110swag / flashy-frontend

Download as
Browse Code ยป

Commit 594706b11dff3463223925d7696013b72cf3511f

Authored by Andrew Buss
1 parent a650201b9e
Exists in master and in 1 other branch ef9f9dd363e92d55eb4d80d036193be39572172b

don't trust the user's local storage; they could have logged out on a different account

Showing 2 changed files with 30 additions and 29 deletions Side-by-side Diff

config.js View file @ 594706b
... ... @@ -16,7 +16,7 @@
16 16 'flashy.HelpController',
17 17 'flashy.SettingsController',
18 18 'ngCookies']).
19   - config(function($stateProvider, $urlRouterProvider, $resourceProvider, $httpProvider, $locationProvider) {
  19 + config(function ($stateProvider, $urlRouterProvider, $resourceProvider, $httpProvider, $locationProvider) {
20 20 'use strict';
21 21 $httpProvider.defaults.withCredentials = true;
22 22 $httpProvider.defaults.xsrfCookieName = 'csrftoken';
23 23  
... ... @@ -30,9 +30,9 @@
30 30 }
31 31 }
32 32  
33   - $httpProvider.interceptors.push(function($q, $rootScope) {
  33 + $httpProvider.interceptors.push(function ($q, $rootScope) {
34 34 return {
35   - 'responseError': function(rejection) { // need a better redirect
  35 + 'responseError': function (rejection) { // need a better redirect
36 36 if (rejection.status >= 500) {
37 37 console.log('got error');
38 38 console.log(rejection);
39 39  
... ... @@ -52,12 +52,12 @@
52 52 $locationProvider.html5Mode(true);
53 53 $urlRouterProvider.otherwise('/404');
54 54 var auth_resolve = {
55   - authorize: function($q, $state, $stateParams, UserService) {
  55 + authorize: function ($q, $state, $stateParams, UserService) {
56 56 if (UserService.noAuthRequired($state)) {
57 57 return console.log('no auth state ' + $state.name);
58 58 }
59 59 console.log('resolving user before continuing for ' + $state.name);
60   - var redirectAsNeeded = function() {
  60 + var redirectAsNeeded = function () {
61 61 if (!UserService.isLoggedIn()) {
62 62 console.log(UserService.getUserData());
63 63 console.log('making the user log in');
... ... @@ -74,6 +74,7 @@
74 74 };
75 75 $stateProvider.
76 76 state('login', {
  77 + resolve: auth_resolve,
77 78 url: '/login',
78 79 templateUrl: 'templates/login.html',
79 80 controller: 'LoginController'
80 81  
... ... @@ -151,12 +152,12 @@
151 152 controller: 'HelpController'
152 153 });
153 154 }).
154   - run(function($rootScope, $state, $stateParams, $location, UserService) {
155   - $rootScope.$on('$stateChangeError', function(event, toState, toParams, fromState, fromParams, error) {
  155 + run(function ($rootScope, $state, $stateParams, $location, UserService) {
  156 + $rootScope.$on('$stateChangeError', function (event, toState, toParams, fromState, fromParams, error) {
156 157 console.log('failed to change state: ' + error);
157 158 $state.go('login');
158 159 });
159   - $rootScope.$on('$stateChangeStart', function(event, toState, toParams, fromState, fromParams) {
  160 + $rootScope.$on('$stateChangeStart', function (event, toState, toParams, fromState, fromParams) {
160 161 if (['feed', 'deck', 'cardlist'].indexOf(toState.name) >= 0) {
161 162 localStorage.setItem('last_state', toState.name);
162 163 localStorage.setItem('last_state_params', JSON.stringify(toParams));
scripts/UserService.js View file @ 594706b
1 1 angular.module('flashy.UserService', ['ui.router']).
2   - service('UserService', function($rootScope, $http, $q) {
  2 + service('UserService', function ($rootScope, $http, $q) {
3 3 var deferred = $q.defer();
4 4 var _user = false;
5   - var login = function(data) {
  5 + var login = function (data) {
6 6 if (data.locked) {
7 7 $rootScope.UserService.showLockedMessage();
8 8 return deferred.reject('account locked');
9 9  
10 10  
11 11  
12 12  
13 13  
14 14  
15 15  
16 16  
17 17  
18 18  
19 19  
... ... @@ -13,54 +13,54 @@
