OpenSlides/client/src/app/core/core-services/auth.service.ts

import { Injectable } from '@angular/core';
import { Router } from '@angular/router';

import { environment } from 'environments/environment';

import { OperatorService, WhoAmI } from 'app/core/core-services/operator.service';
import { DEFAULT_AUTH_TYPE, UserAuthType } from 'app/shared/models/users/user';
import { DataStoreService } from './data-store.service';
import { HttpService } from './http.service';
import { OpenSlidesService } from './openslides.service';
import { StorageService } from './storage.service';

interface LoginData {
    username: string;
    password: string;
    cookies?: boolean;
}

/**
 * Authenticates an OpenSlides user with username and password
 */
@Injectable({
    providedIn: 'root'
})
export class AuthService {
    /**
     * Initializes the httpClient and the {@link OperatorService}.
     *
     * @param http HttpService to send requests to the server
     * @param operator Who is using OpenSlides
     * @param OpenSlides The openslides service
     * @param router To navigate
     */
    public constructor(
        private http: HttpService,
        private operator: OperatorService,
        private OpenSlides: OpenSlidesService,
        private router: Router,
        private DS: DataStoreService,
        private storageService: StorageService
    ) {}

    /**
     * Try to log in a user with a given auth type
     *
     * - Type "default": username and password needed; the earlySuccessCallback will be called.
     * - Type "saml": The windows location will be changed to the single-sign-on service initiator.
     */
    public async login(
        authType: UserAuthType,
        username: string,
        password: string,
        earlySuccessCallback: () => void
    ): Promise<void> {
        if (authType === 'default') {
            const data: LoginData = {
                username: username,
                password: password
            };
            if (!navigator.cookieEnabled) {
                data.cookies = false;
            }
            const response = await this.http.post<WhoAmI>(environment.urlPrefix + '/users/login/', data);
            earlySuccessCallback();
            await this.OpenSlides.shutdown();
            await this.operator.setWhoAmI(response);
            await this.OpenSlides.afterLoginBootup(response.user_id);
            await this.redirectUser(response.user_id);
        } else if (authType === 'saml') {
            await this.operator.clearWhoAmIFromStorage(); // This is important:
            // Then returning to the page, we do not want to have anything cached so a
            // fresh whoami is executed.
            window.location.href = environment.urlPrefix + '/saml/?sso'; // Bye
        } else {
            throw new Error(`Unsupported auth type "${authType}"`);
        }
    }

    /**
     * Redirects the user to the page where he came from. Boots OpenSlides,
     * if it wasn't done before.
     */
    public async redirectUser(userId: number): Promise<void> {
        if (!this.OpenSlides.isBooted) {
            await this.OpenSlides.afterLoginBootup(userId);
        }

        let redirect = this.OpenSlides.redirectUrl ? this.OpenSlides.redirectUrl : '/';

        const excludedUrls = ['login'];
        if (excludedUrls.some(url => redirect.includes(url))) {
            redirect = '/';
        }
        this.router.navigate([redirect]);
    }

    /**
     * Login for guests.
     */
    public async guestLogin(): Promise<void> {
        this.redirectUser(null);
    }

