Fixed bug that caused users with large amounts of data to have extremely large tokens

Subfolders are now ensured to exist with the normal downloading method Initialization now happens after token retrieval to avoid failed requests Fixed bug that caused login to be called twice, introducing a possible race condition
2026-03-19 19:21:02 +03:00 · 2020-05-03 18:55:42 -04:00
parent 26ad195597
commit f73ec2dd94
4 changed files with 16 additions and 13 deletions
--- a/backend/app.js
+++ b/backend/app.js
@@ -1365,7 +1365,9 @@ async function downloadFileByURL_normal(url, type, options, sessionID = null) {
        video.on('info', function(info) {
            video_info = info;
            file_size = video_info.size;
-            fs.writeJSONSync(removeFileExtension(video_info._filename) + '.info.json', video_info);
+            const json_path = removeFileExtension(video_info._filename) + '.info.json';
+            fs.ensureFileSync(json_path);
+            fs.writeJSONSync(json_path, video_info);
            video.pipe(fs.createWriteStream(video_info._filename, { flags: 'w' }))
        });
        // Will be called if download was already completed and there is nothing more to download.
--- a/backend/authentication/auth.js
+++ b/backend/authentication/auth.js
@@ -46,7 +46,7 @@ exports.initialize = function(input_users_db, input_logger) {
  opts.audience = 'example.com';*/

  exports.passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
-    const user = users_db.get('users').find({uid: jwt_payload.user.uid}).value();
+    const user = users_db.get('users').find({uid: jwt_payload.user}).value();
    if (user) {
        return done(null, user);
    } else {
@@ -209,7 +209,7 @@ exports.authenticateViaPassport = function(req, res, next) {
 exports.generateJWT = function(req, res, next) {
  var payload = {
      exp: Math.floor(Date.now() / 1000) + JWT_EXPIRATION
-    , user: req.user
+    , user: req.user.uid
  };
  req.token = jwt.sign(payload, SERVER_SECRET);
  next();  
--- a/src/app/components/login/login.component.ts
+++ b/src/app/components/login/login.component.ts
@@ -41,12 +41,15 @@ export class LoginComponent implements OnInit {
  }

  login() {
-    if (this.loginPasswordInput === '') {
+    if (this.loginPasswordInput === '' || this.loggingIn) {
      return;
    }
    this.loggingIn = true;
    this.postsService.login(this.loginUsernameInput, this.loginPasswordInput).subscribe(res => {
      this.loggingIn = false;
+      if (res['token']) {
+        this.postsService.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
+      }
    }, err => {
      this.loggingIn = false;
    });
--- a/src/app/posts.services.ts
+++ b/src/app/posts.services.ts
@@ -1,5 +1,5 @@
 import {Injectable, isDevMode, Inject} from '@angular/core';
-import { HttpClient, HttpParams } from '@angular/common/http';
+import { HttpClient, HttpParams, HttpHeaders } from '@angular/common/http';
 import 'rxjs/add/operator/map';
 import 'rxjs/add/operator/map';
 import 'rxjs/add/operator/catch';
@@ -64,7 +64,7 @@ export class PostsService implements CanActivate {
        this.httpOptions = {
            params: new HttpParams({
              fromString: this.http_params
-            }),
+            })
        };

        Fingerprint2.get(components => {
@@ -83,7 +83,6 @@ export class PostsService implements CanActivate {
                    if (localStorage.getItem('jwt_token')) {
                        this.token = localStorage.getItem('jwt_token');
                        this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
-
                        this.jwtAuth();
                    } else {
                        this.sendToLogin();
@@ -335,12 +334,13 @@ export class PostsService implements CanActivate {
        this.permissions = permissions;
        this.available_permissions = available_permissions;
        this.token = token;
-        this.setInitialized();

        localStorage.setItem('jwt_token', this.token);

        this.httpOptions.params = this.httpOptions.params.set('jwt', this.token);
+        console.log(this.httpOptions);

+        this.setInitialized();
        // needed to re-initialize parts of app after login
        this.config_reloaded.next(true);

@@ -352,25 +352,23 @@ export class PostsService implements CanActivate {
    // user methods
    login(username, password) {
        const call = this.http.post(this.path + 'auth/login', {userid: username, password: password}, this.httpOptions);
-        call.subscribe(res => {
-            if (res['token']) {
-                this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
-            }
-        });
        return call;
    }

    // user methods
    jwtAuth() {
+        console.log('doing jwt call');
        const call = this.http.post(this.path + 'auth/jwtAuth', {}, this.httpOptions);
        call.subscribe(res => {
            if (res['token']) {
                this.afterLogin(res['user'], res['token'], res['permissions'], res['available_permissions']);
            }
        }, err => {
+            console.log('jwt errored')
            if (err.status === 401) {
                this.sendToLogin();
            }
+            console.log(err)
        });
        return call;
    }