Include the secret into the user authentication

Fairly simple fix We read the hardcoded secret directly from the `SecretCheck` module since we should not have come to this screen unless the input `SecretCheck` and the hardcoded secret match, so we might as well use the hardcoded check. This is the final set of changes for e-mission/e-mission-docs#628 Testing done: Checked the userid on the server. ``` {'_id': ObjectId('60503a011fa22fb602d332b1'), 'user_email': 'REPLACEMEkVVdF9rT', 'uuid': UUID('cf8ccb7b-84d7-40e4-a726-7691e614b042'), 'update_ts': datetime.datetime(2021, 3, 15, 21, 54, 25, 463000)}] ``` Checked the userid on the phone - was the same Checked the server logs, auth was fine ``` START 2021-03-15 21:54:25.460376 POