- aggiornamento refreshtoken (parte 1)

- PCB: fix listino
2024-04-09 21:57:04 +02:00
parent ae08bc9ad6
commit 62c0f497e5
84 changed files with 317 additions and 301 deletions
--- a/src/store/Api/Instance.ts
+++ b/src/store/Api/Instance.ts
@@ -63,6 +63,7 @@ async function Request(type: string, path: string, payload: any): Promise<Types.
        headers: {
          'Content-Type': 'application/json',
          'x-auth': userStore.x_auth_token,
+          'x-refrTok': userStore.refreshToken,
        },
      })
      ricevuto = true
@@ -75,20 +76,24 @@ async function Request(type: string, path: string, payload: any): Promise<Types.

      if (response && (response.status === 200)) {
        let x_auth_token = ''
+        let refreshToken = ''
        try {
          if (setAuthToken || (path === '/users/login')) {
            x_auth_token = String(response.headers['x-auth'])
+            refreshToken = String(response.headers['x-refrTok'])

            if (x_auth_token === '') {
              userStore.setServerCode(toolsext.ERR_AUTHENTICATION)
            }
            if (setAuthToken) {
-              userStore.UpdatePwd(x_auth_token)
+              userStore.UpdatePwd(x_auth_token, refreshToken)
              localStorage.setItem(toolsext.localStorage.token, x_auth_token)
+              localStorage.setItem(toolsext.localStorage.refreshToken, refreshToken)
            }

-            userStore.setAuth(x_auth_token)
+            userStore.setAuth(x_auth_token, refreshToken)
            localStorage.setItem(toolsext.localStorage.token, x_auth_token)
+            localStorage.setItem(toolsext.localStorage.refreshToken, refreshToken)
          }

          globalStore.setStateConnection(ricevuto ? 'online' : 'offline')
@@ -96,7 +101,7 @@ async function Request(type: string, path: string, payload: any): Promise<Types.
        } catch (e) {
          if (setAuthToken) {
            userStore.setServerCode(toolsext.ERR_AUTHENTICATION)
-            userStore.setAuth('')
+            userStore.setAuth('', '')
          }
          globalStore.setStateConnection(ricevuto ? 'online' : 'offline')
          return Promise.reject(new Types.AxiosError(serv_constants.RIS_CODE__HTTP_FORBIDDEN_INVALID_TOKEN, null, toolsext.ERR_AUTHENTICATION))
@@ -112,6 +117,7 @@ async function Request(type: string, path: string, payload: any): Promise<Types.
        headers: {
          'Content-Type': 'application/json',
          'x-auth': userStore.x_auth_token,
+          'x-refrTok': userStore.refreshToken,
        },
      })
      ricevuto = true
@@ -122,6 +128,7 @@ async function Request(type: string, path: string, payload: any): Promise<Types.
        headers: {
          'Content-Type': 'multipart/form-data',
          'x-auth': userStore.x_auth_token,
+          'x-refrTok': userStore.refreshToken,
        },
      })
      ricevuto = true
--- a/src/store/Api/index.ts
+++ b/src/store/Api/index.ts
@@ -85,6 +85,38 @@ export const Api = {
    })
  },

+  async refreshToken() {
+    // Implementa la logica per ottenere un nuovo token utilizzando il refreshToken
+    // Potrebbe essere una chiamata al server simile a sendRequest()
+    // Se il refreshToken è valido, salva il nuovo token e restituiscilo
+    // Altrimenti, gestisci il caso di refreshToken scaduto o invalido, e.g., redirecting to login
+
+    try {
+      console.log('refreshToken')
+      const response = await axios.post('/users/newTok', {
+        refreshToken: localStorage.getItem(toolsext.localStorage.refreshToken)
+      });
+
+      // Save the new access token in local storage
+      localStorage.setItem(toolsext.localStorage.token, response.data.accessToken);
+
+      // Reset the refresh token if it was reset by the server
+      if (response.data.refreshToken) {
+        localStorage.setItem(toolsext.localStorage.refreshToken, response.data.refreshToken);
+      }
+
+      // Return the new access token
+      return response.data.accessToken;
+    } catch (error) {
+      // Handle the error, for example by logging out the user
+      console.error(error);
+      localStorage.removeItem(toolsext.localStorage.token);
+      localStorage.removeItem(toolsext.localStorage.refreshToken);
+      throw error;
+    }
+
+  },
+
  async SendReq(url: string, method: string, mydata: any, setAuthToken = false): Promise<Types.AxiosSuccess | Types.AxiosError> {
    const mydataout = {
      ...mydata,
@@ -103,7 +135,7 @@ export const Api = {
    userStore.setResStatus(0)
    // eslint-disable-next-line @typescript-eslint/no-misused-promises
    return new Promise((resolve, reject) => sendRequest(url, method, mydataout)
-      .then((res) => {
+      .then(async (res) => {
        // console.log('status:', res.status)

