smplify token validation

2025-11-01 22:19:09 +02:00 · 2025-11-01 22:19:09 +02:00 · cef340a679
commit cef340a679
parent b8a0fd9179
3 changed files with 24 additions and 19 deletions
--- a/backend/src/user.py
+++ b/backend/src/user.py
@ -78,10 +78,10 @@ def registerUserEndpoints(app, database):
        data = request.json
        token = data.get('token')
        user_name = data.get('userName')
-        query = "SELECT * FROM sessions WHERE Token=%s AND Name=%s"
+        query = "SELECT * FROM sessions WHERE Token=%s"
        try:
-            result = database.query(query, params=(token, user_name))
+            result = database.query(query, params=(token,))
            app.logger.info(f'Got result: {result}')
-            return jsonify(tokenValid=bool(result)), 200
+            return jsonify(userName=result[0][1], tokenValid=True), 200
        except Exception as e:
            return jsonify(success=False, message=str(e)), 500
--- a/frontend/src/components/InitialSetup.tsx
+++ b/frontend/src/components/InitialSetup.tsx
@ -6,8 +6,8 @@ import { useNotification } from '../NotificationContext';

 const InitialSetup = () => {
    const [cookie, setCookie] = useCookies();
-    const [selectedName, setSelectedName] = useState<string | undefined>(cookie.userName);
-    const [token] = useState<string | undefined>(cookie.apiToken)
+    const [selectedName, setSelectedName] = useState<string | undefined>(undefined);
+    //const [token] = useState<string | undefined>(cookie.apiToken)
    const [isSubmitted, setIsSubmitted] = useState(false);
    const [password, setPassword] = useState('');
    const [isPasswordSet, setIsPasswordSet] = useState(false); // To track if password is set
@ -27,13 +27,14 @@ const InitialSetup = () => {
        checkUserPassword(name);
    };

-    useEffect(() => {
    const validateToken = async () => {
-            const isTokenValid = await validToken(token, selectedName);
+        const isTokenValid = await validToken(cookie.apiToken);
        setIsSubmitted(isTokenValid);
    };
-        if (token !== undefined && selectedName !== undefined) validateToken();
-    }, []); 
+
+    useEffect(() => {
+        if (cookie.apiToken !== undefined) validateToken();
+    }, [cookie.apiToken]); 


    const handlePasswordCreate = async () => {
@ -42,7 +43,7 @@ const InitialSetup = () => {
            notify(message, 'error')
            return
        }
-        setIsSubmitted(true);
+        
    };

    const handleSignIn = async () => {
@ -51,7 +52,7 @@ const InitialSetup = () => {
            notify('Не удалось войти. Может пароль не тот?', 'error')
            return
        }
-        setIsSubmitted(true);
+        validateToken()
    };

    
--- a/frontend/src/utils/fetchUser.tsx
+++ b/frontend/src/utils/fetchUser.tsx
@ -3,7 +3,8 @@ import { API_URL } from '../constants/constants';
 import { hashPassword } from './hashPassword';

 const useFetchUser = () => {
-    const [, setCookie] = useCookies(['apiToken']);
+    const [, setApiCookie] = useCookies(['apiToken']);
+    const [, setUserNameCookie] = useCookies(['userName'])

    const userSet = async (userName: string): Promise<boolean> => {
        try {
@ -41,7 +42,7 @@ const useFetchUser = () => {
            const data = await response.json();

            if (data.success) {
-                setCookie('apiToken', data.token, { path: '/' });
+                setApiCookie('apiToken', data.token, { path: '/' });
                console.log(`Password created for ${userName}`);
                return ''; // Password creation success
            }
@ -70,7 +71,7 @@ const useFetchUser = () => {
            const data = await response.json();

            if (data.token) {
-                setCookie('apiToken', data.token, { path: '/' });
+                setApiCookie('apiToken', data.token, { path: '/' });
                console.log(`User ${userName} signed in.`);
                return true; // Sign-in success
            }
@ -81,7 +82,7 @@ const useFetchUser = () => {
        }
    };

-    const validToken = async (token: string | undefined, userName: string | undefined): Promise<boolean> => {
+    const validToken = async (token: string | undefined): Promise<boolean> => {
        try {
            const response = await fetch(`${API_URL}/login/validateToken`, {
                method: 'POST',
@ -89,14 +90,17 @@ const useFetchUser = () => {
                    'Content-Type': 'application/json',
                },
                body: JSON.stringify({
-                    token,
-                    userName
+                    token
                }),
            });

            if (!response.ok) throw new Error(`HTTP error! status: ${response.status}`);
            const data = await response.json();

+            if (!data.userName) throw new Error(`Could not retrieve userName from token`);
+
+            setUserNameCookie('userName', data.userName, { path: '/' });
+
            return data.tokenValid
        } catch (error) {
            console.error('Error validating token:', error);