Extracting token from cookie if safari

This commit is contained in:
Belen Curcio
2017-05-25 18:30:01 -03:00
parent 460f3f292b
commit cbf7cc67f4
3 changed files with 37 additions and 7 deletions
+5 -5
View File
@@ -112,10 +112,8 @@ const signInFailure = (error) => ({
//==============================================================================
export const handleAuthToken = (token) => (dispatch) => {
if (!browser || browser.name !== 'Safari') {
Storage.setItem('exp', jwtDecode(token).exp);
Storage.setItem('token', token);
}
Storage.setItem('exp', jwtDecode(token).exp);
Storage.setItem('token', token);
dispatch({type: 'HANDLE_AUTH_TOKEN'});
};
@@ -129,7 +127,9 @@ export const fetchSignIn = (formData) => {
return coralApi('/auth/local', {method: 'POST', body: formData})
.then(({token}) => {
dispatch(handleAuthToken(token));
if (!browser || browser.name !== 'Safari') {
dispatch(handleAuthToken(token));
}
dispatch(hideSignInDialog());
})
.catch((error) => {
+1 -1
View File
@@ -8,7 +8,7 @@ const router = express.Router();
* This returns the user if they are logged in.
*/
router.get('/', (req, res, next) => {
console.log('is there req user>', req.user);
if (req.user) {
return next();
}
+31 -1
View File
@@ -174,7 +174,37 @@ const ExtractJwt = require('passport-jwt').ExtractJwt;
passport.use(new JwtStrategy({
// Prepare the extractor from the header.
jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('Bearer'),
jwtFromRequest: (req, res) => {
const browser = bowser._detect(req.headers['user-agent']);
if (browser.name === 'Safari') {
const lookup = (i) => {
switch (i) {
case 0: return 'header';
case 1: return 'cookie';
case 2: return 'query';
}
}
// Adding custom extractor
const authorizations = [
req.headers.authorization,
req.cookies.authorization,
req.query.authorization
];
let i = authorizations.findIndex((source) => source !== null && typeof source != 'undefined' && source.length > 0);
if (i >= 0) {
let authorization = authorizations[i];
let source = lookup(i);
return authorization;
}
} else {
return ExtractJwt.fromAuthHeaderWithScheme('Bearer')(req)
}
},
// Use the secret passed in which is loaded from the environment. This can be
// a certificate (loaded) or a HMAC key.