    /**
     * Logout function for both the client and the server.
     *
     * Will clear the datastore, update the current operator and
     * send a `post`-request to `/apps/users/logout/'`. Restarts OpenSlides.
     */
    public async logout(): Promise<void> {
        const authType = this.operator.authType.getValue();
        if (authType === DEFAULT_AUTH_TYPE) {
            let response = null;
            try {
                response = await this.http.post<WhoAmI>(environment.urlPrefix + '/users/logout/', {});
            } catch (e) {
                // We do nothing on failures. Reboot OpenSlides anyway.
            }
            this.router.navigate(['/']);
            await this.storageService.clear();
            await this.DS.clear();
            await this.operator.setWhoAmI(response);
            await this.OpenSlides.reboot();
        } else if (authType === 'saml') {
            await this.storageService.clear();
            await this.DS.clear();
            await this.operator.setWhoAmI(null);
            window.location.href = environment.urlPrefix + '/saml/?slo'; // Bye
        } else {
            throw new Error(`Unsupported auth type "${authType}"`);
        }
    }
}
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00			`import { Injectable } from '@angular/core';`
Restructure the client, register Repositories and map to collection strings. 2019-01-31 13:40:27 +01:00			`import { Router } from '@angular/router';`
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00
Add viewport service, adjust proxy and environment 2018-08-23 16:49:51 +02:00			`import { environment } from 'environments/environment';`
New linting rules and ordering of imports 2019-07-26 11:46:59 +02:00
			`import { OperatorService, WhoAmI } from 'app/core/core-services/operator.service';`
saml 2019-08-20 12:00:54 +02:00			`import { DEFAULT_AUTH_TYPE, UserAuthType } from 'app/shared/models/users/user';`
clear repositories and extra DS clear on logout 2019-02-28 11:04:19 +01:00			`import { DataStoreService } from './data-store.service';`
New linting rules and ordering of imports 2019-07-26 11:46:59 +02:00			`import { HttpService } from './http.service';`
			`import { OpenSlidesService } from './openslides.service';`
Replace jitsi mat dialog Replace Jitsis Mat Dialog with an div container Fixes an issue where observables in jitsi would register multiple times Clear the IndexedDB on logout 2020-06-22 15:34:42 +02:00			`import { StorageService } from './storage.service';`
Auth/Operator/Anonymous/WS-Stuff - operator is more lightweight - auth and auth-guard service updated - anonymous in login form - improved login form - websocket retries to reconnect 2018-08-28 11:07:10 +02:00
Added missing client part for cookie checking on login 2020-09-07 08:36:02 +02:00			`interface LoginData {`
			`username: string;`
			`password: string;`
			`cookies?: boolean;`
			`}`

document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`/**`
			`* Authenticates an OpenSlides user with username and password`
			`*/`
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00			`@Injectable({`
			`providedIn: 'root'`
			`})`
Removed OpenSlidesComponent 2019-02-08 17:24:32 +01:00			`export class AuthService {`
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`/**`
			`* Initializes the httpClient and the {@link OperatorService}.`
			`*`
change id client 2018-10-26 10:23:14 +02:00			`* @param http HttpService to send requests to the server`
			`* @param operator Who is using OpenSlides`
			`* @param OpenSlides The openslides service`
			`* @param router To navigate`
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`*/`
More linter rules 2018-08-29 13:21:25 +02:00			`public constructor(`
change id client 2018-10-26 10:23:14 +02:00			`private http: HttpService,`
More linter rules 2018-08-29 13:21:25 +02:00			`private operator: OperatorService,`
change id client 2018-10-26 10:23:14 +02:00			`private OpenSlides: OpenSlidesService,`
clear repositories and extra DS clear on logout 2019-02-28 11:04:19 +01:00			`private router: Router,`
Replace jitsi mat dialog Replace Jitsis Mat Dialog with an div container Fixes an issue where observables in jitsi would register multiple times Clear the IndexedDB on logout 2020-06-22 15:34:42 +02:00			`private DS: DataStoreService,`
			`private storageService: StorageService`
Removed OpenSlidesComponent 2019-02-08 17:24:32 +01:00			`) {}`
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`/**`
saml 2019-08-20 12:00:54 +02:00			`* Try to log in a user with a given auth type`
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`*`
saml 2019-08-20 12:00:54 +02:00			`* - Type "default": username and password needed; the earlySuccessCallback will be called.`
			`* - Type "saml": The windows location will be changed to the single-sign-on service initiator.`
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`*/`
saml 2019-08-20 12:00:54 +02:00			`public async login(`
			`authType: UserAuthType,`
			`username: string,`
			`password: string,`
			`earlySuccessCallback: () => void`
			`): Promise<void> {`
			`if (authType === 'default') {`
Added missing client part for cookie checking on login 2020-09-07 08:36:02 +02:00			`const data: LoginData = {`
saml 2019-08-20 12:00:54 +02:00			`username: username,`
			`password: password`
			`};`
Added missing client part for cookie checking on login 2020-09-07 08:36:02 +02:00			`if (!navigator.cookieEnabled) {`
			`data.cookies = false;`
			`}`
			`const response = await this.http.post<WhoAmI>(environment.urlPrefix + '/users/login/', data);`
saml 2019-08-20 12:00:54 +02:00			`earlySuccessCallback();`
			`await this.OpenSlides.shutdown();`
			`await this.operator.setWhoAmI(response);`
			`await this.OpenSlides.afterLoginBootup(response.user_id);`
			`await this.redirectUser(response.user_id);`
			`} else if (authType === 'saml') {`
fixed endless spinner on SAML login 2020-05-06 18:23:38 +02:00			`await this.operator.clearWhoAmIFromStorage(); // This is important:`
			`// Then returning to the page, we do not want to have anything cached so a`
			`// fresh whoami is executed.`
saml 2019-08-20 12:00:54 +02:00			`window.location.href = environment.urlPrefix + '/saml/?sso'; // Bye`
			`} else {`
			throw new Error(`Unsupported auth type "${authType}"`);
			`}`
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00			`}`

