better oauth handle

packages/api/src/controllers/auth.js

@@ -9,6 +9,16 @@ function shouldAuthorizeApi() {
   return !!process.env.OAUTH_AUTH;
 }
 
+function unauthorizedResponse(req, res, text) {
+  // if (req.path == getExpressPath('/config/get-settings')) {
+  //   return res.json({});
+  // }
+  // if (req.path == getExpressPath('/connections/list')) {
+  //   return res.json([]);
+  // }
+  return res.sendStatus(401).send(text);
+}
+
 function authMiddleware(req, res, next) {
   const SKIP_AUTH_PATHS = ['/config/get', '/auth/oauth-token', '/stream'];
 
@@ -20,7 +30,7 @@ function authMiddleware(req, res, next) {
   }
   const authHeader = req.headers.authorization;
   if (!authHeader) {
-    return res.send(401, 'missing authorization header');
+    return unauthorizedResponse(req, res, 'missing authorization header');
   }
   const token = authHeader.split(' ')[1];
   try {
@@ -28,10 +38,7 @@ function authMiddleware(req, res, next) {
     req.user = decoded;
     return next();
   } catch (err) {
-    console.log('&&&&&&&&&&&&&&&&&&&&&& IUNVALID TOKEN');
+    return unauthorizedResponse(req, res, 'invalid token');
-    console.log(token);
-    console.log(err);
-    return res.sendStatus(401).send('Invalid Token');
   }
 }
 

packages/web/src/App.svelte

@@ -20,12 +20,16 @@
   import getElectron from './utility/getElectron';
   import AppStartInfo from './widgets/AppStartInfo.svelte';
   import SettingsListener from './utility/SettingsListener.svelte';
-  import { handleAuthOnStartup } from './clientAuth';
+  import { handleAuthOnStartup, handleOauthCallback } from './clientAuth';
 
   let loadedApi = false;
   let loadedPlugins = false;
+  const isOauthCallback = handleOauthCallback();
 
   async function loadApi() {
+    if (isOauthCallback) {
+      return;
+    }
     // if (shouldWaitForElectronInitialize()) {
     //   setTimeout(loadApi, 100);
     //   return;
@@ -76,7 +80,7 @@
 
 <ErrorHandler />
 
-{#if loadedApi}
+{#if loadedApi && !isOauthCallback}
   <DataGridRowHeightMeter />
   <CommandListener />
   <PluginsProvider />

packages/web/src/clientAuth.ts

@@ -1,34 +1,44 @@
 import { apiCall } from './utility/api';
 import { getConfig } from './utility/metadataLoaders';
 
-export async function handleAuthOnStartup(config) {
+export function handleOauthCallback() {
-  console.log('********************* handleAuthOnStartup');
+  const params = new URLSearchParams(location.search);
-  if (config.oauth) {
+  const sentCode = params.get('code');
-    const params = new URLSearchParams(location.search);
+  const sentState = params.get('state');
-    const sentCode = params.get('code');
-    const sentState = params.get('state');
 
-    if (
+  if (
-      sentCode &&
+    sentCode &&
-      sentState &&
+    sentState &&
-      sentState.startsWith('dbg-oauth:') &&
+    sentState.startsWith('dbg-oauth:') &&
-      sentState == sessionStorage.getItem('oauthState')
+    sentState == sessionStorage.getItem('oauthState')
-    ) {
+  ) {
-      const authResp = await apiCall('auth/oauth-token', {
+    sessionStorage.removeItem('oauthState');
-        code: sentCode,
+    apiCall('auth/oauth-token', {
-        redirectUri: location.origin,
+      code: sentCode,
-      });
+      redirectUri: location.origin,
+    }).then(authResp => {
       const { accessToken } = authResp;
       console.log('Got new access token:', accessToken);
       localStorage.setItem('accessToken', accessToken);
       location.replace('/');
-    } else {
+    });
-      if (localStorage.getItem('accessToken')) {
-        return;
-      }
 
-      redirectToLogin(config);
+    console.log('handleOauthCallback TRUE');
+    return true;
+  }
+
+  console.log('handleOauthCallback FALSE');
+  return false;
+}
+
+export async function handleAuthOnStartup(config) {
+  console.log('********************* handleAuthOnStartup');
+  if (config.oauth) {
+    if (localStorage.getItem('accessToken')) {
+      return;
     }
+
+    redirectToLogin(config);
   }
 }
 

packages/web/src/main.ts

@@ -3,6 +3,7 @@ import './utility/connectionsPinger';
 import './utility/changeCurrentDbByTab';
 import './commands/stdCommands';
 import localStorageGarbageCollector from './utility/localStorageGarbageCollector';
+import { handleOauthCallback } from './clientAuth';
 
 localStorageGarbageCollector();
 

packages/web/src/utility/api.ts

@@ -9,7 +9,7 @@ import { redirectToLogin } from '../clientAuth';
 let eventSource;
 let apiLogging = false;
 // let cacheCleanerRegistered;
-// let apiDisabled = false;
+let apiDisabled = false;
 
 // export function disableApi() {
 //   apiDisabled = true;
@@ -41,6 +41,10 @@ export async function apiCall(route: string, args: {} = undefined) {
   if (apiLogging) {
     console.log('>>> API CALL', route, args);
   }
+  if (apiDisabled) {
+    console.log('API disabled!!', route);
+    return;
+  }
 
   const electron = getElectron();
   if (electron) {
@@ -57,7 +61,9 @@ export async function apiCall(route: string, args: {} = undefined) {
       body: JSON.stringify(args),
     });
 
-    if (resp.status == 401) {
+    if (resp.status == 401 && !apiDisabled) {
+      apiDisabled = true;
+      console.log('Disabling API', route);
       // unauthorized
       redirectToLogin();
     }