From 4191a6f9e0fae969d0941b4f68ff53070b432e10 Mon Sep 17 00:00:00 2001 From: Henrique Dias Date: Tue, 22 Aug 2017 15:25:54 +0100 Subject: [PATCH] Fix login issues regarding basicauth+noauth #214 #204 Former-commit-id: 5c150c622724e7d2c9a9630f60325a5a246b7526 [formerly 6ff5856dc0ab40dbb9a9759c0c23de74a23d2531] [formerly b41c082f0631a33648bc50e81f38d7dbba612d8c [formerly c95b1aaacebba255c6153e70bff31c8ebb58e0c6]] Former-commit-id: ead207a0e5405ccc0641b3705875b8846846060d [formerly 7c1221485698d524ef679d09166cff7549f7b00a] Former-commit-id: b01bdc787983c2c48394ef9e3eabed9137c1f31c --- assets/index.html | 1 + assets/src/components/Sidebar.vue | 2 +- .../src/components/prompts/NewArchetype.vue | 2 +- assets/src/store/index.js | 1 + assets/src/utils/api.js | 32 +++++++++---------- assets/src/utils/auth.js | 2 +- http/auth.go | 2 -- http/http.go | 5 ++- rice-box.go.REMOVED.git-id | 2 +- 9 files changed, 26 insertions(+), 23 deletions(-) diff --git a/assets/index.html b/assets/index.html index c75d0c76..20710468 100644 --- a/assets/index.html +++ b/assets/index.html @@ -6,6 +6,7 @@ + File Manager diff --git a/assets/src/components/Sidebar.vue b/assets/src/components/Sidebar.vue index db693b09..6a92d333 100644 --- a/assets/src/components/Sidebar.vue +++ b/assets/src/components/Sidebar.vue @@ -46,7 +46,7 @@ -
+
settings_applications {{ $t('sidebar.settings') }} diff --git a/assets/src/components/prompts/NewArchetype.vue b/assets/src/components/prompts/NewArchetype.vue index 09823763..9228a7ee 100644 --- a/assets/src/components/prompts/NewArchetype.vue +++ b/assets/src/components/prompts/NewArchetype.vue @@ -47,7 +47,7 @@ export default { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('POST', `${this.$store.state.baseURL}/api/resource${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${this.$store.state.jwt}`) + if (!this.$store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${this.$store.state.jwt}`) request.setRequestHeader('Archetype', encodeURIComponent(type)) request.onload = () => { diff --git a/assets/src/store/index.js b/assets/src/store/index.js index cdecc09b..9c263082 100644 --- a/assets/src/store/index.js +++ b/assets/src/store/index.js @@ -14,6 +14,7 @@ const state = { }, staticGen: document.querySelector('meta[name="staticgen"]').getAttribute('content'), baseURL: document.querySelector('meta[name="base"]').getAttribute('content'), + noAuth: (document.querySelector('meta[name="noauth"]').getAttribute('content') === 'true'), jwt: '', progress: 0, schedule: '', diff --git a/assets/src/utils/api.js b/assets/src/utils/api.js index 087165cf..9d429062 100644 --- a/assets/src/utils/api.js +++ b/assets/src/utils/api.js @@ -18,7 +18,7 @@ export function fetch (url) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/resource${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -41,7 +41,7 @@ export function remove (url) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('DELETE', `${store.state.baseURL}/api/resource${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { if (request.status === 200) { @@ -62,7 +62,7 @@ export function post (url, content = '', overwrite = false, onupload) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('POST', `${store.state.baseURL}/api/resource${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) if (typeof onupload === 'function') { request.upload.onprogress = onupload @@ -95,7 +95,7 @@ export function put (url, content = '', publish = false, date = '') { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('PUT', `${store.state.baseURL}/api/resource${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.setRequestHeader('Publish', publish) if (date !