification', 'Username already in use')
|
||||
this.$bus.$emit('notification', 'Unable to Sign Up - Username already in use')
|
||||
})
|
||||
},
|
||||
login(){
|
||||
|
||||
if( this.username.length == 0 || this.password.length == 0 ){
|
||||
this.$bus.$emit('notification', 'Username and Password Required')
|
||||
this.$bus.$emit('notification', 'Unable to Login - Username and Password Required')
|
||||
return
|
||||
}
|
||||
|
||||
@ -141,13 +143,13 @@
|
||||
.then(({data}) => {
|
||||
|
||||
if(data == false){
|
||||
this.$bus.$emit('notification', 'Incorrect Username or Password')
|
||||
this.$bus.$emit('notification', 'Unable to Login - Incorrect Username or Password')
|
||||
}
|
||||
|
||||
this.finalizeLogin(data)
|
||||
})
|
||||
.catch(error => {
|
||||
this.$bus.$emit('notification', 'Incorrect Username or Password')
|
||||
this.$bus.$emit('notification', 'Unable to Login - Incorrect Username or Password')
|
||||
})
|
||||
}
|
||||
}
|
||||
|
@ -170,13 +170,18 @@
|
||||
</div>
|
||||
|
||||
<!-- little tags on the side -->
|
||||
<div class="note-mini-tag-area" v-if="allTags.length > 0" :class="{ 'slide-out-right':(sizeDown == true) }">
|
||||
<div class="note-mini-tag-area" :class="{ 'size-down':sizeDown }">
|
||||
<span v-for="tag in allTags" class="subtle-tag active-mini-tag" v-if="isTagOnNote(tag.id)" v-on:click="removeTag(tag.id)">
|
||||
<i class="tag icon"></i>
|
||||
{{ tag.text }}
|
||||
</span>
|
||||
<span v-else class="subtle-tag" v-on:click="addTag(tag.text)">
|
||||
<i class="plus icon"></i>
|
||||
{{ tag.text }}
|
||||
</span>
|
||||
<span class="subtle-tag" v-on:click="$router.push(`/notes/open/${noteid}/menu/tags`)">
|
||||
<i class="plus icon"></i><i class="green tags icon"></i>Add Tag
|
||||
</span>
|
||||
</div>
|
||||
|
||||
<!-- color picker -->
|
||||
@ -195,7 +200,7 @@
|
||||
/>
|
||||
</side-slide-menu>
|
||||
|
||||
<side-slide-menu v-if="tags" v-on:close="tags = false" name="tags" :style-object="styleObject">
|
||||
<side-slide-menu v-if="tags" v-on:close="tags = false; fetchNoteTags()" name="tags" :style-object="styleObject">
|
||||
<div class="ui basic segment">
|
||||
<note-tag-edit :noteId="noteid" :key="'tags-for-note-'+noteid"/>
|
||||
</div>
|
||||
@ -254,10 +259,10 @@
|
||||
|
||||
<!-- Show side shades if user is on desktop only -->
|
||||
<div class="full-focus-shade shade1"
|
||||
:class="{ 'slide-out-left':(sizeDown == true) }"
|
||||
:class="{ 'slide-out-left':sizeDown }"
|
||||
v-on:click="close()"></div>
|
||||
<div class="full-focus-shade shade2"
|
||||
:class="{ 'slide-out-right':(sizeDown == true) }"
|
||||
:class="{ 'slide-out-right':sizeDown }"
|
||||
v-on:click="close()"></div>
|
||||
|
||||
</div>
|
||||
@ -335,10 +340,6 @@
|
||||
diffTextTimeout: null,
|
||||
diffsApplied: null,
|
||||
|
||||
//Fake Caret position and visibility
|
||||
caretShow: false,
|
||||
caretLeft: null,
|
||||
caretTop: null,
|
||||
//Used to restore caret position
|
||||
lastRange: null,
|
||||
startOffset: 0,
|
||||
@ -541,9 +542,6 @@
|
||||
if(!this.$store.getters.getIsUserOnMobile){
|
||||
this.editor.focus()
|
||||
this.editor.moveCursorToEnd()
|
||||
this.caretShow = true
|
||||
this.moveArtificialCaret()
|
||||
|
||||
|
||||
this.fetchNoteTags() //Don't load tags on mobile
|
||||
}
|
||||
@ -615,14 +613,7 @@
|
||||
})
|
||||
|
||||
this.editor.addEventListener('keydown', event => {
|
||||
setTimeout(() => {
|
||||
if(event.keyCode == 32){
|
||||
this.caretLeft += 3
|
||||
}
|
||||
if(event.keyCode == 8){
|
||||
// this.caretLeft -= 3
|
||||
}
|
||||
}, 10)
|
||||
|
||||
})
|
||||
|
||||
//Bind event handlers
|
||||
@ -633,29 +624,10 @@
|
||||
|
||||
//Show and hide additional toolbars
|
||||
this.editor.addEventListener('focus', e => {
|
||||
// this.caretShow = true
|
||||
})
|
||||
this.editor.addEventListener('blur', e => {
|
||||
// this.caretShow = false
|
||||
})
|
||||
},
|
||||
moveArtificialCaret(rect = null){
