Skip to content

Commit 65de844

Browse files
clovisclovis
committed
fixes to access control
1 parent bb3a781 commit 65de844

3 files changed

Lines changed: 42 additions & 16 deletions

File tree

python/philologic/runtime/access_control.py

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -134,7 +134,15 @@ def login_access(environ, request, config, headers):
134134
headers.append(("Set-Cookie", f"hash={h}"))
135135
headers.append(("Set-Cookie", f"timestamp={ts}"))
136136
else:
137-
access = False
137+
# WORKAROUND because cookie not being sent on access_request.py request
138+
token = check_access(environ, config)
139+
if token:
140+
h, ts = token
141+
headers.append(("Set-Cookie", f"hash={h}"))
142+
headers.append(("Set-Cookie", f"timestamp={ts}"))
143+
access = True
144+
else:
145+
access = False
138146
return access, headers
139147

140148

www/app/src/App.vue

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -125,16 +125,24 @@ export default {
125125
const html = document.documentElement;
126126
html.setAttribute("lang", "sv");
127127
this.accessAuthorized = this.$philoConfig.access_control ? false : true;
128+
console.log(document.cookie);
128129
if (this.$philoConfig.access_control) {
129-
this.$http.get(`${this.$dbUrl}/scripts/access_request.py`).then((response) => {
130-
this.accessAuthorized = response.data.access;
131-
if (this.accessAuthorized) {
132-
this.setupApp();
133-
} else {
134-
this.clientIp = response.data.incoming_address;
135-
this.domainName = response.data.domain_name;
136-
}
137-
});
130+
this.$http
131+
.get(`${this.$dbUrl}/scripts/access_request.py`, {
132+
headers: {
133+
"Access-Control-Allow-Origin": "*",
134+
},
135+
})
136+
.then((response) => {
137+
this.accessAuthorized = response.data.access;
138+
if (this.accessAuthorized) {
139+
this.setupApp();
140+
} else {
141+
this.clientIp = response.data.incoming_address;
142+
this.domainName = response.data.domain_name;
143+
}
144+
console.log(document.cookie);
145+
});
138146
} else {
139147
this.setupApp();
140148
}

www/app/src/main.js

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,10 @@ import "bootstrap"
1010
import appConfig from "../appConfig.json"
1111
import i18n from './i18n'
1212

13+
axios.defaults.withCredentials = true;
14+
1315
axios
14-
.get(`${appConfig.dbUrl}/scripts/get_web_config.py`, {
15-
})
16+
.get(`${appConfig.dbUrl}/scripts/get_web_config.py`, {})
1617
.then((response) => {
1718
const app = createApp(App).use(i18n)
1819
app.config.globalProperties.$philoConfig = response.data
@@ -26,19 +27,28 @@ axios
2627
app.use(store)
2728
app.mixin({
2829
methods: {
29-
paramsFilter, paramsToRoute, paramsToUrlString, copyObject, saveToLocalStorage, mergeResults, sortResults, deepEqual, dictionaryLookup, debug
30+
paramsFilter,
31+
paramsToRoute,
32+
paramsToUrlString,
33+
copyObject,
34+
saveToLocalStorage,
35+
mergeResults,
36+
sortResults,
37+
deepEqual,
38+
dictionaryLookup,
39+
debug
3040
}
3141
})
3242
app.directive('scroll', {
33-
mounted: function (el, binding) {
34-
el.scrollHandler = function (evt) {
43+
mounted: function(el, binding) {
44+
el.scrollHandler = function(evt) {
3545
if (binding.value(evt, el)) {
3646
window.removeEventListener('scroll', el.scrollHandler)
3747
}
3848
}
3949
window.addEventListener('scroll', el.scrollHandler)
4050
},
41-
unmounted: function (el) {
51+
unmounted: function(el) {
4252
window.removeEventListener("scroll", el.scrollHandler)
4353
}
4454
})

0 commit comments

Comments
 (0)