apxtri/objects
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new wco wwws compatible with new backeend

Browse Source
This commit is contained in:
philc
2025-07-23 12:36:48 +02:00
parent bc76840707
commit b6ae865332
23 changed files with 1702 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

115
wco/apxauth/apxauth.js
View File

@@ -6,15 +6,16 @@ apx.apxauth.loadwco = async (id, ctx) => {
// if (dayjs(apx.data.headers.xdays).diff(dayjs(), "hours") >= 24) apx.apxauth.checkisauth();
//load main.mustache of the component
//when wco-xxx change it run this function
console.log(`Load wconame:apxauth apx.apxauth.loadwco with id:${id} and ctx: ${JSON.stringify(ctx)}`);
console.log(
`Load wconame:apxauth apx.apxauth.loadwco with id:${id} and ctx: ${JSON.stringify(
ctx
)}`
);
const tpldataname = `${apx.data.pagename}_${id}_apxauth`;
const apxauthid = document.getElementById(id)
const apxauthid = document.getElementById(id);
const data = apx.apxauth.getdata(id, ctx);
if (apxauthid.innerHTML.trim() === "") {
apxauthid.innerHTML = Mustache.render(
apx.data.tpl.apxauthmain,
data
);
apxauthid.innerHTML = Mustache.render(apx.data.tpl.apxauthmain, data);
}
apxauthid.querySelector(`.screenaction`).innerHTML = Mustache.render(
apx.data.tpl[`apxauthscreen${ctx.link}`],
@@ -29,7 +30,10 @@ apx.apxauth.getdata = (id, ctx) => {
data.id = id;
data.xalias = apx.data.headers.xalias;
data.xtribe = apx.data.headers.xtribe;
data.emailssuport = apx.data.appdata.emailsupport;
data.emailssuport = apx.data.appdata.emailsupport
? apx.data.appdata.emailsupport
: "";
switch (ctx.link) {
case "logout":
if (!data.profils) data.profils = [];
@@ -55,34 +59,46 @@ apx.apxauth.getdata = (id, ctx) => {
break;
}
console.log("data for tpl:", data);
return data
return data;
};
apx.apxauth.redirecturlwithauth = (url, tribe, webapp, newwindow, windowname = '_blank') => {
url = url.replace(/_[a-zA-Z0-9]{2}\.html/, `_${apx.data.headers.xlang}.html`)
url += `?xtribe=${tribe}&xapp=${webapp}&xalias=${apx.data.headers.xalias}`
url += `&xdays=${apx.data.headers.xdays}&xhash=${apx.data.headers.xhash}`
url += `&xprofils=${apx.data.headers.xprofils.join(',')}`
url += `&xtrkversion=${apx.data.headers.xtrkversion}&xuuid=${apx.data.headers.xuuid}`
apx.apxauth.redirecturlwithauth = (
url,
tribe,
webapp,
newwindow,
windowname = "_blank"
) => {
url = url.replace(/_[a-zA-Z0-9]{2}\.html/, `_${apx.data.headers.xlang}.html`);
url += `?xtribe=${tribe}&xapp=${webapp}&xalias=${apx.data.headers.xalias}`;
url += `&xdays=${apx.data.headers.xdays}&xhash=${apx.data.headers.xhash}`;
url += `&xprofils=${apx.data.headers.xprofils.join(",")}`;
url += `&xtrkversion=${apx.data.headers.xtrkversion}&xuuid=${apx.data.headers.xuuid}`;
if (newwindow) {
try {
const newwin = window.open(url, windowname)
if (newwin === null || typeof newwin === 'undefined') {
console.warn("L'ouverture de la fenêtre a été bloquée par un bloqueur de pop-up.");
const newwin = window.open(url, windowname);
if (newwin === null || typeof newwin === "undefined") {
console.warn(
"L'ouverture de la fenêtre a été bloquée par un bloqueur de pop-up."
);
// Vous pouvez informer l'utilisateur ici qu'il doit désactiver son bloqueur de pop-up
alert("Votre navigateur a bloqué l'ouverture d'un nouvel onglet. Veuillez autoriser les pop-ups pour ce site.");
alert(
"Votre navigateur a bloqué l'ouverture d'un nouvel onglet. Veuillez autoriser les pop-ups pour ce site."
