fix(auth): permission issue

kangfenmao · Dec 5, 2023 · f362db7 · f362db7
1 parent 1869b83
commit f362db7
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 32 deletions.
diff --git a/backend/api/auth/auth.go b/backend/api/auth/auth.go
@@ -20,9 +20,11 @@ func Auth(c *gin.Context) {
 		return
 	}
 
-	if requestData.Passcode != passcode {
-		c.JSON(http.StatusBadRequest, gin.H{"message": "ePasscode Invalid"})
-		return
+	if passcode != "" {
+		if requestData.Passcode != passcode {
+			c.JSON(http.StatusBadRequest, gin.H{"message": "Passcode Invalid"})
+			return
+		}
 	}
 
 	authScopes := os.Getenv("VORTEXNOTES_AUTH_SCOPE")

diff --git a/backend/api/configuration/configuration.go b/backend/api/configuration/configuration.go
@@ -9,18 +9,22 @@ import (
 func Config(c *gin.Context) {
 	needAuthScopes := os.Getenv("VORTEXNOTES_AUTH_SCOPE")
 	passcode := os.Getenv("VORTEXNOTES_PASSCODE")
-	auth := "none"
+	authType := "none"
 
 	if needAuthScopes == "" {
 		needAuthScopes = "show,create,edit,delete"
 	}
 
 	if passcode != "" {
-		auth = "passcode"
+		authType = "passcode"
+		c.JSON(http.StatusOK, gin.H{
+			"auth_type":  authType,
+			"auth_scope": needAuthScopes,
+		})
+		return
 	}
 
 	c.JSON(http.StatusOK, gin.H{
-		"auth_scope": needAuthScopes,
-		"auth":       auth,
+		"auth_type": authType,
 	})
 }
diff --git a/frontend/src/components/Navbar.tsx b/frontend/src/components/Navbar.tsx
@@ -15,6 +15,7 @@ const Navbar: React.FC<Props> = () => {
   const [theme, setTheme] = useTheme()
 
   const onSearch = search.bind(this, input, navigate)
+  const isPasscodeAuth = localStorage.vortexnotes_auth_type === 'passcode'
 
   useEffect(() => {
     setInput(keywords)
@@ -100,9 +101,6 @@ const Navbar: React.FC<Props> = () => {
             <Link to="/new">
               <button className="flex flex-row items-center ml-5 opacity-60 hover:opacity-80 transition-opacity">
                 <i className="iconfont icon-add-circle text-black dark:text-white text-2xl"></i>
-                <span className="text-black dark:text-white ml-1" style={{ marginTop: '-2px' }}>
-                  New Note
-                </span>
               </button>
             </Link>
           )}
@@ -124,25 +122,29 @@ const Navbar: React.FC<Props> = () => {
                   </div>
                 </Link>
               </li>
-              {!hasPasscode() && (
-                <li>
-                  <Link to="/auth">
-                    <div className="flex flex-row items-center opacity-60">
-                      <i className="iconfont icon-user text-black dark:text-white text-2xl"></i>
-                      <span className="text-black dark:text-white ml-2">Login</span>
-                    </div>
-                  </Link>
-                </li>
-              )}
-              {hasPasscode() && (
-                <li>
-                  <Link to="" onClick={onLogout}>
-                    <div className="flex flex-row items-center opacity-60">
-                      <i className="iconfont icon-logout text-black dark:text-white text-2xl"></i>
-                      <span className="text-black dark:text-white ml-2">Logout</span>
-                    </div>
-                  </Link>
-                </li>
+              {isPasscodeAuth && (
+                <>
+                  {!hasPasscode() && (
+                    <li>
+                      <Link to="/auth">
+                        <div className="flex flex-row items-center opacity-60">
+                          <i className="iconfont icon-user text-black dark:text-white text-2xl"></i>
+                          <span className="text-black dark:text-white ml-2">Login</span>
+                        </div>
+                      </Link>
+                    </li>
+                  )}
+                  {hasPasscode() && (
+                    <li>
+                      <Link to="" onClick={onLogout}>
+                        <div className="flex flex-row items-center opacity-60">
+                          <i className="iconfont icon-logout text-black dark:text-white text-2xl"></i>
+                          <span className="text-black dark:text-white ml-2">Logout</span>
+                        </div>
+                      </Link>
+                    </li>
+                  )}
+                </>
               )}
             </ul>
           </div>

diff --git a/frontend/src/utils/api.ts b/frontend/src/utils/api.ts
@@ -1,6 +1,11 @@
 export async function fetchConfig() {
   const res = await window.$http.get('config')
   const authScopes = res.data?.auth_scope
+  const authType = res.data?.auth_type
+
+  if (authType) {
+    localStorage.vortexnotes_auth_type = authType
+  }
 
   if (authScopes) {
     localStorage.vortexnotes_auth_scope = authScopes

diff --git a/frontend/src/utils/index.ts b/frontend/src/utils/index.ts
@@ -35,9 +35,11 @@ export function onSearch(keywords: string, navigate: NavigateFunction) {
 }
 
 export const hasPermission = (scope: string) => {
-  if (!localStorage.vortexnotes_passcode) {
+  if (localStorage.vortexnotes_auth_type === 'passcode') {
     if (localStorage.vortexnotes_auth_scope?.includes(scope)) {
-      return false
+      if (!localStorage.vortexnotes_passcode) {
+        return false
+      }
     }
   }
 

diff --git a/vortexnotes.run.xml b/vortexnotes.run.xml
@@ -3,7 +3,7 @@
     <module name="vortexnotes" />
     <working_directory value="$PROJECT_DIR$/app" />
     <envs>
-      <env name="VORTEXNOTES_AUTH_SCOPE" value="create,edit,delete" />
+      <env name="VORTEXNOTES_AUTH_SCOPE" value="show,create,edit,delete" />
       <env name="VORTEXNOTES_PASSCODE" value="123456" />
     </envs>
     <kind value="PACKAGE" />