|
||||
|
||||
//Lets not use the artificial caret for now
|
||||
return
|
||||
|
||||
//If rect isn't present, grab by selection
|
||||
if(!rect || rect.left == 0){ //Left should always be greater than 0, because of a margin
|
||||
rect = this.editor.getCursorPosition()
|
||||
//Another way to get range
|
||||
// window.getSelection().getRangeAt(0)
|
||||
}
|
||||
|
||||
const textArea = document.getElementById('text-box-container').getBoundingClientRect()
|
||||
|
||||
this.caretLeft = (rect.left - textArea.left - 1)
|
||||
this.caretTop = (rect.top - textArea.top - 1 )
|
||||
},
|
||||
openEditAttachment(){
|
||||
|
||||
this.$router.push('/attachments/note/'+this.currentNoteId)
|
||||
@ -845,7 +817,7 @@
|
||||
// clearTimeout(this.editDebounce)
|
||||
|
||||
if(this.statusText == 'saving'){
|
||||
return reject(false)
|
||||
return resolve(true)
|
||||
}
|
||||
|
||||
//Don't save note if its hash doesn't change
|
||||
@ -1081,38 +1053,45 @@
|
||||
|
||||
.note-mini-tag-area {
|
||||
position: fixed;
|
||||
width: 100px;
|
||||
left: calc(15% - 100px);
|
||||
width: 120px;
|
||||
left: calc(15% - 125px);
|
||||
top: 46px;
|
||||
bottom: 0;
|
||||
height: 500px;
|
||||
height: calc(100vh - 55px);
|
||||
z-index: 1000;
|
||||
overflow-y: scroll;
|
||||
scrollbar-width: none;
|
||||
scrollbar-color: transparent transparent;
|
||||
}
|
||||
.note-mini-tag-area {
|
||||
scrollbar-width: auto;
|
||||
scrollbar-color: inherit inherit;
|
||||
}
|
||||
.subtle-tag {
|
||||
display: inline-block;
|
||||
width: 100%;
|
||||
padding: 2px 1px 2px 4px;
|
||||
margin: 0 0 2px;
|
||||
padding: 1px 1px 1px 5px;
|
||||
margin: 0 0 0;
|
||||
border: 1px solid transparent;
|
||||
border-right: none;
|
||||
border-top-left-radius: 4px;
|
||||
border-bottom-left-radius: 4px;
|
||||
color: var(--text_color);
|
||||
border-radius: 3px;
|
||||
background-color: transparent;
|
||||
white-space: nowrap;
|
||||
overflow: hidden;
|
||||
text-overflow: ellipsis;
|
||||
transition: color ease 0.3s, background ease 0.3s;
|
||||
font-size: 12px;
|
||||
font-size: 11px;
|
||||
cursor: pointer;
|
||||
opacity: 0;
|
||||
text-transform:capitalize;
|
||||
}
|
||||
.note-mini-tag-area:hover .subtle-tag {
|
||||
opacity: 1;
|
||||
}
|
||||
.note-mini-tag-area:hover .active-mini-tag {
|
||||
background-color: var(--main-accent);
|
||||
color: white;
|
||||
}
|
||||
.note-mini-tag-area:hover .subtle-tag:not(.active-mini-tag) {
|
||||
border-right: none;
|
||||
color: var(--text_color);
|
||||
@ -1120,9 +1099,9 @@
|
||||
opacity: 1;
|
||||
}
|
||||
.active-mini-tag {
|
||||
opacity: 0.6;
|
||||
background-color: #16ab39;
|
||||
color: white;
|
||||
opacity: 0.7;
|
||||
background-color: var(--small_element_bg_color);
|
||||
color: var(--text_color)
|
||||
}
|
||||
|
||||
|
||||
|
@ -32,7 +32,7 @@
|
||||
class="big-text"><p>{{ note.title }}</p></span>
|
||||
|
||||
<!-- Sub text display -->
|
||||
<span v-if="note.subtext.length > 0 && !isShowingSearchResults()"
|
||||
<span v-if="note.subtext.length > 0"
|
||||
class="small-text"
|
||||
v-html="note.subtext"></span>
|
||||
|
||||
@ -49,15 +49,6 @@
|
||||
</span>
|
||||
</span>
|
||||
|
||||
<!-- Display highlights from solr results -->
|
||||
<span v-if="note.note_highlights.length > 0" class="term-usage">
|
||||
<span
|
||||
class="usage-row"
|
||||
v-for="highlight in note.note_highlights"
|
||||
:class="{ 'big-text':(highlight <= 100), 'small-text-title':(highlight >= 100) }"
|
||||
v-html="cleanHighlight(highlight)"></span>
|
||||
</span>
|
||||
|
||||
</div>
|
||||
|
||||
<div v-if="titleView" class="single-line-text" @click="cardClicked">
|
||||
@ -179,12 +170,6 @@
|
||||
|
||||
return updated
|
||||
},
|
||||
isShowingSearchResults(){
|
||||
if(this.note.note_highlights.length > 0 || this.note.attachment_highlights.length > 0 || this.note.tag_highlights.length > 0){
|
||||
return true
|
||||
}
|
||||
return false
|
||||
