safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-07 05:31:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-78: Store anonymous users' authentication results in memory only. Do not persist via cookie.

Browse Source
This commit is contained in:
Michael Jumper
2016-08-12 14:49:37 -07:00
parent 22b3e268d6
commit 225736d237
1 changed files with 27 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
guacamole/src/main/webapp/app/auth/service/authenticationService.js
View File

@@ -53,6 +53,14 @@ angular.module('auth').factory('authenticationService', ['$injector',
var service = {}; var service = {};
/**
* The most recent authentication result, or null if no authentication
* result is cached.
*
* @type AuthenticationResult
*/
var cachedResult = null;
/** /**
* The unique identifier of the local cookie which stores the result of the * The unique identifier of the local cookie which stores the result of the
* last authentication attempt. * last authentication attempt.
@@ -72,12 +80,17 @@ angular.module('auth').factory('authenticationService', ['$injector',
*/ */
var getAuthenticationResult = function getAuthenticationResult() { var getAuthenticationResult = function getAuthenticationResult() {
// Use cached result, if any
if (cachedResult)
return cachedResult;
// Return explicit null if no auth data is currently stored // Return explicit null if no auth data is currently stored
var data = $cookieStore.get(AUTH_COOKIE_ID); var data = $cookieStore.get(AUTH_COOKIE_ID);
if (!data) if (!data)
return null; return null;
return new AuthenticationResult(data); // Update cache and return retrieved auth result
return (cachedResult = new AuthenticationResult(data));
}; };
@@ -92,12 +105,22 @@ angular.module('auth').factory('authenticationService', ['$injector',
var setAuthenticationResult = function setAuthenticationResult(data) { var setAuthenticationResult = function setAuthenticationResult(data) {
// Clear the currently-stored result if the last attempt failed // Clear the currently-stored result if the last attempt failed
if (!data) if (!data) {
cachedResult = null;
$cookieStore.remove(AUTH_COOKIE_ID); $cookieStore.remove(AUTH_COOKIE_ID);
}
// Otherwise store the authentication attempt directly // Otherwise store the authentication attempt directly
else else {
$cookieStore.put(AUTH_COOKIE_ID, data);
// Always store in cache
cachedResult = data;
// Store cookie ONLY if not anonymous
if (data.username !== AuthenticationResult.ANONYMOUS_USERNAME)
$cookieStore.put(AUTH_COOKIE_ID, data);
}
}; };