From 7580e544feb302a813dcdf7c647afcdcdeea97bd Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Fri, 30 Dec 2022 03:52:21 -0800 Subject: [PATCH 1/5] Lock down unauth authentication Fixes #97 --- components/UncapIndicator/index.tsx | 2 +- components/UncapStar/index.tsx | 2 +- components/WeaponGrid/index.tsx | 13 ++++++++++--- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/components/UncapIndicator/index.tsx b/components/UncapIndicator/index.tsx index 296e85da..b8ab47ec 100644 --- a/components/UncapIndicator/index.tsx +++ b/components/UncapIndicator/index.tsx @@ -1,4 +1,4 @@ -import React, { useEffect } from 'react' +import React from 'react' import UncapStar from '~components/UncapStar' import './index.scss' diff --git a/components/UncapStar/index.tsx b/components/UncapStar/index.tsx index 78510fad..9b0969f7 100644 --- a/components/UncapStar/index.tsx +++ b/components/UncapStar/index.tsx @@ -1,4 +1,4 @@ -import React, { useEffect } from 'react' +import React from 'react' import classnames from 'classnames' import './index.scss' diff --git a/components/WeaponGrid/index.tsx b/components/WeaponGrid/index.tsx index d5e337f7..83d8aad0 100644 --- a/components/WeaponGrid/index.tsx +++ b/components/WeaponGrid/index.tsx @@ -18,6 +18,7 @@ import type { SearchableObject } from '~types' import './index.scss' import WeaponConflictModal from '~components/WeaponConflictModal' import Alert from '~components/Alert' +import { accountState } from '~utils/accountState' // Props interface Props { @@ -230,10 +231,16 @@ const WeaponGrid = (props: Props) => { position: number, uncapLevel: number ) { - memoizeAction(id, position, uncapLevel) + if ( + party.user && + accountState.account.user && + party.user.id === accountState.account.user.id + ) { + memoizeAction(id, position, uncapLevel) - // Optimistically update UI - updateUncapLevel(position, uncapLevel) + // Optimistically update UI + updateUncapLevel(position, uncapLevel) + } } const memoizeAction = useCallback( From 8c952a57f5f172805b11e773d1ce8446d33325d3 Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Fri, 30 Dec 2022 05:18:14 -0800 Subject: [PATCH 2/5] Condense createParty into one method call --- components/Party/index.tsx | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/components/Party/index.tsx b/components/Party/index.tsx index 05fb6547..35c8499f 100644 --- a/components/Party/index.tsx +++ b/components/Party/index.tsx @@ -41,13 +41,11 @@ const Party = (props: Props) => { // Methods: Creating a new party async function createParty(extra: boolean = false) { - let body = { + return await api.endpoints.parties.create({ party: { extra: extra, }, - } - - return await api.endpoints.parties.create(body) + }) } // Methods: Updating the party's details From 18a998b1ed924c61550b6fae8bf02d313b057105 Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Fri, 30 Dec 2022 05:18:40 -0800 Subject: [PATCH 3/5] Remove logs and unused dependencies --- components/CharacterGrid/index.tsx | 1 - components/LoginModal/index.tsx | 6 +----- components/SignupModal/index.tsx | 5 ++--- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/components/CharacterGrid/index.tsx b/components/CharacterGrid/index.tsx index 2f009a63..cc76d550 100644 --- a/components/CharacterGrid/index.tsx +++ b/components/CharacterGrid/index.tsx @@ -234,7 +234,6 @@ const CharacterGrid = (props: Props) => { } skills to your party at once.