diff options
| author | Marius David Wieschollek <passwords.public@mdns.eu> | 2021-01-16 23:05:31 +0300 |
|---|---|---|
| committer | Marius David Wieschollek <passwords.public@mdns.eu> | 2021-01-16 23:05:31 +0300 |
| commit | 2ca861596443192b46f6caefe33dad74fcc24009 (patch) | |
| tree | b14ecbe87a313be606ce25f04c161a16f90b6c3a | |
| parent | c37ee213cb90915cd0251bbcc11605592c60ad76 (diff) | |
Fix session overwrite from cached results
Signed-off-by: Marius David Wieschollek <passwords.public@mdns.eu>
| -rw-r--r-- | package.json | 26 | ||||
| -rw-r--r-- | src/Model/Session/Session.js | 1 | ||||
| -rw-r--r-- | src/Network/ApiRequest.js | 22 |
3 files changed, 35 insertions, 14 deletions
diff --git a/package.json b/package.json index ce1ea4e..0719f98 100644 --- a/package.json +++ b/package.json @@ -1,25 +1,25 @@ { - "name" : "passwords-client", - "version" : "0.1.0", - "description" : "JS client library for the Nextcloud Passwords app", - "main" : "src/main.js", - "author" : "Marius Wieschollek", - "license" : "ISC", - "keywords" : [ + "name": "passwords-client", + "version": "0.1.0", + "description": "JS client library for the Nextcloud Passwords app", + "main": "src/main.js", + "author": "Marius Wieschollek", + "license": "ISC", + "keywords": [ "crypto", "passwords", "api", "nextcloud" ], - "repository" : { + "repository": { "type": "git", - "url" : "https://git.mdns.eu/nextcloud/passwords-client.git" + "url": "https://git.mdns.eu/nextcloud/passwords-client.git" }, "dependencies": { - "eventemitter3" : "^4.0.7", + "eventemitter3": "^4.0.7", "libsodium-wrappers": "^0.7.8", - "pako" : "^1.0.11", - "url-parse" : "^1.4.7", - "uuidv4" : "^4.0.0" + "pako": "^1.0.11", + "url-parse": "^1.4.7", + "uuidv4": "^4.0.0" } } diff --git a/src/Model/Session/Session.js b/src/Model/Session/Session.js index f01f398..5a02bac 100644 --- a/src/Model/Session/Session.js +++ b/src/Model/Session/Session.js @@ -21,6 +21,7 @@ export default class Session { */ setId(value) { this._id = value; + this._authorized = false; return this; } diff --git a/src/Network/ApiRequest.js b/src/Network/ApiRequest.js index 1c0dd1a..1e975af 100644 --- a/src/Network/ApiRequest.js +++ b/src/Network/ApiRequest.js @@ -126,7 +126,7 @@ export default class ApiRequest { .setHttpStatus(httpResponse.status) .setHttpResponse(httpResponse); - this._session.setId(httpResponse.headers.get('x-api-session')); + this._updateSessionId(httpResponse); if(this._responseType !== null && contentType && contentType.indexOf(this._responseType) === -1) { let error = this._api.getClass('exception.contenttype', this._responseType, contentType, httpResponse); @@ -145,6 +145,26 @@ export default class ApiRequest { /** * + * @param httpResponse + * @private + */ + _updateSessionId(httpResponse) { + if(httpResponse.headers.has('x-api-session')) { + if(httpResponse.headers.has('cache-control') && httpResponse.headers.get('cache-control').indexOf('immutable') !== -1) return; + if(httpResponse.headers.has('pragma') && httpResponse.headers.get('pragma') === 'cache') return; + + if(httpResponse.headers.has('date')) { + let date = new Date(httpResponse.headers.get('date')), + now = Date.now() - 300000; + if(date.getTime() < now) return; + } + + this._session.setId(httpResponse.headers.get('x-api-session')); + } + } + + /** + * * @return {{redirect: string, headers: Headers, method: string, credentials: string}} * @private */ |