Implemented token usage in front end and removed password storage

Token and username are stored in localstorage and cleared on logout.
5 years ago · ed82bea521
4 changed files with 6 additions and 7 deletions
--- a/chatto/src/main/resources/static/js/chat.js
+++ b/chatto/src/main/resources/static/js/chat.js
@ -15,7 +15,6 @@ var toUserRadios = document.getElementsByName('toUser');
 var isCheckedUser = false;
 var chatTextArea = document.getElementById('chatTextArea');

-var passphraseInput = document.getElementById('passphrase');
 var postNewMessageUrl = `http://${hostAddress}/api/chat/post/message`; //hostAddress variable is set in the thymeleaf head fragment
 var getAllMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
 var getNewMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
@ -23,10 +22,10 @@ var getNewMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
 // var getAllMessagesUrl = "http://localhost:8080/api/chat/get/messages/";
 // var getNewMessagesUrl = "http://localhost:8080/api/chat/get/messages/";
 // var messageLog = [];
-var username = sessionStorage.getItem('username');
-var password = sessionStorage.getItem('password');
-var basicAuthToken = 'Basic ' + btoa(username + ":" + password);
+var username = localStorage.getItem('username');
 var authToken = localStorage.getItem('authToken');
+
+var passphraseInput = document.getElementById('passphrase');
 var iterations = 100000;

 var source = document.getElementById("msg_container_template").innerHTML;
--- a/chatto/src/main/resources/static/js/login.js
+++ b/chatto/src/main/resources/static/js/login.js
@ -6,8 +6,7 @@ function storeCredentials() {
            password: passwordInput.value
        }
        // sessionStorage.setItem('credentials', JSON.stringify(credentials));
-    sessionStorage.setItem('username', usernameInput.value);
-    sessionStorage.setItem('password', passwordInput.value);
+    localStorage.setItem('username', usernameInput.value);

    var jqxhr = $.ajax({
        type: 'GET',
--- a/chatto/src/main/resources/static/js/logout.js
+++ b/chatto/src/main/resources/static/js/logout.js
@ -1,3 +1,4 @@
 document.getElementById('logout-form').addEventListener('submit', function(e) {
    localStorage.setItem('authToken', null);
+    localStorage.setItem('username', null);
 })
--- a/chatto/src/main/resources/templates/user/home.html
+++ b/chatto/src/main/resources/templates/user/home.html
@ -9,7 +9,7 @@
    <script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" data-template-prefix="../" defer="defer" th:if="false"></script>
    <link th:href="@{/css/master.css}" href="../../static/css/master.css" rel="stylesheet" th:if="false">
    <link th:href="@{/css/colors.css}" href="../../static/css/colors.css" rel="stylesheet" th:if="false">
-    <script th:src="@{/js/logout.js}"></script>
+    <script th:src="@{/js/logout.js}" defer></script>
 </head>

 <body>