);
} else {
// Optionnel: Mettre le focus sur la nouvelle fenêtre/onglet
newwin.focus();
}
return newwin;
} catch (error) {
console.error("Une erreur est survenue lors de l'ouverture de l'onglet :", error);
console.error(
"Une erreur est survenue lors de l'ouverture de l'onglet :",
error
);
return null;
}
}
}
};
/**
* logout
@@ -148,7 +164,7 @@ apx.apxauth.setheadersauth = async (
apx.data.headers.xalias = alias;
apx.data.headers.xdays = dayjs().valueOf();
const msg = `${alias}_${apx.data.headers.xdays}`;
//console.log("pvk", privatekey);
try {
apx.data.headers.xhash = await apx.apxauth.clearmsgSignature(
publickey,
@@ -184,8 +200,11 @@ apx.apxauth.authentifyme = async (
//console.log(alias, passphrase);
//console.log(privatekey);
//clean previous answer if exist
const idparent=document.getElementById(id).parentElement?.closest('[wco-name]').getAttribute('id')
const idparent = document
.getElementById(id)
.parentElement?.closest("[wco-name]")
.getAttribute("id");
document.querySelector(`#${id} .msginfo`).innerHTML = "";
if (alias.length < 3 || privatekey.length < 200) {
apx.notification(`#${id} .msginfo`, {
@@ -218,10 +237,13 @@ apx.apxauth.authentifyme = async (
axios
.get(`/api/apxtri/pagans/isauth`, {
headers: apx.data.headers,
withCredentials: true,
})
.then((rep) => {
// Authenticate then store profils in header
// remove xhash for security this xhaskl is stored from the server as cookie http only.
apx.data.headers.xprofils = rep.data.data.xprofils;
delete apx.data.headers.xhash;
apx.save();
// if this page is call with apxid_fr.html?url=httpsxxx then it redirect to this page.
//alert(`${window.location.href.includes("/src/")?"/src/":""}${apx.pagecontext.hash.url}`)
@@ -229,14 +251,18 @@ apx.apxauth.authentifyme = async (
window.location.href = `${apx.pagecontext.hash.url}`;
} else {
//location.reload();
document.getElementById(idparent).setAttribute('wco-link','mytribes');
document
.getElementById(idparent)
.setAttribute("wco-link", "mytribes");
}
})
.catch((err) => {
console.log("Not authentify:", err);
delete apx.data.auth;
apx.save();
document.getElementById(idparent).setAttribute("wco-link", "signin")
document
.getElementById(idparent)
.setAttribute("wco-link", "signin");
if (err.response) {
apx.notification(`#${id} .msginfo`, err.response.data);
} else if (err.request) {
@@ -486,13 +512,8 @@ apx.apxauth.authenticatedetachedSignature = async (
return false;
}
};
apx.apxauth.createIdentity = async (
id,
alias,
recoemail,
passphrase = ""
) => {
document.querySelector(`#${id} .msginfo`).innerHTML = ""
apx.apxauth.createIdentity = async (id, alias, recoemail, passphrase = "") => {
document.querySelector(`#${id} .msginfo`).innerHTML = "";
const aliasregex = /^[a-z0-9]*$/;
//console.log(aliasregex.test(alias));
if (!(alias && alias.length > 3 && aliasregex.test(alias))) {
@@ -542,9 +563,7 @@ apx.apxauth.createIdentity = async (
//console.log(apx.data.tmpauth);
["publickey", "privatekey"].forEach((k) => {
console.log(`${id} button.signup${k}`);
const btn = document.querySelector(
`#${id} button.signup${k}`
);
const btn = document.querySelector(`#${id} button.signup${k}`);
btn.addEventListener("click", () => {
const blob = new Blob([keys[k]], { type: "text/plain" });
const url = URL.createObjectURL(blob);
@@ -561,12 +580,8 @@ apx.apxauth.createIdentity = async (
`#${id} .signupalias, #${id} .signupemailrecovery, #${id} .signuppassphrase`
)
.forEach((e) => e.setAttribute("disabled", "disabled"));
document
.querySelector(`#${id} .getmykeys`)
.classList.remove("hidden");
document
.querySelector(`#${id} .btncreatekey`)
.classList.add("hidden");
document.querySelector(`#${id} .getmykeys`).classList.remove("hidden");
document.querySelector(`#${id} .btncreatekey`).classList.add("hidden");
} else {
apx.notification(
`#${id} .msginfo`,
@@ -617,8 +632,14 @@ apx.apxauth.registerIdentity = async (id, trustedtribe) => {
const data = {};
data.alias = apx.data.tmpauth.keys.alias;
