From 55bb48c750126c64bbf8bddc0a49137ac5f9bf98 Mon Sep 17 00:00:00 2001 From: Bachir Soussi Chiadmi Date: Wed, 6 Nov 2019 16:35:15 +0100 Subject: [PATCH] added csrftoken to register REST call --- .../custom/materiotheme/assets/dist/main.js | 2 +- .../materiotheme/vuejs/store/modules/user.js | 32 +++++++++++++------ 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/web/themes/custom/materiotheme/assets/dist/main.js b/web/themes/custom/materiotheme/assets/dist/main.js index 7d7be90..1e9883c 100644 --- a/web/themes/custom/materiotheme/assets/dist/main.js +++ b/web/themes/custom/materiotheme/assets/dist/main.js @@ -1891,7 +1891,7 @@ eval("\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\n /***/ (function(module, exports, __webpack_require__) { "use strict"; -eval("\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _restAxios = __webpack_require__(/*! vuejs/api/rest-axios */ \"./web/themes/custom/materiotheme/vuejs/api/rest-axios.js\");\n\nvar _jsonAxios = __webpack_require__(/*! vuejs/api/json-axios */ \"./web/themes/custom/materiotheme/vuejs/api/json-axios.js\");\n\nvar _querystring = _interopRequireDefault(__webpack_require__(/*! querystring */ \"./node_modules/querystring-es3/index.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nvar _default = {\n namespaced: true,\n // initial state\n state: {\n uid: null,\n // username: '',\n mail: '',\n token: null,\n logout_token: null,\n isloggedin: false,\n isAdmin: false,\n isAdherent: false,\n canSearch: false,\n roles: []\n },\n // getters\n getters: {},\n // mutations\n mutations: {\n setToken: function setToken(state, data) {\n state.uid = data.current_user.uid; // state.username = data.username\n\n state.mail = data.current_user.mail;\n state.token = data.csrf_token;\n state.isloggedin = true;\n state.logout_token = data.logout_token;\n },\n setUid: function setUid(state, uid) {\n state.uid = uid;\n state.isloggedin = true;\n },\n setUser: function setUser(state, data) {\n state.mail = data.mail[0].value;\n state.uuid = data.uuid[0].value;\n },\n setRoles: function setRoles(state, roles) {\n console.log(\"User setRoles\", roles);\n state.roles = [];\n\n for (var i = 0; i < roles.length; i++) {\n state.roles.push(roles[i].target_id);\n } // check if admin\n\n\n if (state.roles.indexOf('admin') != -1 || state.roles.indexOf('root') != -1) {\n // console.log('is admin');\n state.isAdmin = true;\n } // check if has access to search\n\n\n if (state.roles.indexOf('adherent') != -1) {\n // console.log('is admin');\n state.canSearch = true;\n state.isAdherent = true;\n }\n },\n setLoggedOut: function setLoggedOut(state) {\n console.log(\"setLoggedOut state\", state);\n state.uid = null;\n state.mail = '';\n state.token = null;\n state.isloggedin = false;\n state.logout_token = null;\n\n if (state.isAdmin) {\n // TODO: what if on a page where login is needed (as commerce checkout and cart)\n window.location.reload(true);\n }\n\n state.asAdmin = false;\n state.canSearch = false;\n }\n },\n // actions\n actions: {\n userRegister: function userRegister(_ref, credentials) {\n var dispatch = _ref.dispatch,\n commit = _ref.commit,\n state = _ref.state;\n return new Promise(function (resolve, reject) {\n _restAxios.REST.post('/user/register?_format=json', credentials).then(function (_ref2) {\n var data = _ref2.data;\n console.log('user REST registered', data);\n dispatch('userLogin', credentials).then(function () {\n resolve();\n });\n }).catch(function (error) {\n console.warn('Issue with register', error);\n Promise.reject(error);\n });\n });\n },\n userLogin: function userLogin(_ref3, credentials) {\n var dispatch = _ref3.dispatch,\n commit = _ref3.commit,\n state = _ref3.state;\n return new Promise(function (resolve, reject) {\n dispatch('getToken', credentials).then(function () {\n dispatch('getUser').then(function (userdata) {\n console.log('User Loggedin');\n\n if (state.isAdmin) {\n window.location.reload(true);\n }\n\n resolve();\n });\n });\n });\n },\n getToken: function getToken(_ref4, credentials) {\n var dispatch = _ref4.dispatch,\n commit = _ref4.commit,\n state = _ref4.state;\n return _restAxios.REST.post('/user/login?