rework login system (again) 2019-03-07 10:47:03 +01:00			`/**`
			`* Redirects the user to the page where he came from. Boots OpenSlides,`
			`* if it wasn't done before.`
			`*/`
			`public async redirectUser(userId: number): Promise<void> {`
fixed endless spinner on SAML login 2020-05-06 18:23:38 +02:00			`if (!this.OpenSlides.isBooted) {`
rework login system (again) 2019-03-07 10:47:03 +01:00			`await this.OpenSlides.afterLoginBootup(userId);`
			`}`

			`let redirect = this.OpenSlides.redirectUrl ? this.OpenSlides.redirectUrl : '/';`
Fix AuthGuard race conditions and false redirects Fixes an error where the auth guard had race conditions with the OpenSlides bootup routine (kinda hacky tbh) Fixes false redirects in the Auth.Service Also adjustes the file uploader to be a little more usable. 2019-04-23 13:23:18 +02:00
			`const excludedUrls = ['login'];`
			`if (excludedUrls.some(url => redirect.includes(url))) {`
rework login system (again) 2019-03-07 10:47:03 +01:00			`redirect = '/';`
			`}`
			`this.router.navigate([redirect]);`
			`}`

			`/**`
			`* Login for guests.`
			`*/`
			`public async guestLogin(): Promise<void> {`
			`this.redirectUser(null);`
			`}`

document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`/**`
			`* Logout function for both the client and the server.`
			`*`
rework login system (again) 2019-03-07 10:47:03 +01:00			`* Will clear the datastore, update the current operator and`
offline operator 2019-03-04 11:45:15 +01:00			* send a `post`-request to `/apps/users/logout/'`. Restarts OpenSlides.
document, restructure, add relations - models get other models from DataStore (Relations) - documentation using Compodoc - rename and restructure - http-interceptor makes all http-objections obsolete - created 'Deserializable model' interface for better mapping of JSON objects - Supports multiple nested objects - No foreign dependancies, no magic - Simple yet efficient deserialize function - arrays of nested objects - created more classes for better OOP AOP 2018-07-12 14:11:31 +02:00			`*/`
change id client 2018-10-26 10:23:14 +02:00			`public async logout(): Promise<void> {`
saml 2019-08-20 12:00:54 +02:00			`const authType = this.operator.authType.getValue();`
			`if (authType === DEFAULT_AUTH_TYPE) {`
			`let response = null;`
			`try {`
			`response = await this.http.post<WhoAmI>(environment.urlPrefix + '/users/logout/', {});`
			`} catch (e) {`
			`// We do nothing on failures. Reboot OpenSlides anyway.`
			`}`
			`this.router.navigate(['/']);`
Replace jitsi mat dialog Replace Jitsis Mat Dialog with an div container Fixes an issue where observables in jitsi would register multiple times Clear the IndexedDB on logout 2020-06-22 15:34:42 +02:00			`await this.storageService.clear();`
saml 2019-08-20 12:00:54 +02:00			`await this.DS.clear();`
			`await this.operator.setWhoAmI(response);`
			`await this.OpenSlides.reboot();`
			`} else if (authType === 'saml') {`
Replace jitsi mat dialog Replace Jitsis Mat Dialog with an div container Fixes an issue where observables in jitsi would register multiple times Clear the IndexedDB on logout 2020-06-22 15:34:42 +02:00			`await this.storageService.clear();`
saml 2019-08-20 12:00:54 +02:00			`await this.DS.clear();`
			`await this.operator.setWhoAmI(null);`
			`window.location.href = environment.urlPrefix + '/saml/?slo'; // Bye`
			`} else {`
			throw new Error(`Unsupported auth type "${authType}"`);
change id client 2018-10-26 10:23:14 +02:00			`}`
cleanup and refractor code -combine the features of the two previous commits -add prettier and pretty-quick -more routing and logout button 2018-06-19 16:55:50 +02:00			`}`
			`}`