data.publickey = apx.data.tmpauth.keys.publickey;
console.log(apx.data.tmpauth.recoemail, Checkjson.testformat(apx.data.tmpauth.recoemail, "email"))
if (apx.data.tmpauth.recoemail && Checkjson.testformat(apx.data.tmpauth.recoemail, "email")) {
console.log(
apx.data.tmpauth.recoemail,
Checkjson.testformat(apx.data.tmpauth.recoemail, "email")
);
if (
apx.data.tmpauth.recoemail &&
Checkjson.testformat(apx.data.tmpauth.recoemail, "email")
) {
data.passphrase = apx.data.tmpauth.keyspassphrase;
data.privatekey = apx.data.tmpauth.keysprivatekey;
data.email = apx.data.tmpauth.recoemail;
@@ -629,10 +650,8 @@ apx.apxauth.registerIdentity = async (id, trustedtribe) => {
.then((reppagan) => {
//console.log(reppagan.data);
apx.notification(`#${id} .msginfo`, reppagan.data);
authid.querySelector(`.btncreateidentity`)
.classList.add("hidden");
authid.querySelector(`.signupbtnreload`)
.classList.remove("hidden");
authid.querySelector(`.btncreateidentity`).classList.add("hidden");
authid.querySelector(`.signupbtnreload`).classList.remove("hidden");
//remove tmp cause create phc change to keep tplauth in memory and avoid asking again the pasword
//delete apx.data.tmpauth;
//apx.save();

347
wco/apxauth/apxauthgeminicli.js Normal file
View File

@@ -0,0 +1,347 @@
/* eslint-env browser */
/* eslint-disable no-alert, no-console */
/**
* @file apxauth.js (previously authnew.js)
* @description Modern, class-based implementation for handling authentication (apxauth) components.
* @version 2.1
* @author support@ndda.fr
*/
// Establish the global namespace
window.apx = window.apx || {};
/**
* @class ApxAuth
* Manages authentication flows, including sign-in, sign-up, logout, and key management.
*/
class ApxAuth {
constructor() {
if (typeof apx.main === 'undefined') {
throw new Error("ApxAuth requires a global 'apx.main' (ApxManager) instance.");
}
}
async loadwco(id, ctx) {
console.log(`[apxauth] loadwco triggered for id: ${id} with context:`, ctx);
const componentRoot = document.getElementById(id);
if (!componentRoot) return;
const data = this._getData(id, ctx);
if (componentRoot.innerHTML.trim() === "") {
componentRoot.innerHTML = Mustache.render(apx.main.data.tpl.apxauthmain, data);
}
const screenContainer = componentRoot.querySelector('.screenaction');
if (screenContainer) {
const screenTemplate = apx.main.data.tpl[`apxauthscreen${ctx.link}`];
if (screenTemplate) {
screenContainer.innerHTML = Mustache.render(screenTemplate, data);
}
}
const msgInfo = componentRoot.querySelector('.msginfo');
if (msgInfo) msgInfo.innerHTML = "";
}
_getData(id, ctx) {
const tpldataname = `${apx.main.data.pagename}_${id}_apxauth`;
const data = JSON.parse(JSON.stringify(apx.main.data.tpldata[tpldataname] || {}));
data.id = id;
data.xalias = apx.main.data.headers.xalias;
data.xtribe = apx.main.data.headers.xtribe;
data.emailsupport = apx.main.data.appdata?.emailsupport;
if (ctx.link === 'logout') {
data.profils = apx.main.data.headers.xprofils
.filter(p => !['anonymous', 'pagans', 'persons'].includes(p))
.map(p => apx.main.data.options.profil.itms[p]?.title);
data.noprofils = data.profils.length === 0;
data.member = apx.main.data.headers.xprofils.includes('persons');
data.websites = apx.main.data.appdata?.websites;
}
return data;
}
redirectWithAuth(url, tribe, webapp, newWindow = false, windowName = '_blank') {
const { xlang, xalias, xdays, xhash, xprofils, xtrkversion, xuuid } = apx.main.data.headers;
let authUrl = url.replace(/_[a-z]{2}\.html/, `_${xlang}.html`);
const params = new URLSearchParams({
xtribe: tribe,
xapp: webapp,
xalias,
xdays,
xhash,
xprofils: xprofils.join(','),
xtrkversion,
xuuid
});
authUrl += `?${params.toString()}`;
if (newWindow) {
try {
const newWin = window.open(authUrl, windowName);
if (!newWin) {
alert("Popup blocked. Please allow popups for this site.");
return null;
}
newWin.focus();
return newWin;
} catch (error) {
console.error("Error opening new window:", error);
return null;