},
|
||||
splitTags(text){
|
||||
return text.split(',')
|
||||
},
|
||||
|
@ -8,8 +8,12 @@
|
||||
<div class="ui grid" v-if="shareUsername == null">
|
||||
|
||||
<div v-if="!isNoteShared" class="sixteen wide column">
|
||||
<div class="ui button" v-on:click="makeShared()">Enable Shared</div>
|
||||
<p>Shared notes are different and junk.</p>
|
||||
<div class="ui button" v-on:click="makeShared()">Enable Sharing</div>
|
||||
<ul>
|
||||
<li>Shared notes can be read and edited by you and all shared users.</li>
|
||||
<li>Shared notes can only be shared by the creator of the note.</li>
|
||||
</ul>
|
||||
|
||||
</div>
|
||||
|
||||
<div v-if="isNoteShared" class="sixteen wide column">
|
||||
@ -17,14 +21,10 @@
|
||||
<div class="ui button" v-on:click="removeShared()">Remove Shared</div>
|
||||
|
||||
<div class="ui button" v-on:click="getSharedUrl()">Get Shareable URL</div>
|
||||
|
||||
<div v-if="sharedUrl.length > 0">
|
||||
<a target="_blank" :href="sharedUrl">{{ sharedUrl }}</a>
|
||||
<div class="ui input">
|
||||
<input type="text" v-model="sharedUrl">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<div class="sixteen wide column" v-if="isNoteShared && sharedUrl.length > 0">
|
||||
<p>Public Link - this link can be disabled by turning off sharing</p>
|
||||
<a target="_blank" :href="sharedUrl">{{ sharedUrl }}</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
@ -117,7 +117,7 @@
|
||||
:data="note"
|
||||
:title-view="titleView"
|
||||
:currently-open="(activeNoteId1 == note.id || activeNoteId2 == note.id)"
|
||||
:key="note.id + note.color + note.note_highlights.length + note.attachment_highlights.length + ' -' + note.tag_highlights.length + '-' +note.title.length + '-' +note.subtext.length + '-' + note.tag_count + note.updated"
|
||||
:key="note.id + note.color + '-' +note.title.length + '-' +note.subtext.length + '-' + note.tag_count + note.updated"
|
||||
/>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -6,30 +6,16 @@ Vue.use(Vuex);
|
||||
|
||||
export default new Vuex.Store({
|
||||
state: {
|
||||
token: null,
|
||||
username: null,
|
||||
nightMode: false,
|
||||
isUserOnMobile: false,
|
||||
isNoteSettingsOpen: false, //Little note settings pane
|
||||
socket: null,
|
||||
userTotals: null,
|
||||
},
|
||||
mutations: {
|
||||
setLoginToken(state, userData){
|
||||
|
||||
const username = userData.username
|
||||
const token = userData.token
|
||||
|
||||
localStorage.removeItem('loginToken') //We only want one login token per computer
|
||||
localStorage.setItem('loginToken', token)
|
||||
setUsername(state, username){
|
||||
|
||||
localStorage.removeItem('username') //We only want one login token per computer
|
||||
localStorage.setItem('username', username)
|
||||
|
||||
//Set default token to axios, every request will have header
|
||||
axios.defaults.headers.common['authorizationtoken'] = token
|
||||
|
||||
state.token = token
|
||||
state.username = username
|
||||
},
|
||||
destroyLoginToken(state){
|
||||
@ -37,8 +23,8 @@ export default new Vuex.Store({
|
||||
//Remove login token from local storage and from headers
|
||||
localStorage.removeItem('loginToken')
|
||||
localStorage.removeItem('username')
|
||||
localStorage.removeItem('currentVersion')
|
||||
delete axios.defaults.headers.common['authorizationtoken']
|
||||
state.token = null
|
||||
state.username = null
|
||||
},
|
||||
toggleNightMode(state, pastTheme){
|
||||
@ -125,6 +111,20 @@ export default new Vuex.Store({
|
||||
//Save all the totals for the user
|
||||
state.userTotals = totalsObject
|
||||
|
||||
//Set computer version from server
|
||||
const currentVersion = localStorage.getItem('currentVersion')
|
||||
if(currentVersion == null){
|
||||
localStorage.setItem('currentVersion', totalsObject.currentVersion)
|
||||
return
|
||||
}
|
||||
|
||||
//If version is already set and it doesn't match the server, reload app
|
||||
