-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.js
96 lines (80 loc) · 2.84 KB
/
login.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import auth0 from 'auth0-js';
import Bluebird from 'bluebird';
import { scheduleRenewal, clearRenewalTimer, renewToken, logout } from './webAuth';
export const requestedScopes = 'openid profile email create:characters delete:characters create:games delete:games create:posts delete:posts view:gamelabels';
const hostedAuth = new auth0.WebAuth({
domain: process.env.REACT_APP_AUTH0_DOMAIN,
clientID: process.env.REACT_APP_AUTH0_CLIENT_ID,
redirectUri: process.env.REACT_APP_AUTH0_REDIRECT_URI,
audience: process.env.REACT_APP_AUTH0_AUDIENCE,
responseType: 'token id_token',
scope: requestedScopes
});
export function showLogin() {
hostedAuth.authorize();
}
export function processLockCallback() {
hostedAuth.parseHash((err, authResult) => {
if (authResult && authResult.accessToken && authResult.idToken) {
setSession(authResult);
} else if (err) {
console.log('lock error', err);
}
});
}
export function processAuth() {
return Bluebird.try(() => {
if (isAuthenticated()) {
return getAccessToken();
} else {
return renewToken()
.then(res => res.accessToken);
}
})
.tap(() => scheduleRenewal());
}
export function setSession(authResult) {
// Set the time that the access token will expire at
let expiresAt = JSON.stringify((authResult.expiresIn * 1000) + new Date().getTime());
// scope attribute will be empty of all scopes are returned, so use scopes defined here to store in browser
const scopes = authResult.scope || requestedScopes || '';
// Roles claim is namespaced but not unique between environments (tenants)
const roles = authResult.idTokenPayload['https://forgingadventures.com/claims/roles'];
localStorage.setItem('access_token', authResult.accessToken);
localStorage.setItem('id_token', authResult.idToken);
localStorage.setItem('expires_at', expiresAt);
localStorage.setItem('scopes', JSON.stringify(scopes));
localStorage.setItem('roles', JSON.stringify(roles));
}
export function isAuthenticated() {
// Check whether the current time is past the
// access token's expiry time
let expiresAt = getAccessTokenExpiresAt();
return new Date().getTime() < expiresAt;
}
export function getAccessToken() {
return localStorage.getItem('access_token');
}
export function getAuthorizationHeader() {
if (isAuthenticated()) {
const token = getAccessToken();
if (token) {
return {
Authorization: `Bearer ${token}`
};
}
}
}
export function getAccessTokenExpiresAt() {
return JSON.parse(localStorage.getItem('expires_at'));
}
export function authLogout() {
// Clear access token and ID token from local storage
localStorage.removeItem('access_token');
localStorage.removeItem('id_token');
localStorage.removeItem('expires_at');
localStorage.removeItem('scopes');
localStorage.removeItem('roles');
clearRenewalTimer();
logout();
}