Storage auth token vars in sessionStorage in online survey app

Tangerine-Community · Aug 1, 2024 · 30b61d3 · 30b61d3
1 parent 75cda62
commit 30b61d3
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 24 deletions.
diff --git a/online-survey-app/src/app/app.component.ts b/online-survey-app/src/app/app.component.ts
@@ -55,7 +55,7 @@ export class AppComponent implements OnInit{
   }
 
   async sessionTimeoutCheck() {
-    const token = localStorage.getItem('token');
+    const token = sessionStorage.getItem('token');
     const claims = JSON.parse(atob(token.split('.')[1]));
     const expiryTimeInMs = claims['exp'] * 1000;
     const minutesBeforeExpiry = expiryTimeInMs - (15 * 60 * 1000); // warn 15 minutes before expiry of token

diff --git a/online-survey-app/src/app/core/auth/_components/login/login.component.ts b/online-survey-app/src/app/core/auth/_components/login/login.component.ts
@@ -38,7 +38,7 @@ export class LoginComponent implements OnInit {
 
       if (window.location.origin.startsWith('http://localhost')) {
         // If we are running on localhost, we want to use the local server for authentication 
-        localStorage.setItem(this.user.username, this.user.password);
+        sessionStorage.setItem(this.user.username, this.user.password);
         this.router.navigate([this.returnUrl]);
       } else if (await this.authenticationService.login(this.user.username, this.user.password)) {
         this.router.navigate([this.returnUrl]);

diff --git a/online-survey-app/src/app/core/auth/_services/authentication.service.ts b/online-survey-app/src/app/core/auth/_services/authentication.service.ts
@@ -28,9 +28,9 @@ export class AuthenticationService {
       }
     } catch (error) {
       console.error(error);
-      localStorage.removeItem('token');
-      localStorage.removeItem('user_id');
-      localStorage.removeItem('permissions');
+      sessionStorage.removeItem('token');
+      sessionStorage.removeItem('user_id');
+      sessionStorage.removeItem('permissions');
       return false;
     }
   }
@@ -50,26 +50,26 @@ export class AuthenticationService {
       }
     } catch (error) {
       console.error(error);
-      localStorage.removeItem('token');
-      localStorage.removeItem('user_id');
-      localStorage.removeItem('password');
-      localStorage.removeItem('permissions');
+      sessionStorage.removeItem('token');
+      sessionStorage.removeItem('user_id');
+      sessionStorage.removeItem('password');
+      sessionStorage.removeItem('permissions');
       return false;
     }
   }
 
   async isLoggedIn():Promise<boolean> {
     this._currentUserLoggedIn = false;
-    this._currentUserLoggedIn = !!localStorage.getItem('user_id');
+    this._currentUserLoggedIn = !!sessionStorage.getItem('user_id');
     this.currentUserLoggedIn$.next(this._currentUserLoggedIn);
     return this._currentUserLoggedIn;
   }
 
   async logout() {
-    localStorage.removeItem('token');
-    localStorage.removeItem('user_id');
-    localStorage.removeItem('password');
-    localStorage.removeItem('permissions');
+    sessionStorage.removeItem('token');
+    sessionStorage.removeItem('user_id');
+    sessionStorage.removeItem('password');
+    sessionStorage.removeItem('permissions');
     document.cookie = "Authorization=;max-age=-1";
     this._currentUserLoggedIn = false;
     this.currentUserLoggedIn$.next(this._currentUserLoggedIn);
@@ -78,7 +78,7 @@ export class AuthenticationService {
   async extendUserSession() {
     const appConfig = await this.appConfigService.getAppConfig();
     const groupId = appConfig['groupId'];
-    const accessCode = localStorage.getItem('user_id');
+    const accessCode = sessionStorage.getItem('user_id');
 
     try {
       const data = await this.http.post(`/onlineSurvey/login/${groupId}/${accessCode}`, {groupId, accessCode}, {observe: 'response'}).toPromise();
@@ -98,9 +98,9 @@ export class AuthenticationService {
   async setTokens(token) {
     const jwtData = jwtDecode(token);
     document.cookie = "Authorization=;max-age=-1";
-    localStorage.setItem('token', token);
-    localStorage.setItem('user_id', jwtData['username']);
-    localStorage.setItem('permissions', JSON.stringify(jwtData['permissions']));
+    sessionStorage.setItem('token', token);
+    sessionStorage.setItem('user_id', jwtData['username']);
+    sessionStorage.setItem('permissions', JSON.stringify(jwtData['permissions']));
     document.cookie = `Authorization=${token}`;
   }
 

diff --git a/online-survey-app/src/app/core/auth/_services/user.service.ts b/online-survey-app/src/app/core/auth/_services/user.service.ts
@@ -43,7 +43,7 @@ export class UserService {
   }
 
   async getCurrentUser() {
-    return await localStorage.getItem('user_id');
+    return await sessionStorage.getItem('user_id');
   }
   private showError(error: any) {
     console.log(error);
@@ -58,7 +58,7 @@ export class UserService {
 
   async getMyUser() {
     try {
-      if (localStorage.getItem('user_id') === 'user1') {
+      if (sessionStorage.getItem('user_id') === 'user1') {
         return {
           email: '[email protected]',
           firstName: 'user1',

diff --git a/online-survey-app/src/app/shared/classes/user-database.class.ts b/online-survey-app/src/app/shared/classes/user-database.class.ts
@@ -24,7 +24,7 @@ export class UserDatabase {
   }
 
   async get(id) {
-    const token = localStorage.getItem('token');
+    const token = sessionStorage.getItem('token');
     return (<any>await axios.get(`/group-responses/read/${this.groupId}/${id}`, { headers: { authorization: token }})).data
   }
 
@@ -33,7 +33,7 @@ export class UserDatabase {
   }
 
   async post(doc) {
-    const token = localStorage.getItem('token');
+    const token = sessionStorage.getItem('token');
     if (this.attachHistoryToDocs === undefined) {
       const appConfig = (<any>await axios.get('./assets/app-config.json', { headers: { authorization: token }})).data
       this.attachHistoryToDocs = appConfig['attachHistoryToDocs']
@@ -70,7 +70,7 @@ export class UserDatabase {
 
   async remove(doc) {
     // This is not implemented...
-    const token = localStorage.getItem('token');
+    const token = sessionStorage.getItem('token');
     return await axios.delete(`/api/${this.groupId}`, doc)
   }
 

diff --git a/online-survey-app/src/app/tangy-forms/tangy-form.service.ts b/online-survey-app/src/app/tangy-forms/tangy-form.service.ts
@@ -21,7 +21,7 @@ export class TangyFormService {
   }
 
   initialize(groupId) {
-    this.userId = localStorage.getItem('user_id') || 'Survey'
+    this.userId = sessionStorage.getItem('user_id') || 'Survey'
     this.db = new UserDatabase(this.userId, groupId)
   }