Merge branch 'master' into webseed-merged

author: Chocobozzz <florian.bigard@gmail.com> 2016-10-02 15:39:09 +0200
committer: Chocobozzz <florian.bigard@gmail.com> 2016-10-02 15:39:09 +0200
commit: a6375e69668ea42e19531c6bc68dcd37f3f7cbd7 (patch)
tree: 03204a408d56311692c3528bedcf95d2455e94f2 /client/src/app/shared/auth
parent: 052937db8a8d282eccdbdf38d487ed8d85d3c0a7 (diff)
parent: c4403b29ad4db097af528a7f04eea07e0ed320d0 (diff)
download: PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.tar.gz
PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.tar.zst
PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.zip
4 files changed, 106 insertions, 40 deletions
diff --git a/client/src/app/shared/auth/auth-http.service.ts b/client/src/app/shared/auth/auth-http.service.ts
index 9c7ef4389..2392898ca 100644
--- a/client/src/app/shared/auth/auth-http.service.ts
+++ b/client/src/app/shared/auth/auth-http.service.ts
@@ -28,7 +28,7 @@ export class AuthHttp extends Http {
    return super.request(url, options)
                .catch((err) => {
                  if (err.status === 401) {
-                    return this.handleTokenExpired(err, url, options);
+                    return this.handleTokenExpired(url, options);
                  }
                  return Observable.throw(err);
@@ -49,26 +49,29 @@ export class AuthHttp extends Http {
    return this.request(url, options);
  }
-  post(url: string, options?: RequestOptionsArgs): Observable<Response> {
+  post(url: string, body: any, options?: RequestOptionsArgs): Observable<Response> {
    if (!options) options = {};
    options.method = RequestMethod.Post;
+    options.body = body;
    return this.request(url, options);
  }
-  put(url: string, options?: RequestOptionsArgs): Observable<Response> {
+  put(url: string, body: any, options?: RequestOptionsArgs): Observable<Response> {
    if (!options) options = {};
    options.method = RequestMethod.Put;
+    options.body = body;
    return this.request(url, options);
  }
-  private handleTokenExpired(err: Response, url: string | Request, options: RequestOptionsArgs) {
+  private handleTokenExpired(url: string | Request, options: RequestOptionsArgs) {
-    return this.authService.refreshAccessToken().flatMap(() => {
+    return this.authService.refreshAccessToken()
-      this.setAuthorizationHeader(options.headers);
+                           .flatMap(() => {
+                              this.setAuthorizationHeader(options.headers);
-      return super.request(url, options);
+                              return super.request(url, options);
-    });
+                            });
  }
  private setAuthorizationHeader(headers: Headers) {
diff --git a/client/src/app/shared/auth/user.model.ts b/client/src/app/shared/auth/auth-user.model.ts
index 98852f835..bdd5ea5a9 100644
--- a/client/src/app/shared/auth/user.model.ts
+++ b/client/src/app/shared/auth/auth-user.model.ts
@@ -1,15 +1,28 @@
-export class User {
+import { User } from '../users';
+export class AuthUser extends User {
  private static KEYS = {
+    ID: 'id',
+    ROLE: 'role',
    USERNAME: 'username'
  };
+  id: string;
+  role: string;
  username: string;
  tokens: Tokens;
  static load() {
    const usernameLocalStorage = localStorage.getItem(this.KEYS.USERNAME);
    if (usernameLocalStorage) {
-      return new User(localStorage.getItem(this.KEYS.USERNAME), Tokens.load());
+      return new AuthUser(
+        {
