hazza/dspace-angular
1
0
Fork 1
mirror of https://github.com/DSpace/dspace-angular.git synced 2025-10-13 04:53:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added x-forwarded-for header to pass server ip check

Browse Source
This commit is contained in:
Giuseppe Digilio
2018-06-28 11:51:52 +02:00
parent 099ebd487f
commit 3126a96554
2 changed files with 14 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/app/core/auth/server-auth.service.ts
View File

@@ -8,6 +8,7 @@ import { isNotEmpty } from '../../shared/empty.util';
import { AuthService } from './auth.service'; import { AuthService } from './auth.service';
import { AuthTokenInfo } from './models/auth-token-info.model'; import { AuthTokenInfo } from './models/auth-token-info.model';
import { CheckAuthenticationTokenAction } from './auth.actions'; import { CheckAuthenticationTokenAction } from './auth.actions';
import { Eperson } from '../eperson/models/eperson.model';
/** /**
* The auth service. * The auth service.
@@ -16,32 +17,29 @@ import { CheckAuthenticationTokenAction } from './auth.actions';
export class ServerAuthService extends AuthService { export class ServerAuthService extends AuthService {
/** /**
* Authenticate the user * Returns the authenticated user
* * @returns {User}
* @param {string} user The user name
* @param {string} password The user's password
* @returns {Observable<User>} The authenticated user observable.
*/ */
public authenticate(user: string, password: string): Observable<AuthStatus> { public authenticatedUser(token: AuthTokenInfo): Observable<Eperson> {
// Attempt authenticating the user using the supplied credentials. // Determine if the user has an existing auth session on the server
const body = encodeURI(`password=${password}&user=${user}`);
const options: HttpOptions = Object.create({}); const options: HttpOptions = Object.create({});
let headers = new HttpHeaders(); let headers = new HttpHeaders();
// NB this could be use to avoid the problem with the authentication is case the UI is rendered by Angular Universal. headers = headers.append('Accept', 'application/json');
const clientIp = this.req.connection.remoteAddress; headers = headers.append('Authorization', `Bearer ${token.accessToken}`);
// NB this is used to pass server client IP check.
const clientIp = this.req.get('x-forwarded-for');
headers = headers.append('X-Forwarded-For', clientIp);
headers = headers.append('Content-Type', 'application/x-www-form-urlencoded');
options.headers = headers; options.headers = headers;
return this.authRequestService.postToEndpoint('login', body, options) return this.authRequestService.getRequest('status', options)
.map((status: AuthStatus) => { .map((status: AuthStatus) => {
if (status.authenticated) { if (status.authenticated) {
return status; return status.eperson[0];
} else { } else {
throw(new Error('Invalid email or password')); throw(new Error('Not authenticated'));
} }
}) });
} }
/** /**

1
src/modules/app/browser-app.module.ts
View File

@@ -17,7 +17,6 @@ import { DSpaceBrowserTransferStateModule } from '../transfer-state/dspace-brows
import { DSpaceTransferState } from '../transfer-state/dspace-transfer-state.service'; import { DSpaceTransferState } from '../transfer-state/dspace-transfer-state.service';
import { ClientCookieService } from '../../app/shared/services/client-cookie.service'; import { ClientCookieService } from '../../app/shared/services/client-cookie.service';
import { CookieService } from '../../app/shared/services/cookie.service'; import { CookieService } from '../../app/shared/services/cookie.service';
import { ServerAuthService } from '../../app/core/auth/server-auth.service';
import { AuthService } from '../../app/core/auth/auth.service'; import { AuthService } from '../../app/core/auth/auth.service';
import { Angulartics2Module } from 'angulartics2'; import { Angulartics2Module } from 'angulartics2';
import { Angulartics2GoogleAnalytics } from 'angulartics2/ga'; import { Angulartics2GoogleAnalytics } from 'angulartics2/ga';