Kick out the user when the user has been invalidated. This should solve a few issues with "still being logged in"

pull/3954/head
tidusjar 4 years ago
parent a4bbb8853b
commit 87233a7fd3

@ -1,5 +1,5 @@
import { CommonModule, PlatformLocation, APP_BASE_HREF } from "@angular/common";
import { HttpClient, HttpClientModule } from "@angular/common/http";
import { HttpClient, HttpClientModule, HTTP_INTERCEPTORS } from "@angular/common/http";
import { NgModule } from "@angular/core";
import { FormsModule, ReactiveFormsModule } from "@angular/forms";
import { BrowserModule } from "@angular/platform-browser";
@ -66,6 +66,7 @@ import { StorageService } from "./shared/storage/storage-service";
import { SignalRNotificationService } from "./services/signlarnotification.service";
import { MatMenuModule } from "@angular/material/menu";
import { RemainingRequestsComponent } from "./shared/remaining-requests/remaining-requests.component";
import { UnauthorizedInterceptor } from "./auth/unauthorized.interceptor";
const routes: Routes = [
{ path: "*", component: PageNotFoundComponent },
@ -196,6 +197,11 @@ export function JwtTokenGetter() {
{
provide: APP_BASE_HREF,
useValue: window["baseHref"]
},
{
provide: HTTP_INTERCEPTORS,
useClass: UnauthorizedInterceptor,
multi: true
}
],
bootstrap: [AppComponent],

@ -0,0 +1,29 @@
import { Injectable } from '@angular/core';
import { HttpRequest, HttpHandler, HttpEvent, HttpInterceptor, HttpErrorResponse } from '@angular/common/http';
import { Observable, Subject, throwError } from 'rxjs';
import { catchError, throttleTime } from 'rxjs/operators';
import { AuthService } from './auth.service';
import { Router } from '@angular/router';
@Injectable()
export class UnauthorizedInterceptor implements HttpInterceptor {
private throttleLogout = new Subject();
constructor(private authService: AuthService, private router: Router) {
this.throttleLogout.pipe(throttleTime(5000)).subscribe(url => {
this.authService.logout();
this.router.navigate(["login"]);
});
}
public intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
return next.handle(request).pipe(
catchError((response: HttpErrorResponse) => {
if (response.status === 401) {
this.throttleLogout.next();
}
return throwError(response);
}
));
}
}

@ -1,28 +0,0 @@
export function getBaseLocation() {
debugger;
let paths: string[] = location.pathname.split('/').splice(1, 1);
let basePath: string = (paths && paths[0] ? paths[0] : "");
if(invalidProxies.indexOf(basePath.toUpperCase()) === -1){
return '/' + basePath;
}
return '/';
}
const invalidProxies: string[] = [
'DISCOVER',
'REQUESTS-LIST',
'SETTINGS',
'ISSUES',
'USERMANAGEMENT',
'RECENTLYADDED',
'DETAILS',
'VOTE',
'LOGIN',
'LANDINGPAGE',
'TOKEN',
'RESET',
'CUSTOM',
'AUTH',
'WIZARD',
"CALENDAR"
]

@ -1,5 +1,6 @@
using System;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Text;
using System.Threading.Tasks;
@ -9,6 +10,7 @@ using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Ombi.Config;
using Ombi.Core.Authentication;
using Ombi.Helpers;
using Ombi.Models.Identity;
@ -102,7 +104,6 @@ namespace Ombi
OnMessageReceived = context =>
{
var accessToken = context.Request.Query["access_token"];
// If the request is for our hub...
var path = context.HttpContext.Request.Path;
if (!string.IsNullOrEmpty(accessToken) &&
@ -111,8 +112,17 @@ namespace Ombi
// Read the token out of the query string
context.Token = accessToken;
}
return Task.CompletedTask;
},
OnTokenValidated = async context =>
{
var userid = context.Principal?.Claims?.Where(x => x.Type.Equals("id", StringComparison.InvariantCultureIgnoreCase)).FirstOrDefault()?.Value ?? default;
var um = context.HttpContext.RequestServices.GetRequiredService<OmbiUserManager>();
var user = await um.FindByIdAsync(userid);
if (user == null)
{
context.Fail("invaild token");
}
}
};
});

Loading…
Cancel
Save