auth-utils.js
1 // eslint-disable-next-line no-unused-vars 2 const lib_auth = { 3 4 /* SessionStorage Key used for access token */ 5 SESSION_STORE_ACCESS_TOKEN: 'access_token', 6 7 /* SessionStorage Key used for the timestamp of the access token */ 8 SESSION_STORE_ACCESS_TOKEN_TS: 'access_token_ts', 9 10 /* SessionStorage Key used for refresh token */ 11 SESSION_STORE_REFRESH_TOKEN: 'refresh_token', 12 13 /* SessionStorage Key used for the timestamp of the refresh token */ 14 SESSION_STORE_REFRESH_TOKEN_TS: 'refresh_token_ts', 15 16 /* JWT Scheme */ 17 JWT_SCHEME: 'Bearer', 18 19 /* Admin profile */ 20 TOKEN_PROFILE_ADMIN: 'admin', 21 22 23 /* 24 * Retrieves access token from session storage 25 */ 26 getAccessToken: () => sessionStorage.getItem(lib_auth.SESSION_STORE_ACCESS_TOKEN), 27 28 /* 29 * Stores access token in session storage 30 */ 31 setAccessToken: (token) => { 32 sessionStorage.setItem(lib_auth.SESSION_STORE_ACCESS_TOKEN_TS, Date.now()) 33 sessionStorage.setItem(lib_auth.SESSION_STORE_ACCESS_TOKEN, token) 34 }, 35 36 /* 37 * Retrieves refresh token from session storage 38 */ 39 getRefreshToken: () => sessionStorage.getItem(lib_auth.SESSION_STORE_REFRESH_TOKEN), 40 41 /* 42 * Stores refresh token in session storage 43 */ 44 setRefreshToken: (token) => { 45 sessionStorage.setItem(lib_auth.SESSION_STORE_REFRESH_TOKEN_TS, Date.now()) 46 sessionStorage.setItem(lib_auth.SESSION_STORE_REFRESH_TOKEN, token) 47 }, 48 49 /* 50 * Refreshes the access token 51 */ 52 refreshAccessToken: () => { 53 if (!lib_auth.isAuthenticated()) { 54 return 55 } 56 57 const now = Date.now() 58 const atts = sessionStorage.getItem(lib_auth.SESSION_STORE_ACCESS_TOKEN_TS) 59 let timeElapsed = (now - atts) / 1000 60 61 // Refresh the access token if more than 5mn 62 if (timeElapsed > 300) { 63 // Check if refresh token has expired or is about to expire 64 const rtts = sessionStorage.getItem(lib_auth.SESSION_STORE_REFRESH_TOKEN_TS) 65 if ((now - rtts) / 1000 > 7200 - 60) { 66 // Force user to sign in again 67 lib_auth.logout() 68 return 69 } 70 71 let deferred = lib_api.refreshToken({ 72 'rt': lib_auth.getRefreshToken() 73 }) 74 75 deferred.then( 76 (result) => { 77 const auth = result.authorizations 78 const accessToken = auth.access_token 79 lib_auth.setAccessToken(accessToken) 80 }, 81 () => { 82 // Do nothing 83 } 84 ) 85 } 86 }, 87 88 /* 89 * Checks if user is authenticated 90 */ 91 isAuthenticated: () => { 92 // Checks that an access token is stored in session storage 93 let token = lib_auth.getAccessToken() 94 return Boolean(token && (token !== 'null')) 95 }, 96 97 /* 98 * Extract the payload of an access token 99 * in json format 100 */ 101 getPayloadAccessToken: token => { 102 if (!token) 103 token = lib_auth.getAccessToken() 104 105 if (!token) 106 return null 107 108 try { 109 const payloadBase64 = token.split('.')[1] 110 const payloadUtf8 = atob(payloadBase64) 111 return JSON.parse(payloadUtf8) 112 } catch { 113 return null 114 } 115 }, 116 117 /* 118 * Check if user has admin profile 119 */ 120 isAdmin: (token) => { 121 const payload = lib_auth.getPayloadAccessToken(token) 122 if (!payload) 123 return false 124 return (('prf' in payload) && (payload.prf === lib_auth.TOKEN_PROFILE_ADMIN)) 125 }, 126 127 /* 128 * Local logout 129 */ 130 logout: () => { 131 // Clears session storage 132 lib_auth.setRefreshToken(null) 133 lib_auth.setAccessToken(null) 134 sessionStorage.setItem('activeTab', '') 135 sessionStorage.setItem('indexerType', '') 136 lib_cmn.goToHomePage() 137 } 138 139 }