Dekódování jména uživatele z trusted headers

2023-08-08 20:04:12 +02:00 · 2023-08-08 20:04:12 +02:00 · fd2e460a82
commit fd2e460a82
parent f008d364c5
3 changed files with 22 additions and 6 deletions
--- a/client/src/Api.ts
+++ b/client/src/Api.ts
@ -80,7 +80,7 @@ export const updateNote = async (note?: string) => {
    return await api.post<any, any>('/api/updateNote', JSON.stringify({ note }));
 }

-export const login = async (login: string) => {
+export const login = async (login?: string) => {
    return await api.post<any, any>('/api/login', JSON.stringify({ login }));
 }

--- a/client/src/Login.tsx
+++ b/client/src/Login.tsx
@ -1,4 +1,4 @@
-import React, { useCallback, useRef } from 'react';
+import React, { useCallback, useEffect, useRef } from 'react';
 import { Button } from 'react-bootstrap';
 import { useAuth } from './context/auth';
 import { login } from './Api';
@ -11,6 +11,17 @@ export default function Login() {
  const auth = useAuth();
  const loginRef = useRef<HTMLInputElement>(null);

+  useEffect(() => {
+    // Vyzkoušíme přihlášení "naprázdno", pokud projde, přihlásili nás trusted headers
+    login().then(token => {
+      if (token) {
+        auth?.setToken(token);
+      }
+    }).catch(error => {
+      // nezajímá nás
+    });
+  }, []);
+
  const doLogin = useCallback(async () => {
    const length = loginRef?.current?.value && loginRef?.current?.value.length && loginRef.current.value.replace(/\s/g, '').length
    if (length) {
--- a/server/src/index.ts
+++ b/server/src/index.ts
@ -61,8 +61,9 @@ app.get("/api/whoami", (req, res) => {
 app.post("/api/login", (req, res) => {
    // Autentizace pomocí trusted headers
    const remoteUser = req.header('remote-user');
-    if (remoteUser && remoteUser.length > 0) {
-        res.status(200).json(generateToken(remoteUser, true));
+    const remoteName = req.header('remote-name');
+    if (remoteUser && remoteUser.length > 0 && remoteName && remoteName.length > 0) {
+        res.status(200).json(generateToken(Buffer.from(remoteName, 'latin1').toString(), true));
        return;
    }
    // Klasická autentizace loginem
@ -91,8 +92,12 @@ app.get("/api/qr", (req, res) => {

 /** Middleware ověřující JWT token */
 app.use((req, res, next) => {
-    if (req.header('remote-user')) {
-        console.log("Tvuj username: %s.", req.header('remote-user'));
+    const userHeader = req.header('remote-user');
+    const nameHeader = req.header('remote-name');
+    const emailHeader = req.header('remote-email');
+    if (userHeader !== undefined && nameHeader !== undefined) {
+        const remoteName = Buffer.from(nameHeader, 'latin1').toString();
+        console.log("Tvuj username, name a email: %s, %s, %s.", userHeader, remoteName, emailHeader);
    }
    if (!req.headers.authorization) {
        return res.status(401).json({ error: 'Nebyl předán autentizační token' });