sascha
/
Notes
mirror of https://github.com/TriliumNext/Notes
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more complete support for network-less electron frontend-backend communication including protected session

pull/255/head
azivner 2017-11-29 23:30:35 +07:00
parent 8bd76721ad
commit d0a0366b05
7 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app.js
Unescape Escape View File

@ -80,16 +80,24 @@ if (utils.isElectron()) {
req.url = arg.url;
req.method = arg.method;
req.body = arg.data;
req.headers = {};
req.headers = arg.headers;
const res = {
statusCode: 200
};
const res = {};
res.setHeader = function() {
};
res.status = function(statusCode) {
res.statusCode = statusCode;
};
res.send = function(obj) {
event.sender.send('server-response', {
requestId: arg.requestId,
statusCode: res.statusCode,
body: obj
});
};

4
public/javascripts/init.js
Unescape Escape View File

@ -24,13 +24,13 @@ $(document).bind('keydown', 'alt+t', () => {
});
$(document).bind('keydown', 'f5', () => {
window.location.reload(true);
reloadApp();
return false;
});
$(document).bind('keydown', 'ctrl+r', () => {
window.location.reload(true);
reloadApp();
return false;
});

2
public/javascripts/note_tree.js
Unescape Escape View File

@ -625,6 +625,6 @@ const noteTree = (function() {
createNewTopLevelNote,
createNote,
setPrefix,
getNotePathTitle
};
})();

9
public/javascripts/protected_session.js
Unescape Escape View File

@ -10,8 +10,8 @@ const protected_session = (function() {
let protectedSessionTimeout = null;
let protectedSessionId = null;
server.get('settings/all').then(settings => {
protectedSessionTimeout = settings.protected_session_timeout;
$(document).ready(() => {
server.get('settings/all').then(settings => protectedSessionTimeout = settings.protected_session_timeout);
});
function setProtectedSessionTimeout(encSessTimeout) {
@ -57,7 +57,6 @@ const protected_session = (function() {
}
protectedSessionId = response.protectedSessionId;
server.initAjax();
dialogEl.dialog("close");
@ -96,11 +95,9 @@ const protected_session = (function() {
function resetProtectedSession() {
protectedSessionId = null;
server.initAjax();
// most secure solution - guarantees nothing remained in memory
// since this expires because user doesn't use the app, it shouldn't be disruptive
window.location.reload(true);
reloadApp();
}
function isProtectedSessionAvailable() {

26
public/javascripts/server.js
Unescape Escape View File

@ -1,10 +1,8 @@
const server = (function() {
function initAjax() {
$.ajaxSetup({
headers: {
'x-protected-session-id': typeof protected_session !== 'undefined' ? protected_session.getProtectedSessionId() : null
}
});
function getHeaders() {
return {
'x-protected-session-id': protected_session.getProtectedSessionId()
};
}
async function get(url) {
@ -34,8 +32,11 @@ const server = (function() {
return new Promise((resolve, reject) => {
reqResolves[requestId] = resolve;
console.log("Request #" + requestId + " to " + method + " " + url);
ipc.send('server-request', {
requestId: requestId,
headers: getHeaders(),
method: method,
url: "/" + baseApiUrl + url,
data: data
@ -51,14 +52,19 @@ const server = (function() {
const ipc = require('electron').ipcRenderer;
ipc.on('server-response', (event, arg) => {
console.log("Response #" + arg.requestId + ": " + arg.statusCode);
reqResolves[arg.requestId](arg.body);
delete reqResolves[arg.requestId];
});
}
async function ajax(url, method, data) {
const options = {
url: baseApiUrl + url,
type: method
type: method,
headers: getHeaders()
};
if (data) {
@ -71,14 +77,10 @@ const server = (function() {
});
}
initAjax();
return {
get,
post,
put,
remove,
initAjax
remove
}
})();

4
public/javascripts/utils.js
Unescape Escape View File

@ -1,5 +1,9 @@
"use strict";
function reloadApp() {
window.location.reload(true);
}
function showMessage(message) {
console.log("message: ", message);

13
services/protected_session.js
Unescape Escape View File

@ -1,12 +1,13 @@
"use strict";
const utils = require('./utils');
const session = {};
function setDataKey(req, decryptedDataKey) {
req.session.decryptedDataKey = Array.from(decryptedDataKey); // can't store buffer in session
req.session.protectedSessionId = utils.randomSecureToken(32);
session.decryptedDataKey = Array.from(decryptedDataKey); // can't store buffer in session
session.protectedSessionId = utils.randomSecureToken(32);
return req.session.protectedSessionId;
return session.protectedSessionId;
}
function getProtectedSessionId(req) {
@ -16,8 +17,8 @@ function getProtectedSessionId(req) {
function getDataKey(req) {
const protectedSessionId = getProtectedSessionId(req);
if (protectedSessionId && req.session.protectedSessionId === protectedSessionId) {
return req.session.decryptedDataKey;
if (protectedSessionId && session.protectedSessionId === protectedSessionId) {
return session.decryptedDataKey;
}
else {
return null;
@ -27,7 +28,7 @@ function getDataKey(req) {
function isProtectedSessionAvailable(req) {
const protectedSessionId = getProtectedSessionId(req);
return protectedSessionId && req.session.protectedSessionId === protectedSessionId;
return protectedSessionId && session.protectedSessionId === protectedSessionId;
}
module.exports = {