_format=json', credentials).then(function (_ref5) {\n var data = _ref5.data;\n console.log('user REST getToken data', data);\n commit('setToken', data);\n }).catch(function (error) {\n console.warn('Issue with getToken', error);\n Promise.reject(error);\n });\n },\n getUser: function getUser(_ref6) {\n var dispatch = _ref6.dispatch,\n commit = _ref6.commit,\n state = _ref6.state;\n var params = {\n token: state.token\n };\n return _restAxios.REST.get(\"/user/\".concat(state.uid, \"?_format=json\"), params).then(function (_ref7) {\n var data = _ref7.data;\n console.log('user REST getUser data', data);\n console.log('roles', data['roles']);\n commit('setUser', data);\n\n if (data.roles) {\n commit('setRoles', data.roles);\n }\n }).catch(function (error) {\n console.warn('Issue with getUser', error);\n Promise.reject(error);\n });\n },\n userLogout: function userLogout(_ref8) {\n var commit = _ref8.commit,\n state = _ref8.state;\n\n var credentials = _querystring.default.stringify({\n token: state.token\n });\n\n _restAxios.REST.post('/user/logout', credentials).then(function (resp) {\n console.log('userLogout resp', resp);\n commit('setLoggedOut');\n }).catch(function (error) {\n console.warn('Issue with logout', error);\n Promise.reject(error);\n });\n }\n }\n};\nexports.default = _default;\n\n//# sourceURL=webpack:///./web/themes/custom/materiotheme/vuejs/store/modules/user.js?"); +eval("\n\nObject.defineProperty(exports, \"__esModule\", {\n value: true\n});\nexports.default = void 0;\n\nvar _restAxios = __webpack_require__(/*! vuejs/api/rest-axios */ \"./web/themes/custom/materiotheme/vuejs/api/rest-axios.js\");\n\nvar _jsonAxios = __webpack_require__(/*! vuejs/api/json-axios */ \"./web/themes/custom/materiotheme/vuejs/api/json-axios.js\");\n\nvar _querystring = _interopRequireDefault(__webpack_require__(/*! querystring */ \"./node_modules/querystring-es3/index.js\"));\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\nvar _default = {\n namespaced: true,\n // initial state\n state: {\n uid: null,\n // username: '',\n mail: '',\n token: null,\n csrftoken: null,\n logout_token: null,\n isloggedin: false,\n isAdmin: false,\n isAdherent: false,\n canSearch: false,\n roles: []\n },\n // getters\n getters: {},\n // mutations\n mutations: {\n SetCsrftoken: function SetCsrftoken(state, token) {\n state.csrftoken = token;\n },\n setToken: function setToken(state, data) {\n state.uid = data.current_user.uid; // state.username = data.username\n\n state.mail = data.current_user.mail;\n state.token = data.csrf_token;\n state.isloggedin = true;\n state.logout_token = data.logout_token;\n },\n setUid: function setUid(state, uid) {\n state.uid = uid;\n state.isloggedin = true;\n },\n setUser: function setUser(state, data) {\n state.mail = data.mail[0].value;\n state.uuid = data.uuid[0].value;\n },\n setRoles: function setRoles(state, roles) {\n console.log(\"User setRoles\", roles);\n state.roles = [];\n\n for (var i = 0; i < roles.length; i++) {\n state.roles.push(roles[i].target_id);\n } // check if admin\n\n\n if (state.roles.indexOf('admin') != -1 || state.roles.indexOf('root') != -1) {\n // console.log('is admin');\n state.isAdmin = true;\n } // check if has access to search\n\n\n if (state.roles.indexOf('adherent') != -1) {\n // console.log('is admin');\n state.canSearch = true;\n state.isAdherent = true;\n }\n },\n setLoggedOut: function setLoggedOut(state) {\n console.log(\"setLoggedOut state\", state);\n state.uid = null;\n state.mail = '';\n state.token = null;\n state.isloggedin = false;\n state.logout_token = null;\n\n if (state.isAdmin) {\n // TODO: what if on a page where login is needed (as commerce checkout and cart)\n window.location.reload(true);\n }\n\n state.asAdmin = false;\n state.canSearch = false;\n }\n },\n // actions\n actions: {\n userRegister: function userRegister(_ref, credentials) {\n var dispatch = _ref.dispatch,\n commit = _ref.commit,\n state = _ref.state;\n return new Promise(function (resolve, reject) {\n _restAxios.REST.get('/session/token').then(function (_ref2) {\n var token = _ref2.token;\n commit('SetCsrftoken', token);\n\n _restAxios.REST.post('/user/register?