don't save proxy user's tokens in localstorage

we still want those tokens, we will use them in the mobile app. but we
don't want them client side, otherwise proxy users remain logged in. we
centralize the logic around storing the token, and turn `setUser` into
an action vs a mutation
This commit is contained in:
Igor Serebryany 2023-10-06 15:35:04 -07:00
parent 096b5496b3
commit 63f1df4015
No known key found for this signature in database
GPG key ID: 0AF607692FD9EB24
5 changed files with 19 additions and 24 deletions

View file

@ -293,7 +293,7 @@ export default {
},
userUpdated(user) {
if (this.$store.state.user.user.id === user.id) {
this.$store.commit('user/setUser', user)
this.$store.dispatch('user/setUser', user)
}
},
userOnline(user) {

View file

@ -98,10 +98,7 @@ export default {
this.$axios.$post('/logout', logoutPayload).catch((error) => {
console.error(error)
})
if (localStorage.getItem('token')) {
localStorage.removeItem('token')
}
this.$store.commit('user/setUser', null)
this.$store.dispatch('user/setUser', null)
this.$store.commit('libraries/setUserPlaylists', [])
this.$store.commit('libraries/setCollections', [])
this.$router.push('/login')

View file

@ -144,8 +144,8 @@ export default {
}
this.$store.commit('libraries/setCurrentLibrary', userDefaultLibraryId)
this.$store.commit('user/setUser', user)
this.$store.dispatch('user/setUser', user)
this.$store.dispatch('user/loadUserSettings')
},
async submitForm() {

View file

@ -131,21 +131,26 @@ export const actions = {
} catch (error) {
console.error('Failed to load userSettings from local storage', error)
}
}
},
setUser({ commit }, user) {
commit('setUser', user)
commit('setUserToken', user ? user.token : null)
},
}
export const mutations = {
setUser(state, user) {
state.user = user
if (user) {
if (user.token) localStorage.setItem('token', user.token)
} else {
localStorage.removeItem('token')
}
},
setUserToken(state, token) {
state.user.token = token
localStorage.setItem('token', user.token)
if (!token) {
localStorage.removeItem('token')
} else if (state.user && state.user.isFromProxy) {
localStorage.removeItem('token')
} else {
state.user.token = token
localStorage.setItem('token', token)
}
},
updateMediaProgress(state, { id, data }) {
if (!state.user) return

View file

@ -158,8 +158,6 @@ class Auth {
email,
type: 'user',
isActive: true,
token: null,
isFromProxy: true,
}
return await this.createUser(account)
@ -179,12 +177,7 @@ class Auth {
delete account.password
account.pash = await this.hashPass(password)
// proxy users don't get a token
if (!account.isFromProxy) {
account.token = await this.generateAccessToken({ userId: account.id, username })
}
account.token = await this.generateAccessToken({ userId: account.id, username })
account.createdAt = Date.now()
const newUser = new User(account)