` setErrorMessage(message) } - console.log(error.response.data) }) } } diff --git a/components/LoginModal/index.tsx b/components/LoginModal/index.tsx index 3da83c0d..0ad5a49b 100644 --- a/components/LoginModal/index.tsx +++ b/components/LoginModal/index.tsx @@ -1,6 +1,6 @@ import React, { useState } from 'react' import { setCookie } from 'cookies-next' -import Router, { useRouter } from 'next/router' +import { useRouter } from 'next/router' import { useTranslation } from 'react-i18next' import axios, { AxiosError, AxiosResponse } from 'axios' @@ -86,8 +86,6 @@ const LoginModal = () => { (error) => error.length > 0 && (valid = false) ) - console.log(errors) - return valid } @@ -110,8 +108,6 @@ const LoginModal = () => { .then((id) => fetchUserInfo(id)) .then((infoResponse) => storeUserInfo(infoResponse)) .catch((error: Error | AxiosError) => { - console.log(error) - if (axios.isAxiosError(error)) { const response = error?.response if (response && response.data.error === 'invalid_grant') { diff --git a/components/SignupModal/index.tsx b/components/SignupModal/index.tsx index 87b19bca..8288d4a7 100644 --- a/components/SignupModal/index.tsx +++ b/components/SignupModal/index.tsx @@ -1,8 +1,7 @@ -import React, { useEffect, useState } from 'react' -import Link from 'next/link' +import React, { useState } from 'react' import { setCookie } from 'cookies-next' import { useRouter } from 'next/router' -import { Trans, useTranslation } from 'next-i18next' +import { useTranslation } from 'next-i18next' import { AxiosResponse } from 'axios' import api from '~utils/api' From ba025b8fd85ed8e9f8f40452bf2f05c52cb123a0 Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Fri, 30 Dec 2022 05:19:12 -0800 Subject: [PATCH 4/5] Set user token after login and signup --- components/LoginModal/index.tsx | 4 ++++ components/SignupModal/index.tsx | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/components/LoginModal/index.tsx b/components/LoginModal/index.tsx index 0ad5a49b..02753844 100644 --- a/components/LoginModal/index.tsx +++ b/components/LoginModal/index.tsx @@ -5,6 +5,7 @@ import { useTranslation } from 'react-i18next' import axios, { AxiosError, AxiosResponse } from 'axios' import api from '~utils/api' +import setUserToken from '~utils/setUserToken' import { accountState } from '~utils/accountState' import Button from '~components/Button' @@ -137,6 +138,9 @@ const LoginModal = () => { } setCookie('account', cookieObj, { path: '/' }) + + // Set Axios default headers + setUserToken() } function storeUserInfo(response: AxiosResponse) { diff --git a/components/SignupModal/index.tsx b/components/SignupModal/index.tsx index 8288d4a7..505695fa 100644 --- a/components/SignupModal/index.tsx +++ b/components/SignupModal/index.tsx @@ -5,6 +5,7 @@ import { useTranslation } from 'next-i18next' import { AxiosResponse } from 'axios' import api from '~utils/api' +import setUserToken from '~utils/setUserToken' import { accountState } from '~utils/accountState' import Button from '~components/Button' @@ -94,6 +95,9 @@ const SignupModal = (props: Props) => { } setCookie('account', cookieObj, { path: '/' }) + + // Set Axios default headers + setUserToken() } function fetchUserInfo(id: string) { From 1e820f184edd0beba25aab8f2c5430f4a1d8657f Mon Sep 17 00:00:00 2001 From: Justin Edmund Date: Fri, 30 Dec 2022 05:23:44 -0800 Subject: [PATCH 5/5] Force reload after logout This is a much easier and foolproof way to ensure that people can't edit their grid after logging out. --- components/Header/index.tsx | 4 +--- pages/new/index.tsx | 1 - 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/components/Header/index.tsx b/components/Header/index.tsx index 0a7ae764..d1c7250b 100644 --- a/components/Header/index.tsx +++ b/components/Header/index.tsx @@ -78,9 +78,7 @@ const Header = () => { if (key !== 'language') accountState[key] = resetState[key] }) - if (router.route != '/new') appState.party.editable = false - - router.push('/') + router.reload() return false } diff --git a/pages/new/index.tsx b/pages/new/index.tsx index 86645d06..ff174d2e 100644 --- a/pages/new/index.tsx +++ b/pages/new/index.tsx @@ -7,7 +7,6 @@ import Party from '~components/Party' import { appState } from '~utils/appState' import { groupWeaponKeys } from '~utils/groupWeaponKeys' -import generateTitle from '~utils/generateTitle' import organizeRaids from '~utils/organizeRaids' import setUserToken from '~utils/setUserToken' import api from '~utils/api'