mirror of
https://github.com/bitwarden/browser.git
synced 2024-11-27 12:36:14 +01:00
[Auto-Logout] Update Token Service (#94)
* Auto logout on restart * Updated setTokens function * Remove async deocrator from setTokens Co-authored-by: Vincent Salucci <vsalucci@bitwarden.com>
This commit is contained in:
parent
28e3fff739
commit
72e3893f8e
@ -7,6 +7,7 @@ export abstract class TokenService {
|
|||||||
getToken: () => Promise<string>;
|
getToken: () => Promise<string>;
|
||||||
setRefreshToken: (refreshToken: string) => Promise<any>;
|
setRefreshToken: (refreshToken: string) => Promise<any>;
|
||||||
getRefreshToken: () => Promise<string>;
|
getRefreshToken: () => Promise<string>;
|
||||||
|
toggleTokens: () => Promise<any>;
|
||||||
setTwoFactorToken: (token: string, email: string) => Promise<any>;
|
setTwoFactorToken: (token: string, email: string) => Promise<any>;
|
||||||
getTwoFactorToken: (email: string) => Promise<string>;
|
getTwoFactorToken: (email: string) => Promise<string>;
|
||||||
clearTwoFactorToken: (email: string) => Promise<any>;
|
clearTwoFactorToken: (email: string) => Promise<any>;
|
||||||
|
@ -26,9 +26,15 @@ export class TokenService implements TokenServiceAbstraction {
|
|||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
setToken(token: string): Promise<any> {
|
async setToken(token: string): Promise<any> {
|
||||||
this.token = token;
|
this.token = token;
|
||||||
this.decodedToken = null;
|
this.decodedToken = null;
|
||||||
|
|
||||||
|
if (await this.skipTokenStorage()) {
|
||||||
|
// if we have a vault timeout and the action is log out, don't store token
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
return this.storageService.save(Keys.accessToken, token);
|
return this.storageService.save(Keys.accessToken, token);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -41,8 +47,14 @@ export class TokenService implements TokenServiceAbstraction {
|
|||||||
return this.token;
|
return this.token;
|
||||||
}
|
}
|
||||||
|
|
||||||
setRefreshToken(refreshToken: string): Promise<any> {
|
async setRefreshToken(refreshToken: string): Promise<any> {
|
||||||
this.refreshToken = refreshToken;
|
this.refreshToken = refreshToken;
|
||||||
|
|
||||||
|
if (await this.skipTokenStorage()) {
|
||||||
|
// if we have a vault timeout and the action is log out, don't store token
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
return this.storageService.save(Keys.refreshToken, refreshToken);
|
return this.storageService.save(Keys.refreshToken, refreshToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -55,6 +67,23 @@ export class TokenService implements TokenServiceAbstraction {
|
|||||||
return this.refreshToken;
|
return this.refreshToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async toggleTokens(): Promise<any> {
|
||||||
|
const token = await this.getToken();
|
||||||
|
const refreshToken = await this.getRefreshToken();
|
||||||
|
const timeout = await this.storageService.get(ConstantsService.vaultTimeoutKey);
|
||||||
|
const action = await this.storageService.get(ConstantsService.vaultTimeoutActionKey);
|
||||||
|
if ((timeout != null || timeout === 0) && action === 'logOut') {
|
||||||
|
// if we have a vault timeout and the action is log out, reset tokens
|
||||||
|
await this.clearToken();
|
||||||
|
this.token = token;
|
||||||
|
this.refreshToken = refreshToken;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
await this.setToken(token);
|
||||||
|
await this.setRefreshToken(refreshToken);
|
||||||
|
}
|
||||||
|
|
||||||
setTwoFactorToken(token: string, email: string): Promise<any> {
|
setTwoFactorToken(token: string, email: string): Promise<any> {
|
||||||
return this.storageService.save(Keys.twoFactorTokenPrefix + email, token);
|
return this.storageService.save(Keys.twoFactorTokenPrefix + email, token);
|
||||||
}
|
}
|
||||||
@ -183,4 +212,10 @@ export class TokenService implements TokenServiceAbstraction {
|
|||||||
|
|
||||||
return decoded.iss as string;
|
return decoded.iss as string;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private async skipTokenStorage(): Promise<boolean> {
|
||||||
|
const timeout = await this.storageService.get<number>(ConstantsService.vaultTimeoutKey);
|
||||||
|
const action = await this.storageService.get<string>(ConstantsService.vaultTimeoutActionKey);
|
||||||
|
return timeout != null && action === 'logOut';
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -8,6 +8,7 @@ import { MessagingService } from '../abstractions/messaging.service';
|
|||||||
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
|
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
|
||||||
import { SearchService } from '../abstractions/search.service';
|
import { SearchService } from '../abstractions/search.service';
|
||||||
import { StorageService } from '../abstractions/storage.service';
|
import { StorageService } from '../abstractions/storage.service';
|
||||||
|
import { TokenService } from '../abstractions/token.service';
|
||||||
import { UserService } from '../abstractions/user.service';
|
import { UserService } from '../abstractions/user.service';
|
||||||
import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from '../abstractions/vaultTimeout.service';
|
import { VaultTimeoutService as VaultTimeoutServiceAbstraction } from '../abstractions/vaultTimeout.service';
|
||||||
|
|
||||||
@ -22,8 +23,8 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
|||||||
private collectionService: CollectionService, private cryptoService: CryptoService,
|
private collectionService: CollectionService, private cryptoService: CryptoService,
|
||||||
private platformUtilsService: PlatformUtilsService, private storageService: StorageService,
|
private platformUtilsService: PlatformUtilsService, private storageService: StorageService,
|
||||||
private messagingService: MessagingService, private searchService: SearchService,
|
private messagingService: MessagingService, private searchService: SearchService,
|
||||||
private userService: UserService, private lockedCallback: () => Promise<void> = null,
|
private userService: UserService, private tokenService: TokenService,
|
||||||
private loggedOutCallback: () => Promise<void> = null) {
|
private lockedCallback: () => Promise<void> = null, private loggedOutCallback: () => Promise<void> = null) {
|
||||||
}
|
}
|
||||||
|
|
||||||
init(checkOnInterval: boolean) {
|
init(checkOnInterval: boolean) {
|
||||||
@ -117,6 +118,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
|
|||||||
await this.storageService.save(ConstantsService.vaultTimeoutKey, timeout);
|
await this.storageService.save(ConstantsService.vaultTimeoutKey, timeout);
|
||||||
await this.storageService.save(ConstantsService.vaultTimeoutActionKey, action);
|
await this.storageService.save(ConstantsService.vaultTimeoutActionKey, action);
|
||||||
await this.cryptoService.toggleKey();
|
await this.cryptoService.toggleKey();
|
||||||
|
await this.tokenService.toggleTokens();
|
||||||
}
|
}
|
||||||
|
|
||||||
async isPinLockSet(): Promise<[boolean, boolean]> {
|
async isPinLockSet(): Promise<[boolean, boolean]> {
|
||||||
|
Loading…
Reference in New Issue
Block a user