}
} else {
window.location.href = authUrl;
return null;
}
}
async logout() {
try {
await axios.get('/api/apxtri/pagans/logout', { headers: apx.main.data.headers });
} catch (err) {
console.error("Logout API call failed:", err);
}
apx.main.data = window.apxtri;
apx.main.saveState();
if (apx.main.pageContext.hash.url) {
window.location.href = apx.main.pageContext.hash.url;
} else {
location.reload();
}
}
async _setAuthHeaders(alias, passphrase, publickey, privatekey, rememberme) {
if (alias.length < 3 || publickey.length < 200) {
return { status: 406, ref: "Pagans", msg: "aliasorprivkeytooshort" };
}
if (rememberme) {
apx.main.data.auth = { alias, publickey, privatekey, passphrase: passphrase || "" };
} else {
delete apx.main.data.auth;
}
apx.main.data.headers.xalias = alias;
apx.main.data.headers.xdays = dayjs().valueOf();
const message = `${alias}_${apx.main.data.headers.xdays}`;
try {
apx.main.data.headers.xhash = await this._clearMsgSignature(publickey, privatekey, passphrase, message);
apx.main.saveState();
return { status: 200 };
} catch (err) {
return { status: 500, ref: "Middlewares", msg: "unconsistentpgp", data: { err: err.message } };
}
}
async authenticate(id, alias, passphrase, privatekey, rememberme) {
const msgContainer = `#${id} .msginfo`;
apx.main.notify(msgContainer, {}, true);
if (alias.length < 3 || privatekey.length < 200) {
apx.main.notify(msgContainer, { status: 406, ref: "Pagans", msg: "aliasorprivkeytooshort" });
return;
}
try {
const { data: { data: paganData } } = await axios.get(`/api/apxtri/pagans/alias/${alias}`, { headers: apx.main.data.headers });
const headersResult = await this._setAuthHeaders(alias, passphrase, paganData.publickey, privatekey, rememberme);
if (headersResult.status !== 200) {
apx.main.notify(msgContainer, headersResult);
return;
}
const { data: { data: authData } } = await axios.get('/api/apxtri/pagans/isauth', { headers: apx.main.data.headers, withCredentials: true });
apx.main.data.headers.xprofils = authData.xprofils;
apx.main.saveState();
if (apx.main.pageContext.hash.url) {
window.location.href = apx.main.pageContext.hash.url;
} else {
const parentWco = document.getElementById(id).closest('[wco-name]');
if (parentWco) parentWco.setAttribute('wco-link', 'mytribes');
}
} catch (err) {
console.error("Authentication failed:", err);
delete apx.main.data.auth;
apx.main.saveState();
const parentWco = document.getElementById(id).closest('[wco-name]');
if (parentWco) parentWco.setAttribute('wco-link', 'signin');
apx.main.notify(msgContainer, err.response?.data || { status: 500, ref: "Middlewares", msg: "errrequest" });
}
}
async recoverKey(id, aliasOrEmail) {
const msgContainer = `#${id} .msginfo`;
apx.main.notify(msgContainer, {}, true);
if (aliasOrEmail.length < 3) {
apx.main.notify(msgContainer, { status: 406, ref: "Pagans", msg: "recoveryemailnotfound", data: { search: aliasOrEmail } });
return;
}
const recoveryData = {
tribe: apx.main.data.headers.xtribe,
search: aliasOrEmail,
emailalias: Checkjson.testformat(aliasOrEmail, "email") ? "email" : "alias",
};
try {
const { data: response } = await axios.post('/api/apxtri/pagans/keyrecovery', recoveryData, { headers: apx.main.data.headers });
response.data.search = aliasOrEmail;
apx.main.notify(msgContainer, response, true);
} catch (err) {
const errorData = err.response?.data || { status: 500, ref: "Pagans", msg: "checkconsole" };
errorData.data = { ...errorData.data, search: aliasOrEmail };
apx.main.notify(msgContainer, errorData, true);
}
}
async _generateKey(alias, passphrase) {
const { privateKey, publicKey } = await openpgp.generateKey({
type: "ecc",
curve: "curve25519",
userIDs: [{ alias }],
passphrase,
format: "armored",
});
return { alias, privatekey: privateKey, publickey: publicKey };
}
async createIdentity(id, alias, recoveryEmail, passphrase = "") {
const msgContainer = `#${id} .msginfo`;
apx.main.notify(msgContainer, {}, true);
const aliasRegex = /^[a-z0-9]{4,}$/;
