Fixed bug that caused users with large amounts of data to have extremely large tokens

Subfolders are now ensured to exist with the normal downloading method

Initialization now happens after token retrieval to avoid failed requests

Fixed bug that caused login to be called twice, introducing a possible race condition

backend/app.js

@@ -1365,7 +1365,9 @@ async function downloadFileByURL_normal(url, type, options, sessionID = null) {
         video.on('info', function(info) {
             video_info = info;
             file_size = video_info.size;
-            fs.writeJSONSync(removeFileExtension(video_info._filename) + '.info.json', video_info);
+            const json_path = removeFileExtension(video_info._filename) + '.info.json';
+            fs.ensureFileSync(json_path);
+            fs.writeJSONSync(json_path, video_info);
             video.pipe(fs.createWriteStream(video_info._filename, { flags: 'w' }))
         });
         // Will be called if download was already completed and there is nothing more to download.

backend/authentication/auth.js

@@ -46,7 +46,7 @@ exports.initialize = function(input_users_db, input_logger) {
   opts.audience = 'example.com';*/
 
   exports.passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
-    const user = users_db.get('users').find({uid: jwt_payload.user.uid}).value();
+    const user = users_db.get('users').find({uid: jwt_payload.user}).value();
     if (user) {
         return done(null, user);
     } else {
@@ -209,7 +209,7 @@ exports.authenticateViaPassport = function(req, res, next) {
 exports.generateJWT = function(req, res, next) {
   var payload = {
       exp: Math.floor(Date.now() / 1000) + JWT_EXPIRATION
-    , user: req.user
+    , user: req.user.uid
   };
   req.token = jwt.sign(payload, SERVER_SECRET);
   next();  

src/app/components/login/login.component.ts

@@ -41,12 +41,15 @@ export class LoginComponent implements OnInit {
   }
 
   login() {
-    if (this.loginPasswordInput === '') {
+    if (this.loginPasswordInput === '' || this.loggingIn) {
       return;
     }
     this.loggingIn = true;
     this.postsService.login(this.loginUsernameInput, this.loginPasswordInput).subscribe(res => {
       this.loggingIn = false;
+      if (res['token']) {
+        this.postsService.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
+      }
     }, err => {
       this.loggingIn = false;
     });

src/app/posts.services.ts

@@ -1,5 +1,5 @@
 import {Injectable, isDevMode, Inject} from '@angular/core';
-import { HttpClient, HttpParams } from '@angular/common/http';
+import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
 import 'rxjs/add/operator/map';
 import 'rxjs/add/operator/map';
 import 'rxjs/add/operator/catch';
@@ -64,7 +64,7 @@ export class PostsService implements CanActivate {
         this.httpOptions = {
             params: new HttpParams({
               fromString: this.http_params
-            }),
+            })
         };
 
         Fingerprint2.get(components => {
@@ -83,7 +83,6 @@ export class PostsService implements CanActivate {
                     if (localStorage.getItem('jwt_token')) {
                         this.token = localStorage.getItem('jwt_token');
                         this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
-
                         this.jwtAuth();
                     } else {
                         this.sendToLogin();
@@ -335,12 +334,13 @@ export class PostsService implements CanActivate {
         this.permissions = permissions;
         this.available_permissions = available_permissions;
         this.token = token;
-        this.setInitialized();
 
         localStorage.setItem('jwt_token', this.token);
 
         this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
+        console.log(this.httpOptions);
 
+        this.setInitialized();
         // needed to re-initialize parts of app after login
         this.config_reloaded.next(true);
 
@@ -352,25 +352,23 @@ export class PostsService implements CanActivate {
     // user methods
     login(username, password) {
         const call = this.http.post(this.path + 'auth/login', {userid: username, password: password}, this.httpOptions);
-        call.subscribe(res => {
-            if (res['token']) {
-                this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
-            }
-        });
         return call;
     }
 
     // user methods
     jwtAuth() {
+        console.log('doing jwt call');
         const call = this.http.post(this.path + 'auth/jwtAuth', {}, this.httpOptions);
         call.subscribe(res => {
             if (res['token']) {
                 this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
             }
         }, err => {
+            console.log('jwt errored')
             if (err.status === 401) {
                 this.sendToLogin();
             }
+            console.log(err)
         });
         return call;
     }