1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-27 12:36:14 +01:00

[Auto-Logout] Update Token Service (#94)

* Auto logout on restart

* Updated setTokens function

* Remove async deocrator from setTokens

Co-authored-by: Vincent Salucci <vsalucci@bitwarden.com>
This commit is contained in:
Vincent Salucci 2020-04-06 11:06:32 -05:00 committed by GitHub
parent 28e3fff739
commit 72e3893f8e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 42 additions and 4 deletions

View File

@ -7,6 +7,7 @@ export abstract class TokenService {
getToken: () => Promise<string>; getToken: () => Promise<string>;
setRefreshToken: (refreshToken: string) => Promise<any>; setRefreshToken: (refreshToken: string) => Promise<any>;
getRefreshToken: () => Promise<string>; getRefreshToken: () => Promise<string>;
toggleTokens: () => Promise<any>;
setTwoFactorToken: (token: string, email: string) => Promise<any>; setTwoFactorToken: (token: string, email: string) => Promise<any>;
getTwoFactorToken: (email: string) => Promise<string>; getTwoFactorToken: (email: string) => Promise<string>;
clearTwoFactorToken: (email: string) => Promise<any>; clearTwoFactorToken: (email: string) => Promise<any>;

View File

@ -26,9 +26,15 @@ export class TokenService implements TokenServiceAbstraction {
]); ]);
} }
setToken(token: string): Promise<any> { async setToken(token: string): Promise<any> {
this.token = token; this.token = token;
this.decodedToken = null; this.decodedToken = null;
if (await this.skipTokenStorage()) {
// if we have a vault timeout and the action is log out, don't store token
return;
}
return this.storageService.save(Keys.accessToken, token); return this.storageService.save(Keys.accessToken, token);
} }
@ -41,8 +47,14 @@ export class TokenService implements TokenServiceAbstraction {
return this.token; return this.token;
} }
setRefreshToken(refreshToken: string): Promise<any> { async setRefreshToken(refreshToken: string): Promise<any> {
this.refreshToken = refreshToken; this.refreshToken = refreshToken;
if (await this.skipTokenStorage()) {
// if we have a vault timeout and the action is log out, don't store token
return;
}
return this.storageService.save(Keys.refreshToken, refreshToken); return this.storageService.save(Keys.refreshToken, refreshToken);
} }
@ -55,6 +67,23 @@ export class TokenService implements TokenServiceAbstraction {
return this.refreshToken; return this.refreshToken;
} }
async toggleTokens(): Promise<any> {
const token = await this.getToken();
const refreshToken = await this.getRefreshToken();
const timeout = await this.storageService.get(ConstantsService.vaultTimeoutKey);
const action = await this.storageService.get(ConstantsService.vaultTimeoutActionKey);
if ((timeout != null || timeout === 0) && action === 'logOut') {
// if we have a vault timeout and the action is log out, reset tokens
await this.clearToken();
this.token = token;
this.refreshToken = refreshToken;
return;
}
await this.setToken(token);
await this.setRefreshToken(refreshToken);
}
setTwoFactorToken(token: string, email: string): Promise<any> { setTwoFactorToken(token: string, email: string): Promise<any> {
return this.storageService.save(Keys.twoFactorTokenPrefix + email, token); return this.storageService.save(Keys.twoFactorTokenPrefix + email, token);
} }
@ -183,4 +212,10 @@ export class TokenService implements TokenServiceAbstraction {
return decoded.iss as string; return decoded.iss as string;
} }
private async skipTokenStorage(): Promise<boolean> {
const timeout = await this.storageService.get<number>(ConstantsService.vaultTimeoutKey);
const action = await this.storageService.get<string>(ConstantsService.vaultTimeoutActionKey);
return timeout != null && action === 'logOut';
}
} }

View File

@ -8,6 +8,7 @@ import { MessagingService } from '../abstractions/messaging.service';
import { PlatformUtilsService } from '../abstractions/platformUtils.service'; import { PlatformUtilsService } from '../abstractions/platformUtils.service';
import { SearchService } from '../abstractions/search.service'; import { SearchService } from '../abstractions/search.service';
import { StorageService } from '../abstractions/storage.service'; import { StorageService } from '../abstractions/storage.service';
import { TokenService } from '../abstractions/token.service';
import { UserService } from '../abstractions/user.service'; import { UserService } from '../abstractions/user.service';
import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from '../abstractions/vaultTimeout.service'; import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from '../abstractions/vaultTimeout.service';
@ -22,8 +23,8 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
private collectionService: CollectionService, private cryptoService: CryptoService, private collectionService: CollectionService, private cryptoService: CryptoService,
private platformUtilsService: PlatformUtilsService, private storageService: StorageService, private platformUtilsService: PlatformUtilsService, private storageService: StorageService,
private messagingService: MessagingService, private searchService: SearchService, private messagingService: MessagingService, private searchService: SearchService,
private userService: UserService, private lockedCallback: () => Promise<void> = null, private userService: UserService, private tokenService: TokenService,
private loggedOutCallback: () => Promise<void> = null) { private lockedCallback: () => Promise<void> = null, private loggedOutCallback: () => Promise<void> = null) {
} }
init(checkOnInterval: boolean) { init(checkOnInterval: boolean) {
@ -117,6 +118,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
await this.storageService.save(ConstantsService.vaultTimeoutKey, timeout); await this.storageService.save(ConstantsService.vaultTimeoutKey, timeout);
await this.storageService.save(ConstantsService.vaultTimeoutActionKey, action); await this.storageService.save(ConstantsService.vaultTimeoutActionKey, action);
await this.cryptoService.toggleKey(); await this.cryptoService.toggleKey();
await this.tokenService.toggleTokens();
} }
async isPinLockSet(): Promise<[boolean, boolean]> { async isPinLockSet(): Promise<[boolean, boolean]> {