Fix #27

8 years ago · 2b23263613
9 changed files with 55 additions and 36 deletions
--- a/handlers/auth.go
+++ b/handlers/auth.go
@ -26,14 +26,7 @@ type jwtClaims struct {
 type oAuthUser struct {
 	Sub     string `json:"sub"`
 	Name    string `json:"name"`
-	GivenName     string `json:"given_name"`
-	FamilyName    string `json:"family_name"`
-	Profile       string `json:"profile"`
 	Picture string `json:"picture"`
-	Email         string `json:"email"`
-	EmailVerified bool   `json:"email_verified"`
-	Gender        string `json:"gender"`
-	Hd            string `json:"hd"`
 }

 type checkResponse struct {
@ -68,7 +61,6 @@ func (h *Handler) handleGoogleRedirect(c *gin.Context) {
 }

 func (h *Handler) authMiddleware(c *gin.Context) {
-
 	authError := func() error {
 		authHeader := c.GetHeader("Authorization")
 		if authHeader == "" {
@ -83,6 +75,7 @@ func (h *Handler) authMiddleware(c *gin.Context) {
 		if !token.Valid {
 			return errors.New("token is not valid")
 		}
+		c.Set("user", token.Claims)
 		return nil
 	}()
 	if authError != nil {
--- a/handlers/public.go
+++ b/handlers/public.go
@ -27,7 +27,13 @@ func (h *Handler) handleInfo(c *gin.Context) {
 		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
 		return
 	}
-	entry.RemoteAddr = ""
+	user := c.MustGet("user").(*jwtClaims)
+	if entry.OAuthID != user.OAuthID || entry.OAuthProvider != user.OAuthProvider {
+		c.JSON(http.StatusOK, store.Entry{
+			URL: entry.URL,
+		})
+		return
+	}
 	c.JSON(http.StatusOK, entry)
 }

@ -58,8 +64,8 @@ func (h *Handler) handleCreate(c *gin.Context) {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
 	}
-
-	id, err := h.store.CreateEntry(data.URL, c.ClientIP())
+	user := c.MustGet("user").(*jwtClaims)
+	id, err := h.store.CreateEntry(data.URL, c.ClientIP(), user.OAuthProvider, user.OAuthID)
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
--- a/handlers/tmpls/token.tmpl
+++ b/handlers/tmpls/token.tmpl
@ -7,11 +7,7 @@
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>You will be redirected</title>
    <script>
-        window.opener.dispatchEvent(new CustomEvent('onAuthCallback', {
-            detail: {
-                token: {{ .token }}
-            }
-        }));
+        window.opener.postMessage({{ .token }}, window.location.origin)
        window.close();
    </script>
 </head>
--- a/static/src/About/About.js
+++ b/static/src/About/About.js
@ -1,7 +1,7 @@
 import React, { Component } from 'react'
 import { Container } from 'semantic-ui-react'

-export default class AppComponent extends Component {
+export default class AboutComponent extends Component {
    render() {
        return (
            <Container >
--- a/static/src/Lookup/Lookup.js
+++ b/static/src/Lookup/Lookup.js
@ -0,0 +1,17 @@
+import React, { Component } from 'react'
+import { Segment, Header, Form, Input } from 'semantic-ui-react'
+
+export default class LookupComponent extends Component {
+    render() {
+        return (
+            <Segment raised>
+                <Header size='huge'>URL Lookup</Header>
+                <Form onSubmit={this.handleURLSubmit} autoComplete="off">
+                    <Form.Field>
+                        <Input required size='big' ref={input => this.urlInput = input} action={{ icon: 'arrow right', labelPosition: 'right', content: 'Lookup' }} type='url' onChange={this.handleURLChange} name='url' placeholder={window.location.origin+"/..."} />
+                    </Form.Field>
+                </Form>
+            </Segment>
+        )
+    }
+};
--- a/static/src/index.js
+++ b/static/src/index.js
@ -7,6 +7,7 @@ import 'semantic-ui-css/semantic.min.css';
 import About from './About/About'
 import Home from './Home/Home'
 import ShareX from './ShareX/ShareX'
+import Lookup from './Lookup/Lookup'

 export default class BaseComponent extends Component {
    state = {
@ -51,13 +52,15 @@ export default class BaseComponent extends Component {
    }

    onAuthCallback = data => {
+        if (data.isTrusted) {
            // clear the old event listener, so that the event can only emitted be once
-        window.removeEventListener('onAuthCallback', this.onAuthCallback);
-        window.localStorage.setItem('token', data.detail.token);
+            window.removeEventListener('message', this.onAuthCallback);
+            window.localStorage.setItem('token', data.data);
            this.checkAuth();
        }
+    }
    onAuthClick = () => {
-        window.addEventListener('onAuthCallback', this.onAuthCallback, false);
+        window.addEventListener('message', this.onAuthCallback, false);
        // Open the oAuth window that is it centered in the middle of the screen
        var wwidth = 400,
            wHeight = 500;
@ -120,6 +123,7 @@ export default class BaseComponent extends Component {
                    <Route exact path="/" component={Home} />
                    <Route path="/about" component={About} />
                    <Route path="/ShareX" component={ShareX} />
+                    <Route path="/Lookup" component={Lookup} />
                </Container>
            </HashRouter>
        )
--- a/store/store.go
+++ b/store/store.go
@ -26,6 +26,7 @@ type Entry struct {
 	URL                    string
 	VisitCount             int
 	RemoteAddr             string `json:",omitempty"`
+	OAuthProvider, OAuthID string
 	CreatedOn, LastVisit   time.Time
 }

@ -113,13 +114,13 @@ func (s *Store) GetEntryByIDRaw(id string) ([]byte, error) {
 }

 // CreateEntry creates a new record and returns his short id
-func (s *Store) CreateEntry(URL, remoteAddr string) (string, error) {
+func (s *Store) CreateEntry(URL, remoteAddr, oAuthProvider, oAuthID string) (string, error) {
 	if !govalidator.IsURL(URL) {
 		return "", ErrNoValidURL
 	}
 	// try it 10 times to make a short URL
 	for i := 1; i <= 10; i++ {
-		id, err := s.createEntry(URL, remoteAddr)
+		id, err := s.createEntry(URL, remoteAddr, oAuthProvider, oAuthID)
 		if err != nil {
 			s.log.Debugf("Could not create entry: %v", err)
 			continue
--- a/store/util.go
+++ b/store/util.go
@ -41,7 +41,7 @@ func (s *Store) createEntryRaw(key, value []byte) error {
 }

 // createEntry creates a new entry
-func (s *Store) createEntry(URL, remoteAddr string) (string, error) {
+func (s *Store) createEntry(URL, remoteAddr, oAuthProvider, oAuthID string) (string, error) {
 	id, err := generateRandomString(s.idLength)
 	if err != nil {
 		return "", errors.Wrap(err, "could not generate random string")
@ -52,6 +52,8 @@ func (s *Store) createEntry(URL, remoteAddr string) (string, error) {
 			URL:           URL,
 			RemoteAddr:    remoteAddr,
 			CreatedOn:     time.Now(),
+			OAuthProvider: oAuthProvider,
+			OAuthID:       oAuthID,
 		})
 		if err != nil {
 			return "", err