13 13 'Resend Verification Email</a>', 4000);
14 14 }
15 15 _user = data;
16   - _user.sectionIdList = _user.sections.map(function(x) {
  16 + _user.sectionIdList = _user.sections.map(function (x) {
17 17 return x.id;
18 18 });
19 19 deferred.resolve(data);
20 20 };
21 21 this.login = login;
22   - $http.get('/api/me/').success(function(data) {
  22 + $http.get('/api/me/').success(function (data) {
23 23 console.log('user is logged in!');
24 24 login(data);
25   - }).error(function(data) {
  25 + }).error(function (data) {
26 26 console.log(data);
27 27 console.log('not logged in yet: ' + data.detail);
28 28 _user = {email: false};
29 29 deferred.resolve(_user);
30 30 });
31 31  
32   - this.isResolved = function() {
  32 + this.isResolved = function () {
33 33 return !!_user;
34 34 };
35   - this.getUserData = function() {
  35 + this.getUserData = function () {
36 36 if (this.isResolved()) return _user;
37 37 else return deferred.promise;
38 38 };
39   - this.hasVerifiedEmail = function() {
  39 + this.hasVerifiedEmail = function () {
40 40 return this.isResolved() && _user.is_confirmed;
41 41 };
42   - this.logout = function($state) {
43   - $http.post('/api/logout/').success(function() {
  42 + this.logout = function ($state) {
  43 + $http.post('/api/logout/').success(function () {
44 44 if (!_user.locked)Materialize.toast('Logged out!', 1000);
45   - }).error(function() {
  45 + }).error(function () {
46 46 console.log('Problem logging out');
47 47 });
48 48 _user = false;
49 49 deferred.resolve({});
50 50 $state.go('login');
51 51 };
52   - this.addClass = function(section) {
  52 + this.addClass = function (section) {
53 53 _user.sections.push(section);
54 54 _user.sectionIdList.push(section.id);
55 55 };
56   - this.isLoggedIn = function() {
  56 + this.isLoggedIn = function () {
57 57 rv = this.isResolved() && _user.email;
58 58 return rv;
59 59 };
60   - this.isInSection = function(sectionId) {
  60 + this.isInSection = function (sectionId) {
61 61 return (_user.sectionIdList.indexOf(sectionId) >= 0);
62 62 };
63   - this.redirectToDefaultState = function($state) {
  63 + this.redirectToDefaultState = function ($state) {
64 64 console.log('redirecting user to their default state');
65 65 if (!this.isLoggedIn()) return $state.go('login');
66 66 if (!_user.sections.length) return $state.go('addclass');
... ... @@ -73,7 +73,7 @@
73 73 }
74 74 $state.go('feed', {sectionId: _user.sections[0].id});
75 75 };
76   - this.authorizedFor = function(state, stateParams) {
  76 + this.authorizedFor = function (state, stateParams) {
77 77 if (['feed', 'deck', 'cardlist'].indexOf(state.name) >= 0) {
78 78 if (_user.sectionIdList.indexOf(stateParams.sectionId) < 0) {
79 79 return false;
80 80  
81 81  
82 82  
... ... @@ -81,20 +81,20 @@
81 81 }
82 82 return true;
83 83 };
84   - this.showLockedMessage = function() {
  84 + this.showLockedMessage = function () {
85 85 Materialize.toast('You must verify your email address before continuing.' +
86 86 '<a class="btn-flat cyan-text" onclick="rootscope.UserService.resendConfirmationEmail()">' +
87 87 'Resend Verification Email</a>', 4000);
88 88 };
89   - this.noAuthRequired = function(state) {
90   - if (['verifyemail'].indexOf(state.name) >= 0) {
  89 + this.noAuthRequired = function (state) {
  90 + if (['verifyemail', 'login'].indexOf(state.name) >= 0) {
91 91 return true;
92 92 }
93 93 return false;
94 94 };
95   - this.resendConfirmationEmail = function() {
  95 + this.resendConfirmationEmail = function () {
96 96 console.log('Requesting resend of confirmation email');
97   - $http.post('/api/resend_confirmation_email/').success(function() {
  97 + $http.post('/api/resend_confirmation_email/').success(function () {
98 98 Materialize.toast('Resent confirmation email! Check your spam folder too.', 4000);
99 99 });
100 100 };