juice-shop
110 строк · 4.7 Кб
1/*
2* Copyright (c) 2014-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
3* SPDX-License-Identifier: MIT
4*/
5
6import { CookieService } from 'ngx-cookie'
7import { WindowRefService } from '../Services/window-ref.service'
8import { Router } from '@angular/router'
9import { Component, NgZone, type OnInit } from '@angular/core'
10import { UntypedFormControl, Validators } from '@angular/forms'
11import { library } from '@fortawesome/fontawesome-svg-core'
12import { UserService } from '../Services/user.service'
13import { faEye, faEyeSlash, faKey } from '@fortawesome/free-solid-svg-icons'
14import { faGoogle } from '@fortawesome/free-brands-svg-icons'
15import { FormSubmitService } from '../Services/form-submit.service'
16import { ConfigurationService } from '../Services/configuration.service'
17import { BasketService } from '../Services/basket.service'
18
19library.add(faKey, faEye, faEyeSlash, faGoogle)
20
21const oauthProviderUrl = 'https://accounts.google.com/o/oauth2/v2/auth'
22
23@Component({
24selector: 'app-login',
25templateUrl: './login.component.html',
26styleUrls: ['./login.component.scss']
27})
28
29export class LoginComponent implements OnInit {
30public emailControl = new UntypedFormControl('', [Validators.required])
31
32public passwordControl = new UntypedFormControl('', [Validators.required, Validators.minLength(1)])
33
34public hide = true
35public user: any
36public rememberMe: UntypedFormControl = new UntypedFormControl(false)
37public error: any
38public clientId = '1005568560502-6hm16lef8oh46hr2d98vf2ohlnj4nfhq.apps.googleusercontent.com'
39public oauthUnavailable: boolean = true
40public redirectUri: string = ''
41constructor (private readonly configurationService: ConfigurationService, private readonly userService: UserService, private readonly windowRefService: WindowRefService, private readonly cookieService: CookieService, private readonly router: Router, private readonly formSubmitService: FormSubmitService, private readonly basketService: BasketService, private readonly ngZone: NgZone) { }
42
43ngOnInit () {
44const email = localStorage.getItem('email')
45if (email) {
46this.user = {}
47this.user.email = email
48this.rememberMe.setValue(true)
49} else {
50this.rememberMe.setValue(false)
51}
52
53// eslint-disable-next-line @typescript-eslint/restrict-template-expressions
54this.redirectUri = `${this.windowRefService.nativeWindow.location.protocol}//${this.windowRefService.nativeWindow.location.host}`
55this.configurationService.getApplicationConfiguration().subscribe((config) => {
56if (config?.application?.googleOauth) {
57this.clientId = config.application.googleOauth.clientId
58const authorizedRedirect = config.application.googleOauth.authorizedRedirects.find(r => r.uri === this.redirectUri)
59if (authorizedRedirect) {
60this.oauthUnavailable = false
61this.redirectUri = authorizedRedirect.proxy ? authorizedRedirect.proxy : authorizedRedirect.uri
62} else {
63this.oauthUnavailable = true
64console.log(this.redirectUri + ' is not an authorized redirect URI for this application.')
65}
66}
67}, (err) => { console.log(err) })
68
69this.formSubmitService.attachEnterKeyHandler('login-form', 'loginButton', () => { this.login() })
70}
71
72login () {
73this.user = {}
74this.user.email = this.emailControl.value
75this.user.password = this.passwordControl.value
76this.userService.login(this.user).subscribe((authentication: any) => {
77localStorage.setItem('token', authentication.token)
78const expires = new Date()
79expires.setHours(expires.getHours() + 8)
80this.cookieService.put('token', authentication.token, { expires })
81sessionStorage.setItem('bid', authentication.bid)
82this.basketService.updateNumberOfCartItems()
83this.userService.isLoggedIn.next(true)
84this.ngZone.run(async () => await this.router.navigate(['/search']))
85}, ({ error }) => {
86if (error.status && error.data && error.status === 'totp_token_required') {
87localStorage.setItem('totp_tmp_token', error.data.tmpToken)
88this.ngZone.run(async () => await this.router.navigate(['/2fa/enter']))
89return
90}
91localStorage.removeItem('token')
92this.cookieService.remove('token')
93sessionStorage.removeItem('bid')
94this.error = error
95this.userService.isLoggedIn.next(false)
96this.emailControl.markAsPristine()
97this.passwordControl.markAsPristine()
98})
99
100if (this.rememberMe.value) {
101localStorage.setItem('email', this.user.email)
102} else {
103localStorage.removeItem('email')
104}
105}
106
107googleLogin () {
108this.windowRefService.nativeWindow.location.replace(`${oauthProviderUrl}?client_id=${this.clientId}&response_type=token&scope=email&redirect_uri=${this.redirectUri}`)
109}
110}
111