        setTimeout(() => {
@@ -121,9 +153,24 @@ export const Api = {
            // Forbidden
            // You probably is connectiong with other page...
            userStore.setServerCode(toolsext.ERR_AUTHENTICATION)
-            userStore.setAuth('')
+            userStore.setAuth('', '')
            // $router.push('/signin')
            return reject({ code: toolsext.ERR_AUTHENTICATION })
+          } else if (res.status === serv_constants.RIS_CODE__HTTP_FORBIDDEN_TOKEN_EXPIRED) {
+            console.log('Token Expired')
+            // Prova ad ottenere un nuovo token di accesso
+            try {
+              // Se il token è scaduto, allora faccio la richiesta di un NUOVO TOKEN, passandogli refreshToken
+              const newAccessToken = await this.refreshToken();
+              userStore.setAuth(newAccessToken, userStore.refreshToken);
+
+              // Riprova l'originale SendReq con il nuovo token.
+              // Assicurati di evitare un loop infinito in caso di errori continui
+              return resolve(this.SendReq(url, method, mydata, setAuthToken));
+            } catch (error) {
+              // Gestisci errore di refresh token (es. redirect a signin)
+              return reject(error);
+            }
          }
        }
        if (tools.isDebug())
@@ -162,7 +209,7 @@ export const Api = {
          let lettoqualcosa = false

          // console.log('A1) INIZIO.............................................................')
-          return globalroutines( 'readall', tablesync, null)
+          return globalroutines('readall', tablesync, null)
            .then((alldata) => {
              if (alldata === undefined) {
                console.log('alldata NON DEFINITA')
@@ -184,10 +231,10 @@ export const Api = {
                  .then((ris) => {
                    ReceiveResponsefromServer(tablesync, nametab, method, ris.data)
                    lettoqualcosa = true
-                    return globalroutines( 'delete', tablesync, null, rec._id)
+                    return globalroutines('delete', tablesync, null, rec._id)
                  })
                  .then(() => {
-                    return globalroutines( 'delete', 'swmsg', null, mystrparam)
+                    return globalroutines('delete', 'swmsg', null, mystrparam)
                  }).catch((err) => {
                    if (err.msgerr) {
                      if (err.msgerr.message.includes('Failed to fetch') || err.msgerr.message.includes('Network Error')) {
@@ -196,7 +243,7 @@ export const Api = {
                    }
                    console.log(' [Alternative] !!!!!!!!!!!!!!!   Error while sending data', err, errorfromserver, 'lettoqualcosa', lettoqualcosa)
                    if (!errorfromserver) {
-                      return globalroutines( 'delete', 'swmsg', null, mystrparam)
+                      return globalroutines('delete', 'swmsg', null, mystrparam)
                    }
                  })
              })
--- a/src/store/Modules/serv_constants.ts
+++ b/src/store/Modules/serv_constants.ts
@@ -28,6 +28,7 @@ export const serv_constants = {
  RIS_CODE_LOGIN_OK: 1,
  RIS_ISCRIZIONE_OK: 5,
  RIS_CODE__HTTP_FORBIDDEN_INVALID_TOKEN: 403,
+  RIS_CODE__HTTP_FORBIDDEN_TOKEN_EXPIRED: 408,

