From 42dcfb9661577cd35183b89dde8ce77d0f63994e Mon Sep 17 00:00:00 2001 From: ansuz Date: Fri, 5 May 2017 18:25:55 +0200 Subject: [PATCH] unceremoniously kick web clients when you 'log out everywhere' --- www/common/fsStore.js | 11 +++++++++-- www/settings/main.js | 3 ++- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/www/common/fsStore.js b/www/common/fsStore.js index 623152a35..1be9e797f 100644 --- a/www/common/fsStore.js +++ b/www/common/fsStore.js @@ -153,7 +153,7 @@ define([ f(void 0, store); } - var requestLogin = function (Cryptpad) { + var requestLogin = function () { // log out so that you don't go into an endless loop... Cryptpad.logout(); @@ -162,11 +162,11 @@ define([ window.location.href = '/login/'; }; + var tokenKey = 'loginToken'; if (Cryptpad.isLoggedIn()) { /* This isn't truly secure, since anyone who can read the user's object can set their local loginToken to match that in the object. However, it exposes a UI that will work most of the time. */ - var tokenKey = 'loginToken'; // every user object should have a persistent, random number if (typeof(proxy.loginToken) !== 'number') { @@ -203,6 +203,13 @@ define([ if (typeof(n) !== "string") { return; } Cryptpad.changeDisplayName(n); }); + proxy.on('change', [tokenKey], function () { + console.log('wut'); + var localToken = tryParsing(localStorage.getItem(tokenKey)); + if (localToken !== proxy[tokenKey]) { + return void requestLogin(); + } + }); }; var initialized = false; diff --git a/www/settings/main.js b/www/settings/main.js index 1e79371fd..7abff2e85 100644 --- a/www/settings/main.js +++ b/www/settings/main.js @@ -273,8 +273,9 @@ define([ $spinner.show(); $ok.hide(); - var token = proxy.loginToken = Math.floor(Math.random()*Number.MAX_SAFE_INTEGER); + var token = Math.floor(Math.random()*Number.MAX_SAFE_INTEGER); localStorage.setItem('loginToken', token); + proxy.loginToken = token; Cryptpad.whenRealtimeSyncs(realtime, function () { $spinner.hide();