+          id: localStorage.getItem(this.KEYS.ID),
+          username: localStorage.getItem(this.KEYS.USERNAME),
+          role: localStorage.getItem(this.KEYS.ROLE)
+        },
+        Tokens.load()
+      );
    }
    return null;
@@ -17,12 +30,14 @@ export class User {
  static flush() {
    localStorage.removeItem(this.KEYS.USERNAME);
+    localStorage.removeItem(this.KEYS.ID);
+    localStorage.removeItem(this.KEYS.ROLE);
    Tokens.flush();
  }
-  constructor(username: string, hash_tokens: any) {
+  constructor(userHash: { id: string, username: string, role: string }, hashTokens: any) {
-    this.username = username;
+    super(userHash);
-    this.tokens = new Tokens(hash_tokens);
+    this.tokens = new Tokens(hashTokens);
  }
  getAccessToken() {
@@ -43,12 +58,14 @@ export class User {
  }
  save() {
-    localStorage.setItem('username', this.username);
+    localStorage.setItem(AuthUser.KEYS.ID, this.id);
+    localStorage.setItem(AuthUser.KEYS.USERNAME, this.username);
+    localStorage.setItem(AuthUser.KEYS.ROLE, this.role);
    this.tokens.save();
  }
 }
-// Private class used only by User
+// Private class only used by User
 class Tokens {
  private static KEYS = {
    ACCESS_TOKEN: 'access_token',
diff --git a/client/src/app/shared/auth/auth.service.ts b/client/src/app/shared/auth/auth.service.ts
index 584298fff..a30c79c86 100644
--- a/client/src/app/shared/auth/auth.service.ts
+++ b/client/src/app/shared/auth/auth.service.ts
@@ -1,32 +1,39 @@
 import { Injectable } from '@angular/core';
 import { Headers, Http, Response, URLSearchParams } from '@angular/http';
+import { Router } from '@angular/router';
 import { Observable } from 'rxjs/Observable';
 import { Subject } from 'rxjs/Subject';
 import { AuthStatus } from './auth-status.model';
-import { User } from './user.model';
+import { AuthUser } from './auth-user.model';
+import { RestExtractor } from '../rest';
 @Injectable()
 export class AuthService {
-  private static BASE_CLIENT_URL = '/api/v1/users/client';
+  private static BASE_CLIENT_URL = '/api/v1/clients/local';
  private static BASE_TOKEN_URL = '/api/v1/users/token';
+  private static BASE_USER_INFORMATIONS_URL = '/api/v1/users/me';
  loginChangedSource: Observable<AuthStatus>;
  private clientId: string;
  private clientSecret: string;
  private loginChanged: Subject<AuthStatus>;
-  private user: User = null;
+  private user: AuthUser = null;
-  constructor(private http: Http) {
+  constructor(
+    private http: Http,
+    private restExtractor: RestExtractor,
+    private router: Router
+   ) {
    this.loginChanged = new Subject<AuthStatus>();
    this.loginChangedSource = this.loginChanged.asObservable();
    // Fetch the client_id/client_secret
    // FIXME: save in local storage?
    this.http.get(AuthService.BASE_CLIENT_URL)
-      .map(res => res.json())
+      .map(this.restExtractor.extractDataGet)
-      .catch(this.handleError)
+      .catch((res) => this.restExtractor.handleError(res))
      .subscribe(
        result => {
          this.clientId = result.client_id;
@@ -34,12 +41,15 @@ export class AuthService {
          console.log('Client credentials loaded.');
        },
        error => {
-          alert(error);
+          alert(
+            `Cannot retrieve OAuth Client credentials: ${error.text}. \n` +
+            'Ensure you have correctly configured PeerTube (config/ directory), in particular the "webserver" section.'