  RIS_CODE_TOKEN_RESETPASSWORD_NOT_FOUND: -23,

--- a/src/store/Modules/tools.ts
+++ b/src/store/Modules/tools.ts
@@ -4396,7 +4396,7 @@ export const tools = {
  },
  getheaders() {
    const userStore = useUserStore()
-    return [{ name: 'x-auth', value: userStore.x_auth_token }]
+    return [{ name: 'x-auth', value: userStore.x_auth_token }, { name: 'x-refrTok', value: userStore.refreshToken }]
  },

  getextfile(filename: string) {
@@ -8510,8 +8510,12 @@ export const tools = {
  },

  getInvitante() {
-    const invitante = tools.getCookie(tools.APORTADOR_SOLIDARIO)
-    return invitante ? invitante : ''
+    try {
+      const invitante = tools.getCookie(tools.APORTADOR_SOLIDARIO, '')
+      return invitante ? invitante : ''
+    } catch (e) {
+      return ''
+    }
  },

  contieneSlash(str: string) {
--- a/src/store/Modules/toolsext.ts
+++ b/src/store/Modules/toolsext.ts
@@ -117,6 +117,7 @@ export const toolsext = {
    leftDrawerOpen: 'ldo',
    userId: 'uid',
    token: 'tk',
+    refreshToken: 'rt',
    username: 'uname',
    name: 'nm',
    surname: 'sn',
--- a/src/store/UserStore.ts
+++ b/src/store/UserStore.ts
@@ -196,6 +196,7 @@ export const useUserStore = defineStore('UserStore', {
    servercode: 0,
    resStatus: 0,
    x_auth_token: '',
+    refreshToken: '', 
    isLogged: false,
    isAdmin: false,
    isManager: false,
@@ -803,6 +804,7 @@ export const useUserStore = defineStore('UserStore', {
      this.resStatus = 0
      this.isLogged = false
      this.x_auth_token = ''
+      this.refreshToken = ''

      return true
    },
@@ -1115,7 +1117,7 @@ export const useUserStore = defineStore('UserStore', {

        this.my.tokens = []
        this.resetArrToken(this.my.tokens)
-        this.my.tokens.push({ access: 'auth', token: this.x_auth_token, data_login: tools.getDateNow() })
+        this.my.tokens.push({ access: 'auth', token: this.x_auth_token, refreshToken: this.refreshToken, data_login: tools.getDateNow() })

      } catch (e) {
        console.log('Error authUser: ' + e)
@@ -1139,6 +1141,7 @@ export const useUserStore = defineStore('UserStore', {
      if (myuser.profile !== undefined) tools.localStSetItem(toolsext.localStorage.img, (myuser.profile.img) ? String(myuser.profile.img) || '' : '')
      else tools.localStSetItem(toolsext.localStorage.img, '')
      localStorage.setItem(toolsext.localStorage.token, this.x_auth_token)
+      localStorage.setItem(toolsext.localStorage.refreshToken, this.refreshToken)
      localStorage.setItem(toolsext.localStorage.expirationDate, expirationDate.toString())
      tools.localStSetItem(toolsext.localStorage.isLogged, String(true))
      tools.localStSetItem(toolsext.localStorage.verified_email, String(myuser.verified_email))
@@ -1200,6 +1203,7 @@ export const useUserStore = defineStore('UserStore', {
                tools.localStSetItem(toolsext.localStorage.name, newuser.name)
                tools.localStSetItem(toolsext.localStorage.surname, newuser.surname)
                localStorage.setItem(toolsext.localStorage.token, this.x_auth_token)
+                localStorage.setItem(toolsext.localStorage.refreshToken, this.refreshToken)
                localStorage.setItem(toolsext.localStorage.expirationDate, expirationDate.toString())
                tools.localStSetItem(toolsext.localStorage.verified_email, String(false))
                tools.localStSetItem(toolsext.localStorage.verified_by_aportador, String(false))
@@ -1223,12 +1227,13 @@ export const useUserStore = defineStore('UserStore', {
        })
    },

