saleor-dashboard/src/auth/AuthProvider.tsx

import { IMessageContext } from "@saleor/components/messages";
import { DEMO_MODE } from "@saleor/config";
import { User } from "@saleor/fragments/types/User";
import useNotifier from "@saleor/hooks/useNotifier";
import { commonMessages } from "@saleor/intl";
import { getMutationStatus } from "@saleor/misc";
import {
  isSupported as isCredentialsManagementAPISupported,
  login as loginWithCredentialsManagementAPI,
  saveCredentials
} from "@saleor/utils/credentialsManagement";
import ApolloClient from "apollo-client";
import React, { useContext, useEffect, useRef, useState } from "react";
import { useApolloClient, useMutation } from "react-apollo";
import { IntlShape, useIntl } from "react-intl";

import { UserContext } from "./";
import {
  tokenAuthMutation,
  tokenRefreshMutation,
  tokenVerifyMutation
} from "./mutations";
import { RefreshToken, RefreshTokenVariables } from "./types/RefreshToken";
import { TokenAuth, TokenAuthVariables } from "./types/TokenAuth";
import { VerifyToken, VerifyTokenVariables } from "./types/VerifyToken";
import {
  displayDemoMessage,
  getTokens,
  removeTokens,
  setAuthToken,
  setTokens
} from "./utils";

const persistToken = false;

export function useAuthProvider(
  intl: IntlShape,
  notify: IMessageContext,
  apolloClient: ApolloClient<any>
) {
  const [userContext, setUserContext] = useState<undefined | User>(undefined);
  const autologinPromise = useRef<Promise<any>>();
  const refreshPromise = useRef<Promise<boolean>>();

  useEffect(() => {
    const token = getTokens().auth;
    if (!!token && !userContext) {
      autologinPromise.current = tokenVerify({ variables: { token } });
    } else {
      autologinPromise.current = loginWithCredentialsManagementAPI(login);
    }
  }, []);

  useEffect(() => {
    if (userContext && !userContext.isStaff) {
      logout();
      notify({
        status: "error",
        text: intl.formatMessage(commonMessages.unauthorizedDashboardAccess),
        title: intl.formatMessage(commonMessages.insufficientPermissions)
      });
    }
  }, [userContext]);

  const logout = () => {
    setUserContext(undefined);
    if (isCredentialsManagementAPISupported) {
      navigator.credentials.preventSilentAccess();
    }
    removeTokens();
  };

  const [tokenAuth, tokenAuthResult] = useMutation<
    TokenAuth,
    TokenAuthVariables
  >(tokenAuthMutation, {
    client: apolloClient,
    onCompleted: ({ tokenCreate }) => {
      if (tokenCreate.errors.length > 0) {
        logout();
      }

      const user = tokenCreate.user;

      // FIXME: Now we set state also when auth fails and returned user is
      // `null`, because the LoginView uses this `null` to display error.
      setUserContext(user);
      if (user) {
        setTokens(tokenCreate.token, tokenCreate.csrfToken, persistToken);
      }
    },
    onError: logout
  });
  const [tokenRefresh] = useMutation<RefreshToken, RefreshTokenVariables>(
    tokenRefreshMutation,
    {
      client: apolloClient,
      onError: logout
    }
  );
  const [tokenVerify, tokenVerifyResult] = useMutation<
    VerifyToken,
    VerifyTokenVariables
  >(tokenVerifyMutation, {
    client: apolloClient,
    onCompleted: result => {
      if (result.tokenVerify === null) {
        logout();
      } else {
        const user = result.tokenVerify?.user;

        if (!!user) {
          setUserContext(user);
        }
      }
    },
    onError: logout
  });

  const tokenAuthOpts = {
    ...tokenAuthResult,
    status: getMutationStatus(tokenAuthResult)
  };
  const tokenVerifyOpts = {
    ...tokenVerifyResult,
    status: getMutationStatus(tokenVerifyResult)
  };

  const onLogin = () => {
    if (DEMO_MODE) {
      displayDemoMessage(intl, notify);
    }
  };

  const login = async (email: string, password: string) => {
    const result = await tokenAuth({ variables: { email, password } });

    if (result && !result.data.tokenCreate.errors.length) {
      if (!!onLogin) {
        onLogin();
      }
      saveCredentials(result.data.tokenCreate.user, password);

      return result.data.tokenCreate.user;
    }

    return null;
  };

  const loginByToken = (auth: string, refresh: string, user: User) => {
    setUserContext(user);
    setTokens(auth, refresh, persistToken);
  };

  const refreshToken = (): Promise<boolean> => {
    if (!!refreshPromise.current) {
      return refreshPromise.current;
    }