if(currentVersion != totalsObject.currentVersion){
|
||||
localStorage.setItem('currentVersion', totalsObject.currentVersion)
|
||||
location.reload(true)
|
||||
}
|
||||
|
||||
|
||||
// console.log('-------------')
|
||||
// Object.keys(totalsObject).forEach( key => {
|
||||
// console.log(key + ' -- ' + totalsObject[key])
|
||||
@ -135,11 +135,8 @@ export default new Vuex.Store({
|
||||
getUsername: state => {
|
||||
return state.username
|
||||
},
|
||||
getLoginToken: state => {
|
||||
return state.token
|
||||
},
|
||||
getLoggedIn: state => {
|
||||
let weIn = (state.token !== null && state.token != undefined && state.token.length > 0)
|
||||
let weIn = (state.username && state.username.length > 0)
|
||||
return weIn
|
||||
},
|
||||
getIsNightMode: state => {
|
||||
|
@ -1,38 +0,0 @@
|
||||
##
|
||||
#
|
||||
# This is just a mock config file, describing what is needed to run the app
|
||||
# The app currently only needs two paths / and /api
|
||||
#
|
||||
##
|
||||
|
||||
#
|
||||
# This is needed to define any ports the app may use from node
|
||||
#
|
||||
upstream expressapp {
|
||||
server 127.0.0.1:3000;
|
||||
keepalive 8;
|
||||
}
|
||||
|
||||
server {
|
||||
|
||||
#
|
||||
# Needed to server up static, compiled JS files and index.html
|
||||
#
|
||||
location / {
|
||||
autoindex on;
|
||||
}
|
||||
|
||||
#
|
||||
# define the api route to connect to the backend and serve up static files
|
||||
#
|
||||
location /api {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
|
||||
proxy_pass http://expressapp;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
}
|
@ -6,26 +6,33 @@ let Auth = {}
|
||||
|
||||
const tokenSecretKey = process.env.JSON_KEY
|
||||
|
||||
Auth.createToken = (userId, masterKey, request = null) => {
|
||||
Auth.createToken = (userId, masterKey, pastId = null, pastCreatedDate = null) => {
|
||||
return new Promise((resolve, reject) => {
|
||||
|
||||
const created = Math.floor(+new Date/1000)
|
||||
const created = pastCreatedDate ? pastCreatedDate : Math.floor(+new Date/1000)
|
||||
const userHash = cs.hash(String(userId)).toString('base64')
|
||||
|
||||
//Encrypt Master Password and save it to the server
|
||||
const sessionId = pastId ? pastId : cs.createSmallSalt().slice(0,9) //Use existing session id
|
||||
const salt = cs.createSmallSalt()
|
||||
const tempPass = cs.createSmallSalt()
|
||||
const encryptedMasterPass = cs.encrypt(tempPass, salt, masterKey)
|
||||
|
||||
|
||||
db.promise().query(
|
||||
|
||||
'INSERT INTO user_active_session (salt, encrypted_master_password, created, uses, user_hash) VALUES (?,?,?,?,?)',
|
||||
[salt, encryptedMasterPass, created, 1, userHash])
|
||||
//Deactivate all other session keys, they delete after 30 seconds
|
||||
db.promise().query('UPDATE user_active_session SET active = 0 WHERE session_id = ?', [sessionId])
|
||||
.then((r,f) => {
|
||||
|
||||
return db.promise().query(
|
||||
'INSERT INTO user_active_session (salt, encrypted_master_password, created, uses, user_hash, session_id) VALUES (?,?,?,?,?,?)',
|
||||
[salt, encryptedMasterPass, created, 40, userHash, sessionId])
|
||||
|
||||
})
|
||||
.then((r,f) => {
|
||||
|
||||
const sessionNum = r[0].insertId
|
||||
|
||||
//Required Data for JWT payload
|
||||
const tokenPayload = {userId, tempPass, salt}
|
||||
const tokenPayload = {userId, tempPass, sessionNum}
|
||||
|
||||
//Return token
|
||||
const token = jwt.sign(tokenPayload, tokenSecretKey)
|
||||
@ -33,50 +40,85 @@ Auth.createToken = (userId, masterKey, request = null) => {
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
Auth.decodeToken = (token, request = null) => {
|
||||
return new Promise((resolve, reject) => {
|
||||
|
||||
let decodedToken = null
|
||||
|
||||
//Delete all tokens older than 20 days before continuing or inacive and older than 1 minute
|
||||
const now = (Math.floor((+new Date)/1000))
|
||||
const twentyDays = (Math.floor((+new Date)/1000)) - (86400 * 20)
