Skip to content

Commit

Permalink
handle expired token being null and prevent constant rerender (#956)
Browse files Browse the repository at this point in the history 
* handle expired token being null and prevent constant rerender

* reset defaults
  • Loading branch information
@timothycarambat
timothycarambat authored Mar 26, 2024
1 parent 1ecefe8 commit efe9dfa
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 9 deletions.
10 changes: 6 additions & 4 deletions frontend/src/components/Modals/Password/index.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ export default function PasswordModal({ mode = "single" }) {
);
}

export function usePasswordModal() {
export function usePasswordModal(notry = false) {
const [auth, setAuth] = useState({
loading: true,
requiresAuth: false,
Expand All @@ -47,7 +47,7 @@ export function usePasswordModal() {

// If the last validity check is still valid
// we can skip the loading.
if (!System.needsAuthCheck()) {
if (!System.needsAuthCheck() && notry === false) {
setAuth({
loading: false,
requiresAuth: false,
Expand All @@ -60,7 +60,7 @@ export function usePasswordModal() {
if (settings?.MultiUserMode) {
const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
const valid = await System.checkAuth(currentToken);
const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
Expand Down Expand Up @@ -102,14 +102,16 @@ export function usePasswordModal() {

const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
const valid = await System.checkAuth(currentToken);
const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
requiresAuth: true,
mode: "single",
});
window.localStorage.removeItem(AUTH_TOKEN);
window.localStorage.removeItem(AUTH_USER);
window.localStorage.removeItem(AUTH_TIMESTAMP);
return;
} else {
setAuth({
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/PrivateRoute/index.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,6 @@ export default function PrivateRoute({ Component }) {
<Component />
</UserMenu>
) : (
<Navigate to={paths.login()} />
<Navigate to={paths.login(true)} />
);
}
4 changes: 3 additions & 1 deletion frontend/src/pages/Login/index.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,11 @@ import PasswordModal, { usePasswordModal } from "@/components/Modals/Password";
import { FullScreenLoader } from "@/components/Preloader";
import { Navigate } from "react-router-dom";
import paths from "@/utils/paths";
import useQuery from "@/hooks/useQuery";

export default function Login() {
const { loading, requiresAuth, mode } = usePasswordModal();
const query = useQuery();
const { loading, requiresAuth, mode } = usePasswordModal(!!query.get("nt"));
if (loading) return <FullScreenLoader />;
if (requiresAuth === false) return <Navigate to={paths.home()} />;

Expand Down
4 changes: 2 additions & 2 deletions frontend/src/utils/paths.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ export default {
home: () => {
return "/";
},
login: () => {
return "/login";
login: (noTry = false) => {
return `/login${noTry ? "?nt=1" : ""}`;
},
onboarding: {
home: () => {
Expand Down
10 changes: 9 additions & 1 deletion server/utils/middleware/validatedRequest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,17 @@ async function validatedRequest(request, response, next) {

const bcrypt = require("bcrypt");
const { p } = decodeJWT(token);

if (p === null) {
response.status(401).json({
error: "Token expired or failed validation.",
});
return;
}

if (!bcrypt.compareSync(p, bcrypt.hashSync(process.env.AUTH_TOKEN, 10))) {
response.status(401).json({
error: "Invalid auth token found.",
error: "Invalid auth credentials.",
});
return;
}
Expand Down

0 comments on commit efe9dfa

Please sign in to comment.