Allow login using cookies

This is necessary for requests that can't be controlled with axios, like subtitles in <video> tags
2017-05-21 14:38:27 +02:00 · 2017-05-21 14:38:27 +02:00 · 764b11a93f
commit 764b11a93f
parent eb9e609c02
6 changed files with 47 additions and 8 deletions
--- a/package.json
+++ b/package.json
@ -26,7 +26,8 @@
        "react-router-redux": "^4.0.7",
        "redux": "^3.6.0",
        "redux-logger": "^2.7.4",
-        "redux-thunk": "^2.1.0"
+        "redux-thunk": "^2.1.0",
+        "universal-cookie": "^2.0.7"
    },
    "devDependencies": {
        "axios": "^0.15.2",
--- a/src/internal/auth/auth.go
+++ b/src/internal/auth/auth.go
@ -80,14 +80,26 @@ func (a *Authorizer) Login(rw http.ResponseWriter, req *http.Request, username,

 // CurrentUser returns the logged in username from session and verifies the token
 func (a *Authorizer) CurrentUser(rw http.ResponseWriter, req *http.Request) (User, error) {
+	var tokenStr string
 	h := req.Header.Get("Authorization")
-	// No user logged
-	if h == "" {
-		return nil, nil
+	if h != "" {
+		// Get the token from the header
+		tokenStr = strings.Replace(h, "Bearer ", "", -1)
 	}

-	// Get the token from the header
-	tokenStr := strings.Replace(h, "Bearer ", "", -1)
+	// If the token string is still empty, check in the cookies
+	if tokenStr == "" {
+		tokenCookie, err := req.Cookie("token")
+		if err != nil || tokenCookie == nil {
+			return nil, nil
+		}
+		tokenStr = tokenCookie.Value
+	}
+
+	// No user logged
+	if tokenStr == "" {
+		return nil, nil
+	}

 	// Keyfunc to decode the token
 	var keyfunc jwt.Keyfunc = func(token *jwt.Token) (interface{}, error) {
--- a/src/public/img/manifest.json
+++ b/src/public/img/manifest.json
@ -15,4 +15,4 @@
    "theme_color": "#ffffff",
    "background_color": "#ffffff",
    "display": "standalone"
-}
+}
--- a/src/public/js/app.js
+++ b/src/public/js/app.js
@ -11,9 +11,11 @@ import 'file-loader?name=[name].png!../img/apple-touch-icon.png'
 import 'file-loader?name=[name].png!../img/favicon-16x16.png'
 import 'file-loader?name=[name].png!../img/favicon-32x32.png'
 import 'file-loader?name=[name].png!../img/favicon.ico'
-import 'file-loader?name=[name].png!../img/manifest.json'
 import 'file-loader?name=[name].png!../img/safari-pinned-tab.svg'

+// Import manifest
+import 'file-loader?name=[name].json!../img/manifest.json'
+
 // Styles
 import '../less/app.less'

--- a/src/public/js/reducers/users.js
+++ b/src/public/js/reducers/users.js
@ -1,4 +1,5 @@
 import jwtDecode from 'jwt-decode'
+import Cookies from 'universal-cookie'

 const defaultState = {
  userLoading: false,
@ -36,12 +37,19 @@ export default function userStore(state = defaultState, action) {

 function logoutUser(state) {
  localStorage.removeItem('token');
+  const cookies = new Cookies();
+  cookies.remove('token');
+
  return Object.assign({}, state, defaultState)
 }

 function updateFromToken(state, token) {
  const decodedToken = jwtDecode(token);
  localStorage.setItem('token', token);
+
+  const cookies = new Cookies();
+  cookies.set('token', token);
+
  return Object.assign({}, state, {
    userLoading: false,
    isLogged: true,
--- a/yarn.lock
+++ b/yarn.lock
@ -991,6 +991,10 @@ convert-source-map@^1.1.0:
  version "1.3.0"
  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.3.0.tgz#e9f3e9c6e2728efc2676696a70eb382f73106a67"

+cookie@^0.3.1:
+  version "0.3.1"
+  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb"
+
 core-js@^1.0.0:
  version "1.2.7"
  resolved "https://registry.yarnpkg.com/core-js/-/core-js-1.2.7.tgz#652294c14651db28fa93bd2d5ff2983a4f08c636"
@ -1952,6 +1956,10 @@ is-my-json-valid@^2.12.4:
    jsonpointer "^4.0.0"
    xtend "^4.0.0"

+is-node@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/is-node/-/is-node-1.0.2.tgz#d7d002745ef7debbb7477e988956ab0a4fccb653"
+
 is-number@^2.0.2, is-number@^2.1.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/is-number/-/is-number-2.1.0.tgz#01fcbbb393463a548f2f466cce16dece49db908f"
@ -3698,6 +3706,14 @@ unique-stream@^1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-1.0.0.tgz#d59a4a75427447d9aa6c91e70263f8d26a4b104b"

+universal-cookie@^2.0.7:
+  version "2.0.7"
+  resolved "https://registry.yarnpkg.com/universal-cookie/-/universal-cookie-2.0.7.tgz#3f42c25574196aba1ca5bbf754b2b6ba28329828"
+  dependencies:
+    cookie "^0.3.1"
+    is-node "^1.0.2"
+    object-assign "^4.1.0"
+
 url-loader:
  version "0.5.7"
  resolved "https://registry.yarnpkg.com/url-loader/-/url-loader-0.5.7.tgz#67e8779759f8000da74994906680c943a9b0925d"