    return new Promise(resolve => {
      const token = getTokens().refresh;

      return tokenRefresh({ variables: { token } }).then(refreshData => {
        if (!!refreshData.data.tokenRefresh?.token) {
          setAuthToken(refreshData.data.tokenRefresh.token, persistToken);
          return resolve(true);
        }

        return resolve(false);
      });
    });
  };

  return {
    autologinPromise,
    login,
    loginByToken,
    logout,
    refreshToken,
    tokenAuthOpts,
    tokenVerifyOpts,
    userContext
  };
}

interface AuthProviderProps {
  children: React.ReactNode;
}

const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {
  const apolloClient = useApolloClient();
  const intl = useIntl();
  const notify = useNotifier();

  const {
    login,
    loginByToken,
    logout,
    tokenAuthOpts,
    refreshToken,
    tokenVerifyOpts,
    userContext
  } = useAuthProvider(intl, notify, apolloClient);

  return (
    <UserContext.Provider
      value={{
        login,
        loginByToken,
        logout,
        tokenAuthLoading: tokenAuthOpts.loading,
        tokenRefresh: refreshToken,
        tokenVerifyLoading: tokenVerifyOpts.loading,
        user: userContext
      }}
    >
      {children}
    </UserContext.Provider>
  );
};

export const useAuth = () => {
  const user = useContext(UserContext);
  const isAuthenticated = !!user.user;

  return {
    hasToken: !!getTokens(),
    isAuthenticated,
    tokenAuthLoading: user.tokenAuthLoading,
    tokenVerifyLoading: user.tokenVerifyLoading,
    user: user.user
  };
};

export default AuthProvider;
Separate hook from component 2020-07-20 10:12:14 +00:00			`import { IMessageContext } from "@saleor/components/messages";`
Conditional demo mode 2020-05-25 23:38:52 +00:00			`import { DEMO_MODE } from "@saleor/config";`
Move fragments to avoid circular imports 2020-07-07 10:14:12 +00:00			`import { User } from "@saleor/fragments/types/User";`
Let user know that he's in demo 2019-10-25 12:35:48 +00:00			`import useNotifier from "@saleor/hooks/useNotifier";`
Saleor 2067 - Guard against non-staff users logging in (#947) * Guard against non-staff users logging in * Scope channel permissions * Update changelog * Update tests 2021-01-18 11:19:04 +00:00			`import { commonMessages } from "@saleor/intl";`
Fix logout 2020-07-20 09:46:59 +00:00			`import { getMutationStatus } from "@saleor/misc";`
Add a thin layer of abstraction 2019-09-06 15:30:33 +00:00			`import {`
			`isSupported as isCredentialsManagementAPISupported,`
			`login as loginWithCredentialsManagementAPI,`
			`saveCredentials`
			`} from "@saleor/utils/credentialsManagement";`
Separate hook from component 2020-07-20 10:12:14 +00:00			`import ApolloClient from "apollo-client";`
Add tests to auth 2020-07-21 13:55:50 +00:00			`import React, { useContext, useEffect, useRef, useState } from "react";`
Separate hook from component 2020-07-20 10:12:14 +00:00			`import { useApolloClient, useMutation } from "react-apollo";`
			`import { IntlShape, useIntl } from "react-intl";`
Add circleci config and enhance our linters (#519) * Add circleci config * Season linting config * Apply code style 2020-05-14 09:30:32 +00:00
			`import { UserContext } from "./";`
Handle session expiration 2020-05-07 11:04:15 +00:00			`import {`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`tokenAuthMutation,`
			`tokenRefreshMutation,`
			`tokenVerifyMutation`
Handle session expiration 2020-05-07 11:04:15 +00:00			`} from "./mutations";`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`import { RefreshToken, RefreshTokenVariables } from "./types/RefreshToken";`
			`import { TokenAuth, TokenAuthVariables } from "./types/TokenAuth";`
			`import { VerifyToken, VerifyTokenVariables } from "./types/VerifyToken";`
Conditional demo mode 2020-05-25 23:38:52 +00:00			`import {`
			`displayDemoMessage,`
Handle token refreshing 2020-07-23 13:37:39 +00:00			`getTokens,`
			`removeTokens,`
			`setAuthToken,`
			`setTokens`
Conditional demo mode 2020-05-25 23:38:52 +00:00			`} from "./utils";`
Initial commit 2019-06-19 14:40:52 +00:00
Fix logout 2020-07-20 09:46:59 +00:00			`const persistToken = false;`

