ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactored frontend authentication system

Browse source
This commit is contained in:
Marcin Kurczewski 2014-09-05 13:50:19 +02:00
parent 7a8badd2ed
commit eadd649ad0
6 changed files with 46 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
public_html/js/Auth.js
View file

@ -16,7 +16,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
reject(response); reject(response);
}); });
}); });
}; }
function loginFromToken(token) { function loginFromToken(token) {
return promise.make(function(resolve, reject) { return promise.make(function(resolve, reject) {
@ -28,7 +28,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
reject(response); reject(response);
}); });
}); });
}; }
function loginAnonymous() { function loginAnonymous() {
return promise.make(function(resolve, reject) { return promise.make(function(resolve, reject) {
@ -40,18 +40,18 @@ App.Auth = function(jQuery, util, api, appState, promise) {
reject(response); reject(response);
}); });
}); });
}; }
function logout() { function logout() {
return promise.make(function(resolve, reject) { return promise.make(function(resolve, reject) {
jQuery.removeCookie('auth'); jQuery.removeCookie('auth');
return loginAnonymous().then(resolve).fail(reject); return loginAnonymous().then(resolve).fail(reject);
}); });
}; }
function tryLoginFromCookie() { function tryLoginFromCookie() {
return promise.make(function(resolve, reject) { return promise.make(function(resolve, reject) {
if (appState.get('loggedIn')) { if (isLoggedIn()) {
resolve(); resolve();
return; return;
} }
@ -70,7 +70,7 @@ App.Auth = function(jQuery, util, api, appState, promise) {
reject(); reject();
}); });
}); });
}; }
function updateAppState(response) { function updateAppState(response) {
appState.set('privileges', response.json.privileges || []); appState.set('privileges', response.json.privileges || []);
@ -79,12 +79,37 @@ App.Auth = function(jQuery, util, api, appState, promise) {
appState.set('loggedIn', response.json.user && !!response.json.user.id); appState.set('loggedIn', response.json.user && !!response.json.user.id);
} }
function isLoggedIn() {
return appState.get('loggedIn');
}
function getCurrentUser() {
return appState.get('loggedInUser');
}
function getCurrentPrivileges() {
return appState.get('privileges');
}
function hasPrivilege(privilege) {
return _.contains(getCurrentPrivileges(), privilege);
}
function startObservingLoginChanges(listenerName, callback) {
appState.startObserving('loggedIn', listenerName, callback);
}
return { return {
loginFromCredentials: loginFromCredentials, loginFromCredentials: loginFromCredentials,
loginFromToken: loginFromToken, loginFromToken: loginFromToken,
loginAnonymous: loginAnonymous, loginAnonymous: loginAnonymous,
tryLoginFromCookie: tryLoginFromCookie, tryLoginFromCookie: tryLoginFromCookie,
logout: logout, logout: logout,
isLoggedIn: isLoggedIn,
getCurrentUser: getCurrentUser,
getCurrentPrivileges: getCurrentPrivileges,
hasPrivilege: hasPrivilege,
startObservingLoginChanges: startObservingLoginChanges,
}; };
}; };

3
public_html/js/Presenters/LoginPresenter.js
View file

@ -7,7 +7,6 @@ App.Presenters.LoginPresenter = function(
promise, promise,
router, router,
auth, auth,
appState,
topNavigationPresenter, topNavigationPresenter,
messagePresenter) { messagePresenter) {
@ -19,7 +18,7 @@ App.Presenters.LoginPresenter = function(
topNavigationPresenter.select('login'); topNavigationPresenter.select('login');
promise.wait(util.promiseTemplate('login-form')).then(function(html) { promise.wait(util.promiseTemplate('login-form')).then(function(html) {
template = _.template(html); template = _.template(html);
if (appState.get('loggedIn')) if (auth.isLoggedIn())
router.navigateToMainPage(); router.navigateToMainPage();
else else
render(); render();

10
public_html/js/Presenters/TopNavigationPresenter.js
View file

@ -5,7 +5,7 @@ App.Presenters.TopNavigationPresenter = function(
jQuery, jQuery,
util, util,
promise, promise,
appState) { auth) {
var selectedElement = null; var selectedElement = null;
var $el = jQuery('#top-navigation'); var $el = jQuery('#top-navigation');
@ -15,7 +15,7 @@ App.Presenters.TopNavigationPresenter = function(
promise.wait(util.promiseTemplate('top-navigation')).then(function(html) { promise.wait(util.promiseTemplate('top-navigation')).then(function(html) {
template = _.template(html); template = _.template(html);
render(); render();
appState.startObserving('loggedIn', 'top-navigation', loginStateChanged); auth.startObservingLoginChanges('top-navigation', loginStateChanged);
}); });
} }
@ -31,9 +31,9 @@ App.Presenters.TopNavigationPresenter = function(
function render() { function render() {
$el.html(template({ $el.html(template({
loggedIn: appState.get('loggedIn'), loggedIn: auth.isLoggedIn(),
user: appState.get('loggedInUser'), user: auth.getCurrentUser(),
privileges: appState.get('privileges'), canListUsers: auth.hasPrivilege('listUsers')
})); }));
$el.find('li.' + selectedElement).addClass('active'); $el.find('li.' + selectedElement).addClass('active');
}; };

4
public_html/js/Presenters/UserPresenter.js
View file

@ -6,7 +6,7 @@ App.Presenters.UserPresenter = function(
util, util,
promise, promise,
api, api,
appState, auth,
topNavigationPresenter, topNavigationPresenter,
messagePresenter) { messagePresenter) {
@ -20,7 +20,7 @@ App.Presenters.UserPresenter = function(
function init(args) { function init(args) {
userName = args.userName; userName = args.userName;
topNavigationPresenter.select(appState.get('loggedIn') && appState.get('loggedInUser').name == userName ? 'my-account' : 'users'); topNavigationPresenter.select(auth.isLoggedIn() && auth.getCurrentUser().name == userName ? 'my-account' : 'users');
promise.waitAll( promise.waitAll(
util.promiseTemplate('user'), util.promiseTemplate('user'),

2
public_html/templates/top-navigation.tpl
View file

@ -1,6 +1,6 @@
<ul> <ul>
<!-- todo: check privileges --> <!-- todo: check privileges -->
<% if (_.contains(privileges, 'listUsers')) { %> <% if (canListUsers) { %>
<li class="users"> <li class="users">
<a href="#/users">Users</a> <a href="#/users">Users</a>
</li> </li>

7
src/Services/AuthService.php
View file

@ -123,9 +123,14 @@ class AuthService
return array_filter(preg_split('/[;,\s]+/', $this->config->security->privileges[$keyName])); return array_filter(preg_split('/[;,\s]+/', $this->config->security->privileges[$keyName]));
} }
public function hasPrivilege($privilege)
{
return in_array($privilege, $this->getCurrentPrivileges());
}
public function assertPrivilege($privilege) public function assertPrivilege($privilege)
{ {
if (!in_array($privilege, $this->getCurrentPrivileges())) if (!$this->hasPrivilege($privilege))
throw new \DomainException('Unprivileged operation'); throw new \DomainException('Unprivileged operation');
} }