|
||||
const thirtySeconds = (Math.floor((+new Date)/1000)) - (30)
|
||||
|
||||
//Decode Json web token
|
||||
jwt.verify(token, tokenSecretKey, function(err, decoded){
|
||||
if(err || decoded.tempPass == undefined || decoded.tempPass.length < 5 || decoded.salt == undefined || decoded.salt.length < 5){
|
||||
return reject('Bad Token')
|
||||
}
|
||||
jwt.verify(token, tokenSecretKey, function(err, decoded){
|
||||
if(err || decoded.tempPass == undefined || decoded.tempPass.length < 5){
|
||||
throw new Error('Bad Token')
|
||||
}
|
||||
|
||||
decodedToken = decoded
|
||||
decodedToken = decoded
|
||||
|
||||
//Lookup session data in database
|
||||
return db.promise().query('SELECT * FROM user_active_session WHERE salt = ? LIMIT 1', [decodedToken.salt])
|
||||
})
|
||||
.then((r,f) => {
|
||||
db.promise().query('DELETE from user_active_session WHERE (created < ?) OR (active = false AND last_used < ?)', [twentyDays, thirtySeconds])
|
||||
.then((r,f) => {
|
||||
|
||||
const row = r[0][0]
|
||||
if(row == undefined || row.length == 0){
|
||||
return reject(false)
|
||||
}
|
||||
//Lookup session data in database
|
||||
db.promise().query('SELECT * FROM user_active_session WHERE id = ? LIMIT 1', [decodedToken.sessionNum])
|
||||
.then((r,f) => {
|
||||
|
||||
//Decrypt master key from database
|
||||
const masterKey = cs.decrypt(decodedToken.tempPass, decodedToken.salt, row.encrypted_master_password)
|
||||
if(masterKey == null){
|
||||
return reject (false)
|
||||
}
|
||||
if(r == undefined || r[0].length == 0){
|
||||
throw new Error('Active Session not found for token')
|
||||
}
|
||||
|
||||
const userData = {
|
||||
userId: decodedToken.userId, masterKey, tokenId: row.id
|
||||
}
|
||||
const row = r[0][0]
|
||||
|
||||
//Async update DB counts
|
||||
db.promise().query('UPDATE user_active_session SET uses = uses + 1 WHERE salt = ? LIMIT 1', [decodedToken.salt])
|
||||
// console.log(decodedToken.sessionNum + ' uses -> ' + row.uses)
|
||||
|
||||
return resolve(userData)
|
||||
if(row.uses <= 0){
|
||||
throw new Error('Token is used up')
|
||||
}
|
||||
|
||||
//Decrypt master key from lookup
|
||||
const masterKey = cs.decrypt(decodedToken.tempPass, row.salt, row.encrypted_master_password)
|
||||
if(masterKey == null){
|
||||
// console.log('Deleting invalid session')
|
||||
Auth.terminateSession(row.session_id)
|
||||
throw new Error ('Unable to decrypt password for session')
|
||||
}
|
||||
|
||||
//Async update DB counts and disable session if needed
|
||||
db.promise().query('UPDATE user_active_session SET uses = uses -1, last_used = ? WHERE id = ? LIMIT 1', [now, decodedToken.sessionNum])
|
||||
.then((r,f) => {
|
||||
|
||||
let userData = {
|
||||
'userId': decodedToken.userId,
|
||||
'masterKey': masterKey,
|
||||
'sessionId': row.session_id,
|
||||
'created': row.created,
|
||||
'remainingUses':(row.uses--),
|
||||
'active': row.active
|
||||
}
|
||||
|
||||
//Return token Data
|
||||
return resolve(userData)
|
||||
|
||||
})
|
||||
})
|
||||
.catch(error => {
|
||||
//Token errors result in having sessions deleted
|
||||
// console.log('-- Auth Token Error --')
|
||||
// console.log(error)
|
||||
reject(error)
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
||||
}
|
||||
Auth.reissueToken = () => {
|
||||
//If token has more than 200 uses, renew it
|
||||
|
||||
Auth.terminateSession = (sessionId) => {
|
||||
return db.promise().query('DELETE from user_active_session WHERE session_id = ?', [sessionId])
|
||||
}
|
||||
|
||||
Auth.deletAllLoginKeys = (userId) => {
|
||||
|
||||
const userHash = cs.hash(String(userId)).toString('base64')
|
||||
@ -86,8 +128,6 @@ Auth.deletAllLoginKeys = (userId) => {
|
||||
|
||||
Auth.test = () => {
|
||||
|
||||
// return Auth.deletAllLoginKeys(testUserId)
|
||||
|
||||
const testUserId = 22
|
||||
const testPass = cs.createSmallSalt()
|
||||
Auth.createToken(testUserId, testPass)