Add tests to auth 2020-07-21 13:55:50 +00:00			`export function useAuthProvider(`
Separate hook from component 2020-07-20 10:12:14 +00:00			`intl: IntlShape,`
			`notify: IMessageContext,`
			`apolloClient: ApolloClient<any>`
			`) {`
Fix logout 2020-07-20 09:46:59 +00:00			`const [userContext, setUserContext] = useState<undefined \| User>(undefined);`
Add tests to auth 2020-07-21 13:55:50 +00:00			`const autologinPromise = useRef<Promise<any>>();`
Handle token refreshing 2020-07-23 13:37:39 +00:00			`const refreshPromise = useRef<Promise<boolean>>();`
Fix logout 2020-07-20 09:46:59 +00:00
Saleor 2067 - Guard against non-staff users logging in (#947) * Guard against non-staff users logging in * Scope channel permissions * Update changelog * Update tests 2021-01-18 11:19:04 +00:00			`useEffect(() => {`
			`const token = getTokens().auth;`
			`if (!!token && !userContext) {`
			`autologinPromise.current = tokenVerify({ variables: { token } });`
			`} else {`
			`autologinPromise.current = loginWithCredentialsManagementAPI(login);`
			`}`
			`}, []);`

			`useEffect(() => {`
			`if (userContext && !userContext.isStaff) {`
			`logout();`
			`notify({`
			`status: "error",`
			`text: intl.formatMessage(commonMessages.unauthorizedDashboardAccess),`
			`title: intl.formatMessage(commonMessages.insufficientPermissions)`
			`});`
			`}`
			`}, [userContext]);`

Fix logout 2020-07-20 09:46:59 +00:00			`const logout = () => {`
			`setUserContext(undefined);`
			`if (isCredentialsManagementAPISupported) {`
			`navigator.credentials.preventSilentAccess();`
			`}`
Handle token refreshing 2020-07-23 13:37:39 +00:00			`removeTokens();`
Fix logout 2020-07-20 09:46:59 +00:00			`};`

use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`const [tokenAuth, tokenAuthResult] = useMutation<`
			`TokenAuth,`
			`TokenAuthVariables`
Fix logout 2020-07-20 09:46:59 +00:00			`>(tokenAuthMutation, {`
Separate hook from component 2020-07-20 10:12:14 +00:00			`client: apolloClient,`
Saleor 2067 - Guard against non-staff users logging in (#947) * Guard against non-staff users logging in * Scope channel permissions * Update changelog * Update tests 2021-01-18 11:19:04 +00:00			`onCompleted: ({ tokenCreate }) => {`
			`if (tokenCreate.errors.length > 0) {`
Fail if user errors 2020-07-20 09:58:39 +00:00			`logout();`
			`}`

Saleor 2067 - Guard against non-staff users logging in (#947) * Guard against non-staff users logging in * Scope channel permissions * Update changelog * Update tests 2021-01-18 11:19:04 +00:00			`const user = tokenCreate.user;`
Fix logout 2020-07-20 09:46:59 +00:00
			`// FIXME: Now we set state also when auth fails and returned user is`
			// `null`, because the LoginView uses this `null` to display error.
			`setUserContext(user);`
			`if (user) {`
Saleor 2067 - Guard against non-staff users logging in (#947) * Guard against non-staff users logging in * Scope channel permissions * Update changelog * Update tests 2021-01-18 11:19:04 +00:00			`setTokens(tokenCreate.token, tokenCreate.csrfToken, persistToken);`
Fix logout 2020-07-20 09:46:59 +00:00			`}`
			`},`
			`onError: logout`
			`});`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`const [tokenRefresh] = useMutation<RefreshToken, RefreshTokenVariables>(`
Fix logout 2020-07-20 09:46:59 +00:00			`tokenRefreshMutation,`
			`{`
Separate hook from component 2020-07-20 10:12:14 +00:00			`client: apolloClient,`
Fix logout 2020-07-20 09:46:59 +00:00			`onError: logout`
			`}`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`);`
			`const [tokenVerify, tokenVerifyResult] = useMutation<`
			`VerifyToken,`
			`VerifyTokenVariables`
Fix logout 2020-07-20 09:46:59 +00:00			`>(tokenVerifyMutation, {`
Separate hook from component 2020-07-20 10:12:14 +00:00			`client: apolloClient,`
Fix logout 2020-07-20 09:46:59 +00:00			`onCompleted: result => {`
			`if (result.tokenVerify === null) {`
			`logout();`
			`} else {`
			`const user = result.tokenVerify?.user;`

