Merge remote-tracking branch 'wwwallet/master' into remove-issuer-sta…

…te-injection
wwWallet · Apr 3, 2024 · 859024b · 859024b
2 parents 1f76ae1 + 1bd050c
commit 859024b
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 12 deletions.
diff --git a/public/js/login.js b/public/js/login.js
@@ -17,6 +17,15 @@ if(urlParams.get('network-error')) {
 	popupAlert('network-error');
 }
 
+const validCredentials = [
+	{ username: 'user1', password: 'secret' },
+	{ username: 'user2', password: 'secret' },
+];
+function isValidCredentials(username, password) {
+	return validCredentials.some(cred => cred.username === username && cred.password === password);
+}
+
+
 document.forms.login.onsubmit = function(event) {
 
 	const formData = new FormData(document.forms.login);
@@ -36,7 +45,7 @@ document.forms.login.onsubmit = function(event) {
 		popupAlert('invalid-password');
 		return;
 	}
-	if (username !== 'user' || password !== "secret") {
+	if (!isValidCredentials(username, password)) {
 		event.preventDefault();
 		console.log('invalid credentials');
 		popupAlert('invalid-credentials');

diff --git a/src/configuration/authentication/LocalAuthenticationComponent.ts b/src/configuration/authentication/LocalAuthenticationComponent.ts
@@ -15,7 +15,7 @@ export class LocalAuthenticationComponent extends AuthenticationComponent {
 	constructor(
 		override identifier: string,
 		override protectedEndpoint: string,
-		private users = [{ username: "user", password: "secret", taxis_id: "432432432423", ssn: '032429484252432' }, { username: "user2", password: "secret", taxis_id: "432432432423", ssn: "032429484252433" }]
+		private users = [{ username: "user1", password: "secret", taxis_id: "432432432423", ssn: '032429484252432', firstName: 'John', lastName: 'Doe' }, { username: "user2", password: "secret", taxis_id: "432432432424", ssn: "032429484252433", firstName: 'Jane', lastName: 'Duffy' }]
 	) { super(identifier, protectedEndpoint) }
 
 	public override async authenticate(
@@ -56,6 +56,8 @@ export class LocalAuthenticationComponent extends AuthenticationComponent {
 		const usersFound = this.users.filter(u => u.username == username);
 		req.authorizationServerState.ssn = usersFound[0].ssn;
 		req.authorizationServerState.taxis_id = usersFound[0].taxis_id;
+		req.authorizationServerState.firstName = usersFound[0].firstName;
+		req.authorizationServerState.lastName = usersFound[0].lastName;
 		await AppDataSource.getRepository(AuthorizationServerState).save(req.authorizationServerState);
 		return true;
 	}
@@ -80,6 +82,8 @@ export class LocalAuthenticationComponent extends AuthenticationComponent {
 
 			req.authorizationServerState.ssn = usersFound[0].ssn;
 			req.authorizationServerState.taxis_id = usersFound[0].taxis_id;
+			req.authorizationServerState.firstName = usersFound[0].firstName;
+			req.authorizationServerState.lastName = usersFound[0].lastName;
 			await AppDataSource.getRepository(AuthorizationServerState).save(req.authorizationServerState);
 			return res.redirect(this.protectedEndpoint);
 		}

diff --git a/src/configuration/resources/data.ts b/src/configuration/resources/data.ts
@@ -43,15 +43,15 @@ const diplomasRepository: DiplomaEntry[] = [
 	{
 		blueprintID: "75",
 		certificateId: "1233314134",
-		firstName: "John",
-		familyName: "Doe",
+		firstName: "Jane",
+		familyName: "Duffy",
 		title: "Physics",
-		ssn: "032429484252432",
+		ssn: "032429484252433",
 		institutionCode: "uoa",
 		institutionName: "National and Kapodistrian University of Athens",
 		grade: "9.0",
 		level: "6",
-		dateOfBirth: "1990-07-01",
+		dateOfBirth: "19-7-1990",
 		completionDate: "2020-09-01",
 		awardingDate: "2020-06-01",
 	}

diff --git a/src/entities/AuthorizationServerState.entity.ts b/src/entities/AuthorizationServerState.entity.ts
@@ -110,6 +110,11 @@ export class AuthorizationServerState {
 	@Column({ name: "ssn", type: "varchar", nullable: true })
 	ssn?: string;
 
+	@Column({ name: "firstName", type: "varchar", nullable: true })
+	firstName?: string;
+
+	@Column({ name: "lastName", type: "varchar", nullable: true })
+	lastName?: string;
 
 	/**
 	 * this state random string will be used in order to expect a vid on a direct_post endpoint

diff --git a/views/issuer/personal-info.pug b/views/issuer/personal-info.pug
@@ -7,12 +7,14 @@ block layout-content
 			p #{locale.personalInfo.subtitle}
 			table.info-table.striped
 				tbody
-					tr
-						td #[strong #{locale.personalInfo.firstName}]
-						td John
-					tr
-						td #[strong #{locale.personalInfo.lastName}]
-						td Doe
+					if info.firstName
+						tr
+							td #[strong #{locale.personalInfo.firstName}]
+							td #{info.firstName}
+					if info.lastName
+						tr
+							td #[strong #{locale.personalInfo.lastName}]
+							td #{info.lastName}
 					tr
 						td #[strong #{locale.personalInfo.ssn}]
 						td #{info.ssn}