From cef340a6790fa30d5b37282c66898dacde728513 Mon Sep 17 00:00:00 2001
From: tylen <tylen@vm-personal.com>
Date: Sat, 1 Nov 2025 22:19:09 +0200
Subject: [PATCH] smplify token validation

---
 backend/src/user.py                      |  6 +++---
 frontend/src/components/InitialSetup.tsx | 21 +++++++++++----------
 frontend/src/utils/fetchUser.tsx         | 16 ++++++++++------
 3 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/backend/src/user.py b/backend/src/user.py
index d123a18..2b85c48 100644
--- a/backend/src/user.py
+++ b/backend/src/user.py
@@ -78,10 +78,10 @@ def registerUserEndpoints(app, database):
         data = request.json
         token = data.get('token')
         user_name = data.get('userName')
-        query = "SELECT * FROM sessions WHERE Token=%s AND Name=%s"
+        query = "SELECT * FROM sessions WHERE Token=%s"
         try:
-            result = database.query(query, params=(token, user_name))
+            result = database.query(query, params=(token,))
             app.logger.info(f'Got result: {result}')
-            return jsonify(tokenValid=bool(result)), 200
+            return jsonify(userName=result[0][1], tokenValid=True), 200
         except Exception as e:
             return jsonify(success=False, message=str(e)), 500
diff --git a/frontend/src/components/InitialSetup.tsx b/frontend/src/components/InitialSetup.tsx
index c7a74d3..997162f 100644
--- a/frontend/src/components/InitialSetup.tsx
+++ b/frontend/src/components/InitialSetup.tsx
@@ -6,8 +6,8 @@ import { useNotification } from '../NotificationContext';
 
 const InitialSetup = () => {
     const [cookie, setCookie] = useCookies();
-    const [selectedName, setSelectedName] = useState<string | undefined>(cookie.userName);
-    const [token] = useState<string | undefined>(cookie.apiToken)
+    const [selectedName, setSelectedName] = useState<string | undefined>(undefined);
+    //const [token] = useState<string | undefined>(cookie.apiToken)
     const [isSubmitted, setIsSubmitted] = useState(false);
     const [password, setPassword] = useState('');
     const [isPasswordSet, setIsPasswordSet] = useState(false); // To track if password is set
@@ -27,13 +27,14 @@ const InitialSetup = () => {
         checkUserPassword(name);
     };
 
+    const validateToken = async () => {
+        const isTokenValid = await validToken(cookie.apiToken);
+        setIsSubmitted(isTokenValid);
+    };
+
     useEffect(() => {
-        const validateToken = async () => {
-            const isTokenValid = await validToken(token, selectedName);
-            setIsSubmitted(isTokenValid);
-        };
-        if (token !== undefined && selectedName !== undefined) validateToken();
-    }, []); 
+        if (cookie.apiToken !== undefined) validateToken();
+    }, [cookie.apiToken]); 
 
 
     const handlePasswordCreate = async () => {
@@ -42,7 +43,7 @@ const InitialSetup = () => {
             notify(message, 'error')
             return
         }
-        setIsSubmitted(true);
+        
     };
 
     const handleSignIn = async () => {
@@ -51,7 +52,7 @@ const InitialSetup = () => {
             notify('Не удалось войти. Может пароль не тот?', 'error')
             return
         }
-        setIsSubmitted(true);
+        validateToken()
     };
 
     
diff --git a/frontend/src/utils/fetchUser.tsx b/frontend/src/utils/fetchUser.tsx
index 832e52e..5b8c8a1 100644
--- a/frontend/src/utils/fetchUser.tsx
+++ b/frontend/src/utils/fetchUser.tsx
@@ -3,7 +3,8 @@ import { API_URL } from '../constants/constants';
 import { hashPassword } from './hashPassword';
 
 const useFetchUser = () => {
-    const [, setCookie] = useCookies(['apiToken']);
+    const [, setApiCookie] = useCookies(['apiToken']);
+    const [, setUserNameCookie] = useCookies(['userName'])
 
     const userSet = async (userName: string): Promise<boolean> => {
         try {
@@ -41,7 +42,7 @@ const useFetchUser = () => {
             const data = await response.json();
 
             if (data.success) {
-                setCookie('apiToken', data.token, { path: '/' });
+                setApiCookie('apiToken', data.token, { path: '/' });
                 console.log(`Password created for ${userName}`);
                 return ''; // Password creation success
             }
@@ -70,7 +71,7 @@ const useFetchUser = () => {
             const data = await response.json();
 
             if (data.token) {
-                setCookie('apiToken', data.token, { path: '/' });
+                setApiCookie('apiToken', data.token, { path: '/' });
                 console.log(`User ${userName} signed in.`);
                 return true; // Sign-in success
             }
@@ -81,7 +82,7 @@ const useFetchUser = () => {
         }
     };
 
-    const validToken = async (token: string | undefined, userName: string | undefined): Promise<boolean> => {
+    const validToken = async (token: string | undefined): Promise<boolean> => {
         try {
             const response = await fetch(`${API_URL}/login/validateToken`, {
                 method: 'POST',
@@ -89,14 +90,17 @@ const useFetchUser = () => {
                     'Content-Type': 'application/json',
                 },
                 body: JSON.stringify({
-                    token,
-                    userName
+                    token
                 }),
             });
 
             if (!response.ok) throw new Error(`HTTP error! status: ${response.status}`);
             const data = await response.json();
 
+            if (!data.userName) throw new Error(`Could not retrieve userName from token`);
+
+            setUserNameCookie('userName', data.userName, { path: '/' });
+
             return data.tokenValid
         } catch (error) {
             console.error('Error validating token:', error);