104 lines
3.2 KiB
TypeScript
104 lines
3.2 KiB
TypeScript
import { Injectable } from '@angular/core';
|
|
import { HttpClient } from '@angular/common/http';
|
|
import { BehaviorSubject, Observable } from 'rxjs';
|
|
import { map } from 'rxjs/operators';
|
|
|
|
import { User } from '../core/user';
|
|
import { environment } from '../../environments/environment';
|
|
|
|
const loginUrl = '/token';
|
|
const refreshUrl = '/refresh';
|
|
const JWT_USER = 'JWT_USER';
|
|
|
|
@Injectable({providedIn: 'root'})
|
|
export class AuthService {
|
|
private currentUserSubject: BehaviorSubject<User>;
|
|
public currentUser: Observable<User>;
|
|
|
|
constructor(private http: HttpClient) {
|
|
const existingToken: User = JSON.parse(localStorage.getItem(JWT_USER));
|
|
if (existingToken === null || Date.now() > existingToken.exp * 1000) {
|
|
localStorage.removeItem(JWT_USER);
|
|
this.currentUserSubject = new BehaviorSubject<User>(null);
|
|
} else {
|
|
this.currentUserSubject = new BehaviorSubject<User>(existingToken);
|
|
}
|
|
this.currentUser = this.currentUserSubject.asObservable();
|
|
}
|
|
|
|
public get user(): User {
|
|
const val = this.currentUserSubject.value;
|
|
if (val == null) {
|
|
return val;
|
|
}
|
|
const expired = Date.now() > val.exp * 1000;
|
|
if (expired) {
|
|
this.logout();
|
|
return null;
|
|
} else {
|
|
return this.currentUserSubject.value;
|
|
}
|
|
}
|
|
|
|
login(username: string, password: string, otp: string) {
|
|
const formData: FormData = new FormData();
|
|
formData.append('username', username);
|
|
formData.append('password', password);
|
|
formData.append('otp', otp);
|
|
formData.append('grant_type', 'password');
|
|
return this.http.post<any>(loginUrl, formData)
|
|
.pipe(map(u => u.access_token))
|
|
.pipe(map(u => this.parseJwt(u)))
|
|
.pipe(map(user => {
|
|
// store user details and jwt token in local storage to keep user logged in between page refreshes
|
|
localStorage.setItem(JWT_USER, JSON.stringify(user));
|
|
this.currentUserSubject.next(user);
|
|
return user;
|
|
}));
|
|
}
|
|
|
|
parseJwt(token): User {
|
|
const base64Url = token.split('.')[1];
|
|
const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
|
|
const jsonPayload = decodeURIComponent(atob(base64).split('').map(function (c) {
|
|
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
|
|
}).join(''));
|
|
|
|
const decoded = JSON.parse(jsonPayload);
|
|
return new User({
|
|
id: decoded.userId,
|
|
name: decoded.sub,
|
|
lockedOut: decoded.lockedOut,
|
|
perms: decoded.scopes,
|
|
access_token: token,
|
|
exp: decoded.exp
|
|
});
|
|
}
|
|
|
|
needsRefreshing(): boolean {
|
|
return Date.now() > (this.user.exp - (environment.ACCESS_TOKEN_REFRESH_MINUTES * 60)) * 1000;
|
|
}
|
|
|
|
expired(): boolean {
|
|
return Date.now() > this.user.exp * 1000;
|
|
}
|
|
|
|
logout() {
|
|
// remove user from local storage to log user out
|
|
localStorage.removeItem(JWT_USER);
|
|
this.currentUserSubject.next(null);
|
|
}
|
|
|
|
refreshToken() {
|
|
return this.http.post<any>(refreshUrl, {})
|
|
.pipe(map(u => u.access_token))
|
|
.pipe(map(u => this.parseJwt(u)))
|
|
.pipe(map(user => {
|
|
// store user details and jwt token in local storage to keep user logged in between page refreshes
|
|
localStorage.setItem(JWT_USER, JSON.stringify(user));
|
|
this.currentUserSubject.next(user);
|
|
return user;
|
|
}));
|
|
}
|
|
}
|