|
||||
@ -100,7 +140,6 @@ Auth.test = () => {
|
||||
.then(userData => {
|
||||
|
||||
console.log('Test: Decrypted key Match -> ' + (testPass == userData.masterKey))
|
||||
|
||||
return Auth.deletAllLoginKeys(testUserId)
|
||||
})
|
||||
.then(results => {
|
||||
@ -108,16 +147,6 @@ Auth.test = () => {
|
||||
console.log('Test: Remove user Json Web Tokens - Pass')
|
||||
|
||||
})
|
||||
|
||||
//create token with userId and master key
|
||||
// Auth.createToken()
|
||||
|
||||
//Thirt days ago
|
||||
// const thirtyDays = (Math.floor((+new Date)/1000)) - (86400 * 30)
|
||||
// const created = Math.floor(decoded.date/1000)
|
||||
// if(created < thirtyDays){
|
||||
// return reject('Token Expired')
|
||||
// }
|
||||
}
|
||||
|
||||
module.exports = Auth
|
@ -31,6 +31,9 @@ CryptoString.encrypt = (password, salt64, rawText) => {
|
||||
//Decrypt base64 string cipher text,
|
||||
CryptoString.decrypt = (password, salt64, cipherTextString) => {
|
||||
|
||||
if(!password || !salt64 || !cipherTextString){ return '' }
|
||||
if(password.length == 0 || salt64.length == 0 || cipherTextString == 0){ return '' }
|
||||
|
||||
let cipherText = Buffer.from(cipherTextString, 'base64')
|
||||
const salt = Buffer.from(salt64, 'base64')
|
||||
|
||||
|
@ -69,7 +69,7 @@ ProcessText.deduceNoteTitle = (inTitle, inString) => {
|
||||
//Remove inline styles that may be added by editor
|
||||
// inString = inString.replace(/style=".*?"/g,'')
|
||||
|
||||
const tagFreeLength = ProcessText.removeHtml(inString).length
|
||||
// const tagFreeLength = ProcessText.removeHtml(inString).length
|
||||
|
||||
//
|
||||
// Simplified attempt!
|
||||
@ -80,7 +80,7 @@ ProcessText.deduceNoteTitle = (inTitle, inString) => {
|
||||
// if(tagFreeLength > 200){
|
||||
// sub += '... <i class="green caret down icon"></i>'
|
||||
// }
|
||||
inString += '</end>'
|
||||
// inString += '</end>'
|
||||
|
||||
return {title, sub}
|
||||
|
||||
|
@ -50,13 +50,37 @@ io.on('connection', function(socket){
|
||||
socket.on('user_connect', token => {
|
||||
Auth.decodeToken(token)
|
||||
.then(userData => {
|
||||
socket.join(userData.id)
|
||||
socket.join(userData.userId)
|
||||
}).catch(error => {
|
||||
//Don't add user to room if they are not logged in
|
||||
// console.log(error)
|
||||
})
|
||||
})
|
||||
|
||||
//Renew Session tokens when users request a new one
|
||||
socket.on('renew_session_token', token => {
|
||||
|
||||
//Decode the token they currently have
|
||||
Auth.decodeToken(token)
|
||||
.then(userData => {
|
||||
|
||||
console.log('Is active -> ', userData.active)
|
||||
|
||||
if(userData.active == 1){
|
||||
//Create a new one using credentials and session keys from current
|
||||
Auth.createToken(userData.userId, userData.masterKey, userData.sessionId, userData.created)
|
||||
.then(newToken => {
|
||||
|
||||
//Emit new token only to user on socket
|
||||
socket.emit('recievend_new_token', newToken)
|
||||
})
|
||||
} else {
|
||||
//Attempting to reactivate disabled session, kills it all
|
||||
Auth.terminateSession(userData.sessionId)
|
||||
}
|
||||
})
|
||||
})
|
||||
|
||||
socket.on('join_room', rawTextId => {
|
||||
// Join user to rawtextid room when they enter
|
||||
socket.join(rawTextId)
|
||||
@ -78,11 +102,7 @@ io.on('connection', function(socket){
|
||||
//Update users in room count
|
||||
io.to(rawTextId).emit('update_user_count', usersInRoom.length)
|
||||
|
||||
//Debugging text
|
||||
console.log('Note diff object')
|
||||
console.log(noteDiffs)
|
||||
|
||||
|
||||
//Debugging text - prints out notes in limbo
|
||||
let noteDiffKeys = Object.keys(noteDiffs)
|
||||
let totalDiffs = 0
|
||||
noteDiffKeys.forEach(diffSetKey => {
|
||||
@ -90,9 +110,11 @@ io.on('connection', function(socket){
|
||||
totalDiffs += noteDiffs[diffSetKey].length
|
||||
}
|
||||
})
|
||||
|
||||
console.log('Total notes in limbo -> ', noteDiffKeys.length)
|
||||