-    UpdatePwd(x_auth_token: string) {
+    UpdatePwd(x_auth_token: string, refreshToken: string) {
      this.x_auth_token = x_auth_token
+      this.refreshToken = refreshToken
      if (!this.my.tokens) {
        this.my.tokens = []
      }
-      this.my.tokens.push({ access: 'auth', token: x_auth_token, data_login: tools.getDateNow() })
+      this.my.tokens.push({ access: 'auth', token: x_auth_token, refreshToken, data_login: tools.getDateNow() })
    },

    setServerCode(num: number) {
@@ -1239,8 +1244,9 @@ export const useUserStore = defineStore('UserStore', {
      this.resStatus = status
    },

-    setAuth(x_auth_token: string) {
+    setAuth(x_auth_token: string, refreshToken: string) {
      this.x_auth_token = x_auth_token
+      this.refreshToken = refreshToken
    },

    resetArrToken(arrtokens: IToken[]) {
@@ -1297,7 +1303,7 @@ export const useUserStore = defineStore('UserStore', {
    },

    async signin(router: Router, authData: ISigninOptions) {
-      console.log('LOGIN signin')
+      // console.log('LOGIN signin')
      const globalStore = useGlobalStore()

      const options = {
@@ -1324,7 +1330,7 @@ export const useUserStore = defineStore('UserStore', {

      let myres: any

-      console.log('executing login...')
+      // console.log('executing login...')

      return await Api.SendReq('/users/login', 'POST', usertosend, true)
        .then((res) => {
@@ -1435,7 +1441,7 @@ export const useUserStore = defineStore('UserStore', {

        this.isLogged = isok && isLogged

-        // console.log('this.isLogged', this.isLogged, 'isok', isok, 'isLogged', isLogged)
+        console.log('this.isLogged', this.isLogged, 'isok', isok, 'isLogged', isLogged)

        if (globalStore.site.confpages && globalStore.site.confpages.enableTodos)
          await todos.dbLoad({ checkPending: true })
@@ -1476,17 +1482,20 @@ export const useUserStore = defineStore('UserStore', {
        this.lang = tools.getItemLS(toolsext.localStorage.lang)

        const token = localStorage.getItem(toolsext.localStorage.token)
+        let refreshToken = localStorage.getItem(toolsext.localStorage.refreshToken)
+        if (!refreshToken)
+          refreshToken = ''

        if (token) {
-          const expirationDateStr = localStorage.getItem(toolsext.localStorage.expirationDate)
-          const expirationDate = new Date(String(expirationDateStr))
-          const now = tools.getDateNow()
-          if (now < expirationDate) {
-            this.setAuth(token)
-            isLogged = true
-
-          } else {
-            // ++ ?? che fare qui
+          this.setAuth(token, refreshToken)
+          if (globalStore.site.confpages.enableTokenExpired) {
+            if (token && refreshToken) {
+              isLogged = true
+            } else {
+              if (token) {
+                isLogged = true
+              }
+            }
          }
        } else {
          isLogged = tools.isLogged()
--- a/src/store/globalStore.ts
+++ b/src/store/globalStore.ts
@@ -180,6 +180,7 @@ export const useGlobalStore = defineStore('GlobalStore', {
        enableTodos: false,
        enableRegByBot: false,
        enableRegMultiChoice: false,
+        enableTokenExpired: false,
        enabledRegNeedTelegram: false,
        enableDebugOn: false,
        showButtHome: false,
@@ -874,7 +875,11 @@ export const useGlobalStore = defineStore('GlobalStore', {
    async deleteSubscriptionToServer() {
      console.log('DeleteSubscriptionToServer: ')

+      try {
      return Api.SendReq('/subscribe/del', 'DELETE', null)
+      }catch (e) {
+        console.error('deleteSubscriptionToServer')
+      }
    },

    async clearDataAfterLogout() {
@@ -946,7 +951,7 @@ export const useGlobalStore = defineStore('GlobalStore', {
    },

    async checkUpdates() {
-      // console.log('checkUpdates')
+      console.log('checkUpdates')

      const userStore = useUserStore()