From ed82bea521fdc100ac089989904caee82022a397 Mon Sep 17 00:00:00 2001
From: Rohan Sircar <rohansircar@tuta.io>
Date: Thu, 21 Nov 2019 18:01:37 +0530
Subject: [PATCH] Implemented token usage in front end and removed password
 storage

Token and username are stored in localstorage and cleared on logout.
---
 chatto/src/main/resources/static/js/chat.js        | 7 +++----
 chatto/src/main/resources/static/js/login.js       | 3 +--
 chatto/src/main/resources/static/js/logout.js      | 1 +
 chatto/src/main/resources/templates/user/home.html | 2 +-
 4 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/chatto/src/main/resources/static/js/chat.js b/chatto/src/main/resources/static/js/chat.js
index 2b4d02e..cdbaab9 100644
--- a/chatto/src/main/resources/static/js/chat.js
+++ b/chatto/src/main/resources/static/js/chat.js
@@ -15,7 +15,6 @@ var toUserRadios = document.getElementsByName('toUser');
 var isCheckedUser = false;
 var chatTextArea = document.getElementById('chatTextArea');
 
-var passphraseInput = document.getElementById('passphrase');
 var postNewMessageUrl = `http://${hostAddress}/api/chat/post/message`; //hostAddress variable is set in the thymeleaf head fragment
 var getAllMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
 var getNewMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
@@ -23,10 +22,10 @@ var getNewMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
 // var getAllMessagesUrl = "http://localhost:8080/api/chat/get/messages/";
 // var getNewMessagesUrl = "http://localhost:8080/api/chat/get/messages/";
 // var messageLog = [];
-var username = sessionStorage.getItem('username');
-var password = sessionStorage.getItem('password');
-var basicAuthToken = 'Basic ' + btoa(username + ":" + password);
+var username = localStorage.getItem('username');
 var authToken = localStorage.getItem('authToken');
+
+var passphraseInput = document.getElementById('passphrase');
 var iterations = 100000;
 
 var source = document.getElementById("msg_container_template").innerHTML;
diff --git a/chatto/src/main/resources/static/js/login.js b/chatto/src/main/resources/static/js/login.js
index 9671773..867ec08 100644
--- a/chatto/src/main/resources/static/js/login.js
+++ b/chatto/src/main/resources/static/js/login.js
@@ -6,8 +6,7 @@ function storeCredentials() {
             password: passwordInput.value
         }
         // sessionStorage.setItem('credentials', JSON.stringify(credentials));
-    sessionStorage.setItem('username', usernameInput.value);
-    sessionStorage.setItem('password', passwordInput.value);
+    localStorage.setItem('username', usernameInput.value);
 
     var jqxhr = $.ajax({
         type: 'GET',
diff --git a/chatto/src/main/resources/static/js/logout.js b/chatto/src/main/resources/static/js/logout.js
index 60a1cce..5ddb58e 100644
--- a/chatto/src/main/resources/static/js/logout.js
+++ b/chatto/src/main/resources/static/js/logout.js
@@ -1,3 +1,4 @@
 document.getElementById('logout-form').addEventListener('submit', function(e) {
     localStorage.setItem('authToken', null);
+    localStorage.setItem('username', null);
 })
\ No newline at end of file
diff --git a/chatto/src/main/resources/templates/user/home.html b/chatto/src/main/resources/templates/user/home.html
index 10868be..2fc100d 100644
--- a/chatto/src/main/resources/templates/user/home.html
+++ b/chatto/src/main/resources/templates/user/home.html
@@ -9,7 +9,7 @@
     <script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" data-template-prefix="../" defer="defer" th:if="false"></script>
     <link th:href="@{/css/master.css}" href="../../static/css/master.css" rel="stylesheet" th:if="false">
     <link th:href="@{/css/colors.css}" href="../../static/css/colors.css" rel="stylesheet" th:if="false">
-    <script th:src="@{/js/logout.js}"></script>
+    <script th:src="@{/js/logout.js}" defer></script>
 </head>
 
 <body>