console.log('Total Diffs for all notes -> ', totalDiffs)
|
||||
//Debugging Text
|
||||
if(noteDiffKeys.length > 0){
|
||||
console.log('Total notes in limbo -> ', noteDiffKeys.length)
|
||||
console.log('Total Diffs for all notes -> ', totalDiffs)
|
||||
}
|
||||
|
||||
}
|
||||
})
|
||||
@ -203,18 +225,27 @@ app.use(function(req, res, next){
|
||||
|
||||
//Always null out master key, never allow it set from outside
|
||||
req.headers.masterKey = null
|
||||
req.headers.tokenId = null
|
||||
req.headers.sessionId = null
|
||||
|
||||
//auth token set by axios in headers
|
||||
let token = req.headers.authorizationtoken
|
||||
if(token && token != null && typeof token === 'string'){
|
||||
if(token !== undefined && token.length > 0){
|
||||
Auth.decodeToken(token, req)
|
||||
.then(userData => {
|
||||
req.headers.userId = userData.userId //Update headers for the rest of the application
|
||||
|
||||
//Update headers for the rest of the application
|
||||
req.headers.userId = userData.userId
|
||||
req.headers.masterKey = userData.masterKey
|
||||
req.headers.tokenId = userData.tokenId
|
||||
req.headers.sessionId = userData.sessionId
|
||||
|
||||
//Tell front end remaining uses on current token
|
||||
res.set('remainingUses', userData.remainingUses)
|
||||
|
||||
next()
|
||||
}).catch(error => {
|
||||
})
|
||||
.catch(error => {
|
||||
|
||||
console.log(error)
|
||||
|
||||
res.statusMessage = error //Throw 400 error if token is bad
|
||||
res.status(400).end()
|
||||
@ -231,7 +262,7 @@ let UserTest = require('@models/User')
|
||||
let NoteTest = require('@models/Note')
|
||||
let AuthTest = require('@helpers/Auth')
|
||||
Auth.test()
|
||||
UserTest.keyPairTest('genMan12', '1', printResults)
|
||||
UserTest.keyPairTest('genMan15', '1', printResults)
|
||||
.then( ({testUserId, masterKey}) => NoteTest.test(testUserId, masterKey, printResults))
|
||||
.then( message => {
|
||||
if(printResults) console.log(message)
|
||||
|
@ -454,9 +454,12 @@ Note.update = (userId, noteId, noteText, noteTitle, color, pinned, archived, has
|
||||
}
|
||||
|
||||
let encryptedNoteText = ''
|
||||
//Create encrypted snippet
|
||||
const snippet = JSON.stringify([noteTitle, noteText.substring(0, 500)])
|
||||
noteSnippet = cs.encrypt(masterKey, snippetSalt, snippet)
|
||||
//Create encrypted snippet if its a long note
|
||||
let snippet = ''
|
||||
if(noteText.length > 500){
|
||||
snippet = JSON.stringify([noteTitle, noteText.substring(0, 500)])
|
||||
noteSnippet = cs.encrypt(masterKey, snippetSalt, snippet)
|
||||
}
|
||||
|
||||
//Encrypt note text
|
||||
const textObject = JSON.stringify([noteTitle, noteText])
|
||||
@ -946,8 +949,10 @@ Note.search = (userId, searchQuery, searchTags, fastFilters, masterKey) => {
|
||||
let searchParams = [userId]
|
||||
let noteSearchQuery = `
|
||||
SELECT note.id,
|
||||
note.snippet as snippet,
|
||||
note.snippet_salt as salt,
|
||||
note.snippet as snippetText,
|
||||
note.snippet_salt as snippetSalt,
|
||||
note_raw_text.text as noteText,
|
||||
note_raw_text.salt as noteSalt,
|
||||
note_raw_text.updated as updated,
|
||||
opened,
|
||||
color,
|
||||
@ -1092,26 +1097,39 @@ Note.search = (userId, searchQuery, searchTags, fastFilters, masterKey) => {
|
||||
}
|
||||
|
||||
|
||||
//Decrypt note text
|
||||
if(note.snippet && note.salt){
|
||||
const decipheredText = cs.decrypt(currentNoteKey, note.salt, note.snippet)
|
||||
const textObject = JSON.parse(decipheredText)
|
||||
if(textObject != null && textObject.length == 2){
|
||||
note.title = textObject[0]
|
||||
note.text = textObject[1]
|
||||
}
|
||||
//Only long notes have snippets, decipher it if present
|
||||
let displayTitle = ''
|
||||
let displayText = ''
|
||||
|
||||
let encryptedText = note.noteText
|
||||
let relatedSalt = note.noteSalt
|
||||
|
||||
//Default to note text, use snippet if set
|
||||
if(note.snippetSalt && note.snippetText && note.snippetSalt.length > 0 && note.snippetText.length > 0){
