From 87233a7fd37ee9ca8e4a98518545ca06962e384e Mon Sep 17 00:00:00 2001 From: tidusjar Date: Sat, 2 Jan 2021 00:35:24 +0000 Subject: [PATCH] Kick out the user when the user has been invalidated. This should solve a few issues with "still being logged in" --- src/Ombi/ClientApp/src/app/app.module.ts | 8 ++++- .../src/app/auth/unauthorized.interceptor.ts | 29 +++++++++++++++++++ .../app/shared/functions/common-functions.ts | 28 ------------------ src/Ombi/Extensions/StartupExtensions.cs | 14 +++++++-- 4 files changed, 48 insertions(+), 31 deletions(-) create mode 100644 src/Ombi/ClientApp/src/app/auth/unauthorized.interceptor.ts delete mode 100644 src/Ombi/ClientApp/src/app/shared/functions/common-functions.ts diff --git a/src/Ombi/ClientApp/src/app/app.module.ts b/src/Ombi/ClientApp/src/app/app.module.ts index 09e5f2955..85d6f7a70 100644 --- a/src/Ombi/ClientApp/src/app/app.module.ts +++ b/src/Ombi/ClientApp/src/app/app.module.ts @@ -1,5 +1,5 @@ import { CommonModule, PlatformLocation, APP_BASE_HREF } from "@angular/common"; -import { HttpClient, HttpClientModule } from "@angular/common/http"; +import { HttpClient, HttpClientModule, HTTP_INTERCEPTORS } from "@angular/common/http"; import { NgModule } from "@angular/core"; import { FormsModule, ReactiveFormsModule } from "@angular/forms"; import { BrowserModule } from "@angular/platform-browser"; @@ -66,6 +66,7 @@ import { StorageService } from "./shared/storage/storage-service"; import { SignalRNotificationService } from "./services/signlarnotification.service"; import { MatMenuModule } from "@angular/material/menu"; import { RemainingRequestsComponent } from "./shared/remaining-requests/remaining-requests.component"; +import { UnauthorizedInterceptor } from "./auth/unauthorized.interceptor"; const routes: Routes = [ { path: "*", component: PageNotFoundComponent }, @@ -196,6 +197,11 @@ export function JwtTokenGetter() { { provide: APP_BASE_HREF, useValue: window["baseHref"] + }, + { + provide: HTTP_INTERCEPTORS, + useClass: UnauthorizedInterceptor, + multi: true } ], bootstrap: [AppComponent], diff --git a/src/Ombi/ClientApp/src/app/auth/unauthorized.interceptor.ts b/src/Ombi/ClientApp/src/app/auth/unauthorized.interceptor.ts new file mode 100644 index 000000000..c70b649be --- /dev/null +++ b/src/Ombi/ClientApp/src/app/auth/unauthorized.interceptor.ts @@ -0,0 +1,29 @@ +import { Injectable } from '@angular/core'; +import { HttpRequest, HttpHandler, HttpEvent, HttpInterceptor, HttpErrorResponse } from '@angular/common/http'; +import { Observable, Subject, throwError } from 'rxjs'; +import { catchError, throttleTime } from 'rxjs/operators'; +import { AuthService } from './auth.service'; +import { Router } from '@angular/router'; + +@Injectable() +export class UnauthorizedInterceptor implements HttpInterceptor { + + private throttleLogout = new Subject(); + constructor(private authService: AuthService, private router: Router) { + this.throttleLogout.pipe(throttleTime(5000)).subscribe(url => { + this.authService.logout(); + this.router.navigate(["login"]); + }); + } + + public intercept(request: HttpRequest, next: HttpHandler): Observable> { + return next.handle(request).pipe( + catchError((response: HttpErrorResponse) => { + if (response.status === 401) { + this.throttleLogout.next(); + } + return throwError(response); + } + )); + } +} \ No newline at end of file diff --git a/src/Ombi/ClientApp/src/app/shared/functions/common-functions.ts b/src/Ombi/ClientApp/src/app/shared/functions/common-functions.ts deleted file mode 100644 index 8d94d8dc0..000000000 --- a/src/Ombi/ClientApp/src/app/shared/functions/common-functions.ts +++ /dev/null @@ -1,28 +0,0 @@ -export function getBaseLocation() { - debugger; - let paths: string[] = location.pathname.split('/').splice(1, 1); - let basePath: string = (paths && paths[0] ? paths[0] : ""); - if(invalidProxies.indexOf(basePath.toUpperCase()) === -1){ - return '/' + basePath; - } - return '/'; -} - -const invalidProxies: string[] = [ - 'DISCOVER', - 'REQUESTS-LIST', - 'SETTINGS', - 'ISSUES', - 'USERMANAGEMENT', - 'RECENTLYADDED', - 'DETAILS', - 'VOTE', - 'LOGIN', - 'LANDINGPAGE', - 'TOKEN', - 'RESET', - 'CUSTOM', - 'AUTH', - 'WIZARD', - "CALENDAR" -] \ No newline at end of file diff --git a/src/Ombi/Extensions/StartupExtensions.cs b/src/Ombi/Extensions/StartupExtensions.cs index e42dfb609..c36c32a40 100644 --- a/src/Ombi/Extensions/StartupExtensions.cs +++ b/src/Ombi/Extensions/StartupExtensions.cs @@ -1,5 +1,6 @@ using System; using System.IO; +using System.Linq; using System.Reflection; using System.Text; using System.Threading.Tasks; @@ -9,6 +10,7 @@ using Microsoft.Extensions.DependencyInjection; using Microsoft.IdentityModel.Tokens; using Microsoft.OpenApi.Models; using Ombi.Config; +using Ombi.Core.Authentication; using Ombi.Helpers; using Ombi.Models.Identity; @@ -102,7 +104,6 @@ namespace Ombi OnMessageReceived = context => { var accessToken = context.Request.Query["access_token"]; - // If the request is for our hub... var path = context.HttpContext.Request.Path; if (!string.IsNullOrEmpty(accessToken) && @@ -111,8 +112,17 @@ namespace Ombi // Read the token out of the query string context.Token = accessToken; } - return Task.CompletedTask; + }, + OnTokenValidated = async context => + { + var userid = context.Principal?.Claims?.Where(x => x.Type.Equals("id", StringComparison.InvariantCultureIgnoreCase)).FirstOrDefault()?.Value ?? default; + var um = context.HttpContext.RequestServices.GetRequiredService(); + var user = await um.FindByIdAsync(userid); + if (user == null) + { + context.Fail("invaild token"); + } } }; });