			`if (!!user) {`
			`setUserContext(user);`
			`}`
			`}`
			`},`
			`onError: logout`
			`});`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00
			`const tokenAuthOpts = {`
			`...tokenAuthResult,`
			`status: getMutationStatus(tokenAuthResult)`
			`};`
			`const tokenVerifyOpts = {`
			`...tokenVerifyResult,`
			`status: getMutationStatus(tokenVerifyResult)`
			`};`
Refactor AuthProvider 2020-07-13 15:44:02 +00:00
			`const onLogin = () => {`
Conditional demo mode 2020-05-25 23:38:52 +00:00			`if (DEMO_MODE) {`
			`displayDemoMessage(intl, notify);`
			`}`
			`};`
Let user know that he's in demo 2019-10-25 12:35:48 +00:00
Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`const login = async (email: string, password: string) => {`
Add tests to auth 2020-07-21 13:55:50 +00:00			`const result = await tokenAuth({ variables: { email, password } });`

			`if (result && !result.data.tokenCreate.errors.length) {`
			`if (!!onLogin) {`
			`onLogin();`
Implement the Credential Management API Fixes #156 2019-09-05 14:05:56 +00:00			`}`
Add tests to auth 2020-07-21 13:55:50 +00:00			`saveCredentials(result.data.tokenCreate.user, password);`

			`return result.data.tokenCreate.user;`
			`}`

			`return null;`
Make password reset work 2019-09-03 13:42:15 +00:00			`};`

Handle token refreshing 2020-07-23 13:37:39 +00:00			`const loginByToken = (auth: string, refresh: string, user: User) => {`
Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`setUserContext(user);`
Handle token refreshing 2020-07-23 13:37:39 +00:00			`setTokens(auth, refresh, persistToken);`
Initial commit 2019-06-19 14:40:52 +00:00			`};`

Handle token refreshing 2020-07-23 13:37:39 +00:00			`const refreshToken = (): Promise<boolean> => {`
			`if (!!refreshPromise.current) {`
			`return refreshPromise.current;`
			`}`

			`return new Promise(resolve => {`
			`const token = getTokens().refresh;`
Handle session expiration 2020-05-07 11:04:15 +00:00
Handle token refreshing 2020-07-23 13:37:39 +00:00			`return tokenRefresh({ variables: { token } }).then(refreshData => {`
			`if (!!refreshData.data.tokenRefresh?.token) {`
			`setAuthToken(refreshData.data.tokenRefresh.token, persistToken);`
			`return resolve(true);`
			`}`
Handle session expiration 2020-05-07 11:04:15 +00:00
Handle token refreshing 2020-07-23 13:37:39 +00:00			`return resolve(false);`
			`});`
			`});`
Handle session expiration 2020-05-07 11:04:15 +00:00			`};`

Separate hook from component 2020-07-20 10:12:14 +00:00			`return {`
Add tests to auth 2020-07-21 13:55:50 +00:00			`autologinPromise,`
Separate hook from component 2020-07-20 10:12:14 +00:00			`login,`
			`loginByToken,`
			`logout,`
			`refreshToken,`
			`tokenAuthOpts,`
			`tokenVerifyOpts,`
			`userContext`
			`};`
			`}`

			`interface AuthProviderProps {`
			`children: React.ReactNode;`
			`}`

			`const AuthProvider: React.FC<AuthProviderProps> = ({ children }) => {`
			`const apolloClient = useApolloClient();`
			`const intl = useIntl();`
			`const notify = useNotifier();`

			`const {`
			`login,`
			`loginByToken,`
			`logout,`
			`tokenAuthOpts,`
			`refreshToken,`
			`tokenVerifyOpts,`
			`userContext`
			`} = useAuthProvider(intl, notify, apolloClient);`

Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`return (`
			`<UserContext.Provider`
			`value={{`
			`login,`
			`loginByToken,`
			`logout,`
			`tokenAuthLoading: tokenAuthOpts.loading,`
			`tokenRefresh: refreshToken,`
			`tokenVerifyLoading: tokenVerifyOpts.loading,`
			`user: userContext`
			`}}`
			`>`
			`{children}`
			`</UserContext.Provider>`
			`);`
			`};`

			`export const useAuth = () => {`
			`const user = useContext(UserContext);`
use Apollo useMutation instead of custom hook 2020-07-14 14:31:41 +00:00			`const isAuthenticated = !!user.user;`
Refactor AuthProvider 2020-07-13 15:44:02 +00:00
			`return {`
Handle token refreshing 2020-07-23 13:37:39 +00:00			`hasToken: !!getTokens(),`
Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`isAuthenticated,`
			`tokenAuthLoading: user.tokenAuthLoading,`
			`tokenVerifyLoading: user.tokenVerifyLoading,`
Use useAuth hook 2020-07-14 08:11:43 +00:00			`user: user.user`
Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`};`
			`};`
Initial commit 2019-06-19 14:40:52 +00:00
Refactor AuthProvider 2020-07-13 15:44:02 +00:00			`export default AuthProvider;`