_format=json', credentials, {\n 'X-CSRF-Token': state.csrftoken\n }).then(function (_ref3) {\n var data = _ref3.data;\n console.log('user REST registered', data);\n dispatch('userLogin', credentials).then(function () {\n resolve();\n });\n }).catch(function (error) {\n console.warn('Issue with register', error);\n Promise.reject(error);\n });\n });\n });\n },\n userLogin: function userLogin(_ref4, credentials) {\n var dispatch = _ref4.dispatch,\n commit = _ref4.commit,\n state = _ref4.state;\n return new Promise(function (resolve, reject) {\n dispatch('getToken', credentials).then(function () {\n dispatch('getUser').then(function (userdata) {\n console.log('User Loggedin');\n\n if (state.isAdmin) {\n window.location.reload(true);\n }\n\n resolve();\n });\n });\n });\n },\n getToken: function getToken(_ref5, credentials) {\n var dispatch = _ref5.dispatch,\n commit = _ref5.commit,\n state = _ref5.state;\n return _restAxios.REST.post('/user/login?_format=json', credentials).then(function (_ref6) {\n var data = _ref6.data;\n console.log('user REST getToken data', data);\n commit('setToken', data);\n }).catch(function (error) {\n console.warn('Issue with getToken', error);\n Promise.reject(error);\n });\n },\n getUser: function getUser(_ref7) {\n var dispatch = _ref7.dispatch,\n commit = _ref7.commit,\n state = _ref7.state;\n var params = {\n token: state.token\n };\n return _restAxios.REST.get(\"/user/\".concat(state.uid, \"?_format=json\"), params).then(function (_ref8) {\n var data = _ref8.data;\n console.log('user REST getUser data', data);\n console.log('roles', data['roles']);\n commit('setUser', data);\n\n if (data.roles) {\n commit('setRoles', data.roles);\n }\n }).catch(function (error) {\n console.warn('Issue with getUser', error);\n Promise.reject(error);\n });\n },\n userLogout: function userLogout(_ref9) {\n var commit = _ref9.commit,\n state = _ref9.state;\n\n var credentials = _querystring.default.stringify({\n token: state.token\n });\n\n _restAxios.REST.post('/user/logout', credentials).then(function (resp) {\n console.log('userLogout resp', resp);\n commit('setLoggedOut');\n }).catch(function (error) {\n console.warn('Issue with logout', error);\n Promise.reject(error);\n });\n }\n }\n};\nexports.default = _default;\n\n//# sourceURL=webpack:///./web/themes/custom/materiotheme/vuejs/store/modules/user.js?"); /***/ }) diff --git a/web/themes/custom/materiotheme/vuejs/store/modules/user.js b/web/themes/custom/materiotheme/vuejs/store/modules/user.js index 612fd2f..37f3a8a 100644 --- a/web/themes/custom/materiotheme/vuejs/store/modules/user.js +++ b/web/themes/custom/materiotheme/vuejs/store/modules/user.js @@ -11,6 +11,7 @@ export default { // username: '', mail:'', token: null, + csrftoken: null, logout_token: null, isloggedin: false, isAdmin: false, @@ -24,6 +25,9 @@ export default { // mutations mutations : { + SetCsrftoken (state, token) { + state.csrftoken = token + }, setToken (state, data) { state.uid = data.current_user.uid // state.username = data.username @@ -78,17 +82,25 @@ export default { actions : { userRegister({ dispatch, commit, state }, credentials){ return new Promise((resolve, reject) => { - REST.post('/user/register?_format=json', credentials) - .then(({ data }) => { - console.log('user REST registered', data); - dispatch('userLogin', credentials) - .then(() => { - resolve() + REST.get('/session/token') + .then(({token}) => { + commit('SetCsrftoken', token) + REST.post('/user/register?_format=json', + credentials, + {'X-CSRF-Token':state.csrftoken} + ) + .then(({ data }) => { + console.log('user REST registered', data); + dispatch('userLogin', credentials) + .then(() => { + resolve() + }) }) - }) - .catch(( error ) => { - console.warn('Issue with register', error) - Promise.reject(error) + .catch(( error ) => { + console.warn('Issue with register', error) + Promise.reject(error) + }) + }) }) },