[pve-devel] [PATCH v2 widget-toolkit] adapt auth utils for proxmox token authentication

Tim Marx t.marx at proxmox.com
Thu May 7 14:28:24 CEST 2020 

Signed-off-by: Tim Marx <t.marx at proxmox.com>
---

Notes:
    changed since v1:
    * store user info as product independent object

 Utils.js | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/Utils.js b/Utils.js
index 22eddd2..85b4a35 100644
--- a/Utils.js
+++ b/Utils.js
@@ -31,6 +31,10 @@ Ext.Ajax.on('beforerequest', function(conn, options) {
 	}
 	options.headers.CSRFPreventionToken = Proxmox.CSRFPreventionToken;
     }
+    var storedUser = Proxmox.Utils.getStoredUser();
+    if (storedUser.token) {
+	options.headers.Authorization = storedUser.token;
+    }
 });
 
 Ext.define('Proxmox.Utils', { utilities: {
@@ -194,20 +198,32 @@ Ext.define('Proxmox.Utils', { utilities: {
 	return min < width ? width : min;
     },
 
+    getStoredUser: function() {
+	var storedUser = JSON.parse(window.localStorage.getItem('ProxmoxUser'));
+	return storedUser !== null ? storedUser : {};
+    },
+
     setAuthData: function(data) {
-	Proxmox.CSRFPreventionToken = data.CSRFPreventionToken;
 	Proxmox.UserName = data.username;
 	Proxmox.LoggedOut = data.LoggedOut;
 	// creates a session cookie (expire = null)
 	// that way the cookie gets deleted after the browser window is closed
-	Ext.util.Cookies.set(Proxmox.Setup.auth_cookie_name, data.ticket, null, '/', null, true);
+	if (data.ticket) {
+	    Proxmox.CSRFPreventionToken = data.CSRFPreventionToken;
+	    Ext.util.Cookies.set(Proxmox.Setup.auth_cookie_name, data.ticket, null, '/', null, true);
+	}
+
+	if (data.token) {
+	    window.localStorage.setItem('ProxmoxUser', JSON.stringify(data));
+	}
     },
 
     authOK: function() {
 	if (Proxmox.LoggedOut) {
 	    return undefined;
 	}
-	return (Proxmox.UserName !== '') && Ext.util.Cookies.get(Proxmox.Setup.auth_cookie_name);
+	var storedUser = Proxmox.Utils.getStoredUser();
+	return Proxmox.UserName !== '' && (Ext.util.Cookies.get(Proxmox.Setup.auth_cookie_name) || storedUser.token);
     },
 
     authClear: function() {
@@ -215,6 +231,7 @@ Ext.define('Proxmox.Utils', { utilities: {
 	    return undefined;
 	}
 	Ext.util.Cookies.clear(Proxmox.Setup.auth_cookie_name);
+	window.localStorage.removeItem("ProxmoxUser");
     },
 
     // comp.setLoading() is buggy in ExtJS 4.0.7, so we
-- 
2.20.1

More information about the pve-devel mailing list