Merge pull request #415 from allerta-vvf/master

Redirect to login if server response has status code 401

backend/.gitignore

@@ -3,4 +3,6 @@ dist-frontend
 tmp/*
 !tmp/.gitkeep
 uploads/*
-!uploads/.gitkeep
+!uploads/.gitkeep
+keys/*
+!keys/gen.ps1

backend/keys/gen.ps1

@@ -0,0 +1,25 @@
+openssl req -newkey rsa:2048 -new -nodes -keyout key.pem -out csr.pem
+openssl x509 -req -days 365 -in csr.pem -signkey key.pem -out server.crt
+
+$Public = Get-Content server.crt
+$Private = Get-Content key.pem
+
+Write-Output "" ""
+Write-Output "" ""
+Write-Output "Public Key"
+Write-Output $Public
+Write-Output "" ""
+Write-Output "Private Key"
+Write-Output $Private
+Write-Output "" ""
+Write-Output "" ""
+
+$PublicBytes = [System.Text.Encoding]::Unicode.GetBytes($Public)
+$EncodedPublic = [Convert]::ToBase64String($PublicBytes)
+
+$PrivateBytes = [System.Text.Encoding]::Unicode.GetBytes($Private)
+$EncodedPrivate = [Convert]::ToBase64String($PrivateBytes)
+
+Write-Output "/* JWT Keys */"
+Write-Output "define('JWT_PUBLIC_KEY', '$EncodedPublic');"
+Write-Output "define('JWT_PRIVATE_KEY', '$EncodedPrivate');"

frontend/src/app/_providers/unauthorized-interceptor.provider.ts

@@ -0,0 +1,23 @@
+import { Injectable } from '@angular/core';
+import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent, HttpErrorResponse } from '@angular/common/http';
+import { Observable, tap } from 'rxjs';
+import { AuthService } from '../_services/auth.service';
+
+@Injectable()
+export class UnauthorizedInterceptor implements HttpInterceptor {
+  constructor(private auth: AuthService) { }
+
+  intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
+    return next.handle(request).pipe( tap({
+      next: () => {},
+      error: (err: any) => {
+      if (err instanceof HttpErrorResponse) {
+        if (err.status !== 401 || request.url.includes('/login')) {
+          return;
+        }
+        console.log("Login required");
+        this.auth.logout();
+      }
+    }}));
+  }
+}

frontend/src/app/_services/api-client.service.ts

@@ -1,5 +1,5 @@
 import { Injectable } from '@angular/core';
-import { HttpClient, HttpHeaders, HttpParams } from '@angular/common/http';
+import { HttpClient, HttpHeaders } from '@angular/common/http';
 
 @Injectable({
   providedIn: 'root'
@@ -60,9 +60,6 @@ export class ApiClientService {
   }
 
   public put(endpoint: string, data: any) {
-    let params = new HttpParams({
-      fromObject: data,
-    });
     return new Promise<any>((resolve, reject) => {
       this.http.put(this.apiEndpoint(endpoint), this.dataToParams(data), this.requestOptions).subscribe((data: any) => {
         resolve(data);
@@ -81,4 +78,4 @@ export class ApiClientService {
       });
     });
   }
-}
+}

frontend/src/app/app.module.ts

@@ -1,7 +1,7 @@
 import { NgModule } from '@angular/core';
 import { BrowserModule } from '@angular/platform-browser';
 import { BrowserAnimationsModule } from '@angular/platform-browser/animations';
-import { HttpClientModule } from '@angular/common/http';
+import { HttpClientModule, HTTP_INTERCEPTORS } from '@angular/common/http';
 import { FormsModule } from '@angular/forms';
 import { ToastrModule } from 'ngx-toastr';
 import { ModalModule } from 'ngx-bootstrap/modal';
@@ -23,6 +23,8 @@ import { LogsComponent } from './_components/logs/logs.component';
 import { ServicesComponent } from './_components/services/services.component';
 import { TrainingsComponent } from './_components/trainings/trainings.component';
 
+import { UnauthorizedInterceptor } from './_providers/unauthorized-interceptor.provider';
+
 @NgModule({
   declarations: [
     AppComponent,
@@ -59,7 +61,11 @@ import { TrainingsComponent } from './_components/trainings/trainings.component'
       registrationStrategy: 'registerWhenStable:30000'
     })
   ],
-  providers: [],
+  providers: [{
+    provide: HTTP_INTERCEPTORS, 
+    useClass: UnauthorizedInterceptor,
+    multi: true
+  }],
   bootstrap: [AppComponent]
 })
 export class AppModule { }