== '') { @@ -125,7 +125,7 @@ function moveCopy (items, copy = false) { promises.push(new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('PATCH', `${store.state.baseURL}/api/resource${from}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.setRequestHeader('Destination', to) if (copy) { @@ -162,7 +162,7 @@ export function checksum (url, algo) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/checksum${url}?algo=${algo}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { if (request.status === 200) { @@ -226,7 +226,7 @@ export function getSettings () { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/settings/`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -255,7 +255,7 @@ export function updateSettings (param, which) { let request = new window.XMLHttpRequest() request.open('PUT', `${store.state.baseURL}/api/settings/`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -278,7 +278,7 @@ export function getUsers () { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/users/`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -299,7 +299,7 @@ export function getUser (id) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/users/${id}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -320,7 +320,7 @@ export function newUser (user) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('POST', `${store.state.baseURL}/api/users/`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -345,7 +345,7 @@ export function updateUser (user, which) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('PUT', `${store.state.baseURL}/api/users/${user.ID}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -370,7 +370,7 @@ export function deleteUser (id) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('DELETE', `${store.state.baseURL}/api/users/${id}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { switch (request.status) { @@ -395,7 +395,7 @@ export function getShare (url) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/share${url}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { if (request.status === 200) { @@ -414,7 +414,7 @@ export function deleteShare (hash) { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('DELETE', `${store.state.baseURL}/api/share/${hash}`, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { if (request.status === 200) { @@ -439,7 +439,7 @@ export function share (url, expires = '', unit = 'hours') { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('POST', url, true) - request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`) request.onload = () => { if (request.status === 200) { diff --git a/assets/src/utils/auth.js b/assets/src/utils/auth.js index cde1de92..5be964f6 100644 --- a/assets/src/utils/auth.js +++ b/assets/src/utils/auth.js @@ -16,7 +16,7 @@ function loggedIn () { return new Promise((resolve, reject) => { let request = new window.XMLHttpRequest() request.open('GET', `${store.state.baseURL}/api/auth/renew`, true) - request.setRequestHeader('Authorization', `Bearer ${cookie('auth')}`) + if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${cookie('auth')}`) request.onload = () => { if (request.status === 200) { diff --git a/http/auth.go b/http/auth.go index b2e559b2..42cb7455 100644 --- a/http/auth.go +++ b/http/auth.go @@ -59,7 +59,6 @@ func renewAuthHandler(c *fm.Context, w http.ResponseWriter, r *http.Request) (in // claims is the JWT claims. type claims struct { fm.User - NoAuth bool `json:"noAuth"` jwt.StandardClaims } @@ -74,7 +73,6 @@ func printToken(c *fm.Context, w http.ResponseWriter) (int, error) { // Builds the claims. claims := claims{ u, - c.NoAuth, jwt.StandardClaims{ ExpiresAt: time.Now().Add(time.Hour * 24).Unix(), Issuer: "File Manager", diff --git a/http/http.go b/http/http.go index 10040890..ae6089e6 100644 --- a/http/http.go +++ b/http/http.go @@ -223,7 +223,10 @@ func renderFile(c *fm.Context, w http.ResponseWriter, file string, contentType s tpl := template.Must(template.New("file").Parse(file)) w.Header().Set("Content-Type", contentType+"; charset=utf-8") - data := map[string]interface{}{"BaseURL": c.RootURL()} + data := map[string]interface{}{ + "BaseURL": c.RootURL(), + "NoAuth": c.NoAuth, + } if c.StaticGen != nil { data["StaticGen"] = c.StaticGen.Name() diff --git a/rice-box.go.REMOVED.git-id b/rice-box.go.REMOVED.git-id index a5ce2e23..5fcf1610 100644 --- a/rice-box.go.REMOVED.git-id +++ b/rice-box.go.REMOVED.git-id @@ -1 +1 @@ -6a08f1e90218ebb33745a5034efe896329ee9675 \ No newline at end of file +7ef84c6326cbac0b4baba0591c4669ed50c8bfec \ No newline at end of file