if (!aliasRegex.test(alias)) {
apx.main.notify(msgContainer, { status: 406, ref: "Pagans", msg: "invalidalias" }, true);
return;
}
if (recoveryEmail && !Checkjson.testformat(recoveryEmail, "email")) {
apx.main.notify(msgContainer, { status: 406, ref: "Pagans", msg: "invalidemail" }, true);
return;
}
try {
await axios.get(`/api/apxtri/pagans/alias/${alias}`, { headers: apx.main.data.headers });
apx.main.notify(msgContainer, { ref: "Pagans", msg: "aliasexist", data: { alias } }, true);
} catch (err) {
if (err.response?.status === 404) {
const keys = await this._generateKey(alias, passphrase);
apx.main.data.tmpauth = { keys, recoveryEmail, passphrase };
this._showKeyDownloadUI(id, keys);
} else {
apx.main.notify(msgContainer, { ref: "Middlewares", msg: "errrequest" }, true);
}
}
}
_showKeyDownloadUI(id, keys) {
const componentRoot = document.getElementById(id);
['publickey', 'privatekey'].forEach(keyType => {
const btn = componentRoot.querySelector(`button.signup${keyType}`);
if(btn) {
btn.onclick = () => {
const blob = new Blob([keys[keyType]], { type: "text/plain" });
const url = URL.createObjectURL(blob);
const a = document.createElement("a");
a.href = url;
a.download = `${keys.alias}_${keyType}.txt`;
a.click();
URL.revokeObjectURL(url);
};
}
});
componentRoot.querySelectorAll('.signupalias, .signupemailrecovery, .signuppassphrase').forEach(el => el.disabled = true);
componentRoot.querySelector('.getmykeys')?.classList.remove('hidden');
componentRoot.querySelector('.btncreatekey')?.classList.add('hidden');
}
async registerIdentity(id, isTrustedTribe) {
const msgContainer = `#${id} .msginfo`;
const { keys, recoveryEmail, passphrase } = apx.main.data.tmpauth;
const headersResult = await this._setAuthHeaders(keys.alias, passphrase, keys.publickey, keys.privatekey, false);
if (headersResult.status !== 200) {
apx.main.notify(msgContainer, headersResult);
return;
}
const registrationData = {
alias: keys.alias,
publickey: keys.publickey,
trustedtribe: isTrustedTribe,
};
if (recoveryEmail && Checkjson.testformat(recoveryEmail, "email")) {
registrationData.email = recoveryEmail;
registrationData.passphrase = passphrase;
registrationData.privatekey = keys.privatekey;
}
try {
const { data: response } = await axios.post('/api/apxtri/pagans', registrationData, { headers: apx.main.data.headers });
apx.main.notify(msgContainer, response);
document.querySelector(`#${id} .btncreateidentity`)?.classList.add('hidden');
document.querySelector(`#${id} .signupbtnreload`)?.classList.remove('hidden');
} catch (err) {
apx.main.notify(msgContainer, err.response?.data || { status: 500, ref: "Pagans", msg: "errcreate" });
}
}
async joinTribe(id) {
const msgContainer = `#${id} .msginfo`;
const personData = {
alias: apx.main.data.headers.xalias,
profils: [...new Set([...apx.main.data.headers.xprofils, 'persons'])],
};
try {
const { data: response } = await axios.put(`/api/apxtri/pagans/person/${apx.main.data.headers.xtribe}`, personData, { headers: apx.main.data.headers });
apx.main.notify(msgContainer, response);
await this.logout();
} catch (err) {
apx.main.notify(msgContainer, err.response?.data || { status: 500, ref: "Pagans", msg: "errcreate" });
}
}
async _clearMsgSignature(pubK, privK, passphrase, message) {
const publickey = await openpgp.readKey({ armoredKey: pubK });
const privatekey = await openpgp.decryptKey({
privateKey: await openpgp.readPrivateKey({ armoredKey: privK }),
passphrase,
});
const cleartextMessage = await openpgp.sign({
message: await openpgp.createCleartextMessage({ text: message }),
signingKeys: privatekey,
});
const { signatures: [{ verified }] } = await openpgp.verify({
message: await openpgp.readCleartextMessage({ cleartextMessage }),
verificationKeys: publickey,
});
if (!(await verified)) {
throw new Error("Signature verification failed.");
}
return btoa(cleartextMessage);
}
}
// Attach an instance to the global namespace
apx.apxauth = new ApxAuth();