dirty localstorage token store

2019-04-17 17:18:19 +10:00 · 2019-04-17 17:18:19 +10:00 · 11d07929ba
commit 11d07929ba
parent 6a719dbb9d
1 changed files with 12 additions and 5 deletions
--- a/client/src/socket.jsx
+++ b/client/src/socket.jsx
@ -18,14 +18,19 @@ function createSocket(events) {

    // handle account auth within the socket itself
    // https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html
-    let account = null;
+    let account;
+    try {
+        account = JSON.parse(localStorage.getItem('account'));
+    } catch (e) {
+        localStorage.removeItem('account');
+    }

    // -------------
    //   Outgoing
    // -------------
    function send(msg) {
        console.log('outgoing msg', msg);
-        msg.token = account && account.token;
+        msg.token = account && account.token && account.token;
        ws.send(cbor.encode(msg));
    }

@ -159,6 +164,7 @@ function createSocket(events) {
        const [struct, login] = res;

        account = login;
+        localStorage.setItem('account', JSON.stringify(login));
        events.setAccount(login);
        sendAccountCryps();
        sendAccountPlayers();
@ -266,9 +272,10 @@ function createSocket(events) {
                position: 'bottomCenter',
            });

-            // if (!account) events.loginPrompt();
-            if (process.env.NODE_ENV !== 'production') {
-                send({ method: 'account_login', params: { name: 'ntr', password: 'grepgrepgrep' } });
+            if (account) {
+                events.setAccount(account);
+                sendAccountPlayers();
+                sendAccountCryps();
            }

            return true;