Kraut.World/server
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improving code security by adding stricter typings

Browse source
This commit is contained in:
David Négrier 2021-12-14 18:55:41 +01:00
parent bbef3b3eaf
commit 2fff6ae41e
12 changed files with 45 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

7
front/src/Connexion/ConnectionManager.ts
View file

@ -11,6 +11,7 @@ import { loginSceneVisibleIframeStore } from "../Stores/LoginSceneStore";
import { userIsConnected } from "../Stores/MenuStore";
import { analyticsClient } from "../Administration/AnalyticsClient";
import { axiosWithRetry } from "./AxiosUtils";
import axios from "axios";
class ConnectionManager {
private localUser!: LocalUser;
@ -192,11 +193,11 @@ class ConnectionManager {
analyticsClient.loggedWithSso();
} catch (err) {
console.error(err);
//if user must to be connect in current room or pusher error is not openid provier access error
//try to connected with function loadOpenIDScreen
// if the user must be connected in the current room or if the pusher error is not openid provider access error
// try to connect with function loadOpenIDScreen
if (
this._currentRoom.authenticationMandatory ||
(err.response?.data && err.response.data !== "User cannot to be connected on openid provier")
(axios.isAxiosError(err) && err.response?.data && err.response.data !== "User cannot to be connected on openid provider")
) {
this.loadOpenIDScreen();
return Promise.reject(new Error("You will be redirect on login page"));

31
front/src/Connexion/Room.ts
View file

@ -5,6 +5,8 @@ import type { CharacterTexture } from "./LocalUser";
import { localUserStore } from "./LocalUserStore";
import axios from "axios";
import { axiosWithRetry } from "./AxiosUtils";
import {isMapDetailsData} from "../../../pusher/src/Messages/JsonMessages/MapDetailsData";
import {isRoomRedirect} from "../Messages/JsonMessages/RoomRedirect";
export class MapDetail {
constructor(public readonly mapUrl: string, public readonly textures: CharacterTexture[] | undefined) {}
@ -101,27 +103,34 @@ export class Room {
});
const data = result.data;
if (data.redirectUrl) {
if (isRoomRedirect(data.redirectUrl)) {
return {
redirectUrl: data.redirectUrl as string,
};
} else if (isMapDetailsData(data)) {
console.log("Map ", this.id, " resolves to URL ", data.mapUrl);
this._mapUrl = data.mapUrl;
this._textures = data.textures;
this._group = data.group;
this._authenticationMandatory =
data.authenticationMandatory != null ? data.authenticationMandatory : DISABLE_ANONYMOUS;
this._iframeAuthentication = data.iframeAuthentication || OPID_LOGIN_SCREEN_PROVIDER;
this._contactPage = data.contactPage || CONTACT_URL;
return new MapDetail(data.mapUrl, data.textures);
} else {
throw new Error('Data received by the /map endpoint of the Pusher is not in a valid format.');
}
console.log("Map ", this.id, " resolves to URL ", data.mapUrl);
this._mapUrl = data.mapUrl;
this._textures = data.textures;
this._group = data.group;
this._authenticationMandatory =
data.authenticationMandatory != null ? data.authenticationMandatory : DISABLE_ANONYMOUS;
this._iframeAuthentication = data.iframeAuthentication || OPID_LOGIN_SCREEN_PROVIDER;
this._contactPage = data.contactPage || CONTACT_URL;
return new MapDetail(data.mapUrl, data.textures);
} catch (e) {
if (axios.isAxiosError(e) && e.response?.status == 401 && e.response?.data === "Token decrypted error") {
console.warn("JWT token sent could not be decrypted. Maybe it expired?");
localUserStore.setAuthToken(null);
window.location.assign("/login");
} else {
} else if (axios.isAxiosError(e)) {
console.error("Error => getMapDetail", e, e.response);
} else {
console.error("Error => getMapDetail", e);
}
throw e;
}

2
front/src/Messages/JsonMessages/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*
!.gitignore