Dekódování jména uživatele z trusted headers

2023-08-08 20:04:12 +02:00 · 2023-08-08 20:04:12 +02:00 · 9c6b6d2f36
commit 9c6b6d2f36
parent f008d364c5
3 changed files with 23 additions and 6 deletions
--- a/client/src/Api.ts
+++ b/client/src/Api.ts
@ -80,7 +80,7 @@ export const updateNote = async (note?: string) => {
    return await api.post<any, any>('/api/updateNote', JSON.stringify({ note }));
 }

-export const login = async (login: string) => {
+export const login = async (login?: string) => {
    return await api.post<any, any>('/api/login', JSON.stringify({ login }));
 }

--- a/client/src/Login.tsx
+++ b/client/src/Login.tsx
@ -1,4 +1,4 @@
-import React, { useCallback, useRef } from 'react';
+import React, { useCallback, useEffect, useRef } from 'react';
 import { Button } from 'react-bootstrap';
 import { useAuth } from './context/auth';
 import { login } from './Api';
@ -11,6 +11,17 @@ export default function Login() {
  const auth = useAuth();
  const loginRef = useRef<HTMLInputElement>(null);

+  useEffect(() => {
+    // Vyzkoušíme přihlášení "naprázdno", pokud projde, přihlásili nás trusted headers
+    login().then(token => {
+      if (token) {
+        auth?.setToken(token);
+      }
+    }).catch(error => {
+      // nezajímá nás
+    });
+  }, []);
+
  const doLogin = useCallback(async () => {
    const length = loginRef?.current?.value && loginRef?.current?.value.length && loginRef.current.value.replace(/\s/g, '').length
    if (length) {
--- a/server/src/index.ts
+++ b/server/src/index.ts
@ -61,8 +61,9 @@ app.get("/api/whoami", (req, res) => {
 app.post("/api/login", (req, res) => {
    // Autentizace pomocí trusted headers
    const remoteUser = req.header('remote-user');
-    if (remoteUser && remoteUser.length > 0) {
-        res.status(200).json(generateToken(remoteUser, true));
+    const remoteName = req.header('remote-name');
+    if (remoteUser && remoteUser.length > 0 && remoteName && remoteName.length > 0) {
+        res.status(200).json(generateToken(Buffer.from(remoteName, 'latin1').toString(), true));
        return;
    }
    // Klasická autentizace loginem
@ -91,8 +92,13 @@ app.get("/api/qr", (req, res) => {

 /** Middleware ověřující JWT token */
 app.use((req, res, next) => {
-    if (req.header('remote-user')) {
-        console.log("Tvuj username: %s.", req.header('remote-user'));
+    const userHeader = req.header('remote-user');
+    const nameHeader = req.header('remote-name');
+    if (userHeader !== undefined && nameHeader !== undefined) {
+        const remoteName = Buffer.from(nameHeader, 'latin1').toString();
+        console.log("Tvuj username: %s.", userHeader);
+        console.log("Tvuj name: %s.", remoteName);
+        console.log("Tvuj email: %s.", req.header('remote-email'));
    }
    if (!req.headers.authorization) {
        return res.status(401).json({ error: 'Nebyl předán autentizační token' });