|
||||
encryptedText = note.snippetText
|
||||
relatedSalt = note.snippetSalt
|
||||
}
|
||||
|
||||
//Deduce note title
|
||||
const textData = ProcessText.deduceNoteTitle(note.title, note.text)
|
||||
try {
|
||||
const decipheredText = cs.decrypt(currentNoteKey, relatedSalt, encryptedText)
|
||||
const textObject = JSON.parse(decipheredText)
|
||||
if(textObject != null && textObject.length == 2){
|
||||
if(textObject[0] && textObject[0] != null && textObject[0].length > 0){
|
||||
displayTitle = textObject[0]
|
||||
}
|
||||
if(textObject[1] && textObject[1] != null && textObject[1].length > 0){
|
||||
displayText = textObject[1]
|
||||
}
|
||||
}
|
||||
} catch(err) {
|
||||
console.log('Error opening note id -> ', note.id)
|
||||
console.log(err)
|
||||
}
|
||||
|
||||
note.title = textData.title
|
||||
note.subtext = textData.sub
|
||||
|
||||
//Remove these variables
|
||||
note.note_highlights = []
|
||||
note.attachment_highlights = []
|
||||
note.tag_highlights = []
|
||||
|
||||
note.title = displayTitle
|
||||
note.subtext = ProcessText.stripDoubleBlankLines(displayText)
|
||||
|
||||
//Limit number of attachment thumbs to 4
|
||||
if(note.thumbs){
|
||||
@ -1123,9 +1141,12 @@ Note.search = (userId, searchQuery, searchTags, fastFilters, masterKey) => {
|
||||
}
|
||||
|
||||
//Clear out note.text before sending it to front end, its being used in title and subtext
|
||||
delete note.snippet
|
||||
delete note.salt
|
||||
delete note.snippetText
|
||||
delete note.snippetSalt
|
||||
delete note.noteText
|
||||
delete note.noteSalt
|
||||
delete note.encrypted_share_password_key
|
||||
delete note.text //Passed back as title and subtext
|
||||
})
|
||||
|
||||
|
||||
|
@ -143,6 +143,7 @@ User.getCounts = (userId) => {
|
||||
return new Promise((resolve, reject) => {
|
||||
|
||||
let countTotals = {}
|
||||
const userHash = cs.hash(String(userId)).toString('base64')
|
||||
|
||||
db.promise().query(
|
||||
`SELECT
|
||||
@ -170,8 +171,6 @@ User.getCounts = (userId) => {
|
||||
|
||||
Object.assign(countTotals, rows[0][0]) //combine results
|
||||
|
||||
const userHash = cs.hash(String(userId)).toString('base64')
|
||||
|
||||
return db.promise().query(
|
||||
`SELECT count(id) as activeSessions FROM user_active_session WHERE user_hash = ?`, [userHash]
|
||||
)
|
||||
@ -199,6 +198,8 @@ User.getCounts = (userId) => {
|
||||
countTotals[key] = count ? count : 0
|
||||
})
|
||||
|
||||
countTotals['currentVersion'] = '3.0.0'
|
||||
|
||||
resolve(countTotals)
|
||||
})
|
||||
|
||||
@ -206,8 +207,9 @@ User.getCounts = (userId) => {
|
||||
}
|
||||
|
||||
//Log out user by deleting login token for that active session
|
||||
User.logout = (tokenId) => {
|
||||
return db.promise().query('DELETE FROM user_active_session WHERE (id = ?)', [tokenId])
|
||||
User.logout = (sessionId) => {
|
||||
console.log('Terminate Session -> ', sessionId)
|
||||
return db.promise().query('DELETE FROM user_active_session WHERE (session_id = ?)', [sessionId])
|
||||
}
|
||||
|
||||
User.generateMasterKey = (userId, password) => {
|
||||
|
@ -136,19 +136,4 @@ router.post('/disableshare', function (req, res) {
|
||||
})
|
||||
|
||||
|
||||
|
||||
|
||||
//
|
||||
// Testing Action
|
||||
//
|
||||
//Reindex all Note. Not a very good function, not public
|
||||
router.get('/reindex5yu43prchuj903mrc', function (req, res) {
|
||||
|
||||
Note.migrateNoteTextToNewTable().then(status => {
|
||||
return res.send(status)
|
||||
})
|
||||
|
||||
})
|
||||
|
||||
|
||||
module.exports = router
|
@ -33,7 +33,7 @@ router.post('/login', function (req, res) {
|
||||
// Logout User
|
||||
router.post('/logout', function (req, res) {
|
||||
|
||||
User.logout(req.headers.tokenId)
|
||||
User.logout(req.headers.sessionId)
|
||||
.then( returnData => {
|
||||
res.send(true)
|
||||
})
|
||||
|
Loading…
Reference in New Issue
Block a user