From f73ec2dd940e5f3e827e399920ee7660e338e73c Mon Sep 17 00:00:00 2001 From: Tzahi12345 Date: Sun, 3 May 2020 18:55:42 -0400 Subject: [PATCH] Fixed bug that caused users with large amounts of data to have extremely large tokens Subfolders are now ensured to exist with the normal downloading method Initialization now happens after token retrieval to avoid failed requests Fixed bug that caused login to be called twice, introducing a possible race condition --- backend/app.js | 4 +++- backend/authentication/auth.js | 4 ++-- src/app/components/login/login.component.ts | 5 ++++- src/app/posts.services.ts | 16 +++++++--------- 4 files changed, 16 insertions(+), 13 deletions(-) diff --git a/backend/app.js b/backend/app.js index ed05ff1..dec38e8 100644 --- a/backend/app.js +++ b/backend/app.js @@ -1365,7 +1365,9 @@ async function downloadFileByURL_normal(url, type, options, sessionID = null) { video.on('info', function(info) { video_info = info; file_size = video_info.size; - fs.writeJSONSync(removeFileExtension(video_info._filename) + '.info.json', video_info); + const json_path = removeFileExtension(video_info._filename) + '.info.json'; + fs.ensureFileSync(json_path); + fs.writeJSONSync(json_path, video_info); video.pipe(fs.createWriteStream(video_info._filename, { flags: 'w' })) }); // Will be called if download was already completed and there is nothing more to download. diff --git a/backend/authentication/auth.js b/backend/authentication/auth.js index 5098738..7501bdc 100644 --- a/backend/authentication/auth.js +++ b/backend/authentication/auth.js @@ -46,7 +46,7 @@ exports.initialize = function(input_users_db, input_logger) { opts.audience = 'example.com';*/ exports.passport.use(new JwtStrategy(opts, function(jwt_payload, done) { - const user = users_db.get('users').find({uid: jwt_payload.user.uid}).value(); + const user = users_db.get('users').find({uid: jwt_payload.user}).value(); if (user) { return done(null, user); } else { @@ -209,7 +209,7 @@ exports.authenticateViaPassport = function(req, res, next) { exports.generateJWT = function(req, res, next) { var payload = { exp: Math.floor(Date.now() / 1000) + JWT_EXPIRATION - , user: req.user + , user: req.user.uid }; req.token = jwt.sign(payload, SERVER_SECRET); next(); diff --git a/src/app/components/login/login.component.ts b/src/app/components/login/login.component.ts index 4906efa..a7266fb 100644 --- a/src/app/components/login/login.component.ts +++ b/src/app/components/login/login.component.ts @@ -41,12 +41,15 @@ export class LoginComponent implements OnInit { } login() { - if (this.loginPasswordInput === '') { + if (this.loginPasswordInput === '' || this.loggingIn) { return; } this.loggingIn = true; this.postsService.login(this.loginUsernameInput, this.loginPasswordInput).subscribe(res => { this.loggingIn = false; + if (res['token']) { + this.postsService.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']); + } }, err => { this.loggingIn = false; }); diff --git a/src/app/posts.services.ts b/src/app/posts.services.ts index b793345..7b18fb8 100644 --- a/src/app/posts.services.ts +++ b/src/app/posts.services.ts @@ -1,5 +1,5 @@ import {Injectable, isDevMode, Inject} from '@angular/core'; -import { HttpClient, HttpParams } from '@angular/common/http'; +import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http'; import 'rxjs/add/operator/map'; import 'rxjs/add/operator/map'; import 'rxjs/add/operator/catch'; @@ -64,7 +64,7 @@ export class PostsService implements CanActivate { this.httpOptions = { params: new HttpParams({ fromString: this.http_params - }), + }) }; Fingerprint2.get(components => { @@ -83,7 +83,6 @@ export class PostsService implements CanActivate { if (localStorage.getItem('jwt_token')) { this.token = localStorage.getItem('jwt_token'); this.httpOptions.params = this.httpOptions.params.set('jwt', this.token); - this.jwtAuth(); } else { this.sendToLogin(); @@ -335,12 +334,13 @@ export class PostsService implements CanActivate { this.permissions = permissions; this.available_permissions = available_permissions; this.token = token; - this.setInitialized(); localStorage.setItem('jwt_token', this.token); this.httpOptions.params = this.httpOptions.params.set('jwt', this.token); + console.log(this.httpOptions); + this.setInitialized(); // needed to re-initialize parts of app after login this.config_reloaded.next(true); @@ -352,25 +352,23 @@ export class PostsService implements CanActivate { // user methods login(username, password) { const call = this.http.post(this.path + 'auth/login', {userid: username, password: password}, this.httpOptions); - call.subscribe(res => { - if (res['token']) { - this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']); - } - }); return call; } // user methods jwtAuth() { + console.log('doing jwt call'); const call = this.http.post(this.path + 'auth/jwtAuth', {}, this.httpOptions); call.subscribe(res => { if (res['token']) { this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']); } }, err => { + console.log('jwt errored') if (err.status === 401) { this.sendToLogin(); } + console.log(err) }); return call; }