Fixed bug that caused users with large amounts of data to have extremely large tokens

Subfolders are now ensured to exist with the normal downloading method

Initialization now happens after token retrieval to avoid failed requests

Fixed bug that caused login to be called twice, introducing a possible race condition
pull/82/head
Tzahi12345 5 years ago
parent 26ad195597
commit f73ec2dd94

@ -1365,7 +1365,9 @@ async function downloadFileByURL_normal(url, type, options, sessionID = null) {
video.on('info', function(info) {
video_info = info;
file_size = video_info.size;
fs.writeJSONSync(removeFileExtension(video_info._filename) + '.info.json', video_info);
const json_path = removeFileExtension(video_info._filename) + '.info.json';
fs.ensureFileSync(json_path);
fs.writeJSONSync(json_path, video_info);
video.pipe(fs.createWriteStream(video_info._filename, { flags: 'w' }))
});
// Will be called if download was already completed and there is nothing more to download.

@ -46,7 +46,7 @@ exports.initialize = function(input_users_db, input_logger) {
opts.audience = 'example.com';*/
exports.passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
const user = users_db.get('users').find({uid: jwt_payload.user.uid}).value();
const user = users_db.get('users').find({uid: jwt_payload.user}).value();
if (user) {
return done(null, user);
} else {
@ -209,7 +209,7 @@ exports.authenticateViaPassport = function(req, res, next) {
exports.generateJWT = function(req, res, next) {
var payload = {
exp: Math.floor(Date.now() / 1000) + JWT_EXPIRATION
, user: req.user
, user: req.user.uid
};
req.token = jwt.sign(payload, SERVER_SECRET);
next();

@ -41,12 +41,15 @@ export class LoginComponent implements OnInit {
}
login() {
if (this.loginPasswordInput === '') {
if (this.loginPasswordInput === '' || this.loggingIn) {
return;
}
this.loggingIn = true;
this.postsService.login(this.loginUsernameInput, this.loginPasswordInput).subscribe(res => {
this.loggingIn = false;
if (res['token']) {
this.postsService.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
}
}, err => {
this.loggingIn = false;
});

@ -1,5 +1,5 @@
import {Injectable, isDevMode, Inject} from '@angular/core';
import { HttpClient, HttpParams } from '@angular/common/http';
import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
import 'rxjs/add/operator/map';
import 'rxjs/add/operator/map';
import 'rxjs/add/operator/catch';
@ -64,7 +64,7 @@ export class PostsService implements CanActivate {
this.httpOptions = {
params: new HttpParams({
fromString: this.http_params
}),
})
};
Fingerprint2.get(components => {
@ -83,7 +83,6 @@ export class PostsService implements CanActivate {
if (localStorage.getItem('jwt_token')) {
this.token = localStorage.getItem('jwt_token');
this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
this.jwtAuth();
} else {
this.sendToLogin();
@ -335,12 +334,13 @@ export class PostsService implements CanActivate {
this.permissions = permissions;
this.available_permissions = available_permissions;
this.token = token;
this.setInitialized();
localStorage.setItem('jwt_token', this.token);
this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
console.log(this.httpOptions);
this.setInitialized();
// needed to re-initialize parts of app after login
this.config_reloaded.next(true);
@ -352,25 +352,23 @@ export class PostsService implements CanActivate {
// user methods
login(username, password) {
const call = this.http.post(this.path + 'auth/login', {userid: username, password: password}, this.httpOptions);
call.subscribe(res => {
if (res['token']) {
this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
}
});
return call;
}
// user methods
jwtAuth() {
console.log('doing jwt call');
const call = this.http.post(this.path + 'auth/jwtAuth', {}, this.httpOptions);
call.subscribe(res => {
if (res['token']) {
this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
}
}, err => {
console.log('jwt errored')
if (err.status === 401) {
this.sendToLogin();
}
console.log(err)
});
return call;
}

Loading…
Cancel
Save