+          );
        }
      );
    // Return null if there is nothing to load
-    this.user = User.load();
+    this.user = AuthUser.load();
  }
  getRefreshToken() {
@@ -64,10 +74,16 @@ export class AuthService {
    return this.user.getTokenType();
  }
-  getUser(): User {
+  getUser(): AuthUser {
    return this.user;
  }
+  isAdmin() {
+    if (this.user === null) return false;
+    return this.user.isAdmin();
+  }
  isLoggedIn() {
    if (this.getAccessToken()) {
      return true;
@@ -94,21 +110,23 @@ export class AuthService {
    };
    return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
-                    .map(res => res.json())
+                    .map(this.restExtractor.extractDataGet)
                    .map(res => {
                      res.username = username;
                      return res;
                    })
+                    .flatMap(res => this.fetchUserInformations(res))
                    .map(res => this.handleLogin(res))
-                    .catch(this.handleError);
+                    .catch((res) => this.restExtractor.handleError(res));
  }
  logout() {
    // TODO: make an HTTP request to revoke the tokens
    this.user = null;
-    User.flush();
-    this.setStatus(AuthStatus.LoggedIn);
+    AuthUser.flush();
+    this.setStatus(AuthStatus.LoggedOut);
  }
  refreshAccessToken() {
@@ -131,36 +149,64 @@ export class AuthService {
    };
    return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
-                    .map(res => res.json())
+                    .map(this.restExtractor.extractDataGet)
                    .map(res => this.handleRefreshToken(res))
-                    .catch(this.handleError);
+                    .catch((res: Response) => {
+                      // The refresh token is invalid?
+                      if (res.status === 400 && res.json() && res.json().error === 'invalid_grant') {
+                        console.error('Cannot refresh token -> logout...');
+                        this.logout();
+                        this.router.navigate(['/login']);
+                        return Observable.throw({
+                          json: '',
+                          text: 'You need to reconnect.'
+                        });
+                      }
+                      return this.restExtractor.handleError(res);
+                    });
  }
-  private setStatus(status: AuthStatus) {
+  private fetchUserInformations (obj: any) {
-    this.loginChanged.next(status);
+    // Do not call authHttp here to avoid circular dependencies headaches
+    const headers = new Headers();
+    headers.set('Authorization', `Bearer ${obj.access_token}`);
+    return this.http.get(AuthService.BASE_USER_INFORMATIONS_URL, { headers })
+             .map(res => res.json())
+             .map(res => {
+               obj.id = res.id;
+               obj.role = res.role;
+               return obj;
+             }
+    );
  }
  private handleLogin (obj: any) {
+    const id = obj.id;
    const username = obj.username;
-    const hash_tokens = {
+    const role = obj.role;
+    const hashTokens = {
      access_token: obj.access_token,
      token_type: obj.token_type,
      refresh_token: obj.refresh_token
    };
-    this.user = new User(username, hash_tokens);
+    this.user = new AuthUser({ id, username, role }, hashTokens);
    this.user.save();
    this.setStatus(AuthStatus.LoggedIn);
  }
-  private handleError (error: Response) {
-    console.error(error);
-    return Observable.throw(error.json() || { error: 'Server error' });
-  }
  private handleRefreshToken (obj: any) {
    this.user.refreshTokens(obj.access_token, obj.refresh_token);
    this.user.save();
  }
+  private setStatus(status: AuthStatus) {
+    this.loginChanged.next(status);
+  }
 }
diff --git a/client/src/app/shared/auth/index.ts b/client/src/app/shared/auth/index.ts
index aafaacbf1..ebd9e14cd 100644
--- a/client/src/app/shared/auth/index.ts
+++ b/client/src/app/shared/auth/index.ts
@@ -1,4 +1,4 @@
 export * from './auth-http.service';
 export * from './auth-status.model';
 export * from './auth.service';
-export * from './user.model';
+export * from './auth-user.model';
author	Chocobozzz <florian.bigard@gmail.com>	2016-10-02 15:39:09 +0200
committer	Chocobozzz <florian.bigard@gmail.com>	2016-10-02 15:39:09 +0200
commit	a6375e69668ea42e19531c6bc68dcd37f3f7cbd7 (patch)
tree	03204a408d56311692c3528bedcf95d2455e94f2 /client/src/app/shared/auth
parent	052937db8a8d282eccdbdf38d487ed8d85d3c0a7 (diff)
parent	c4403b29ad4db097af528a7f04eea07e0ed320d0 (diff)
download	PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.tar.gz PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.tar.zst PeerTube-a6375e69668ea42e19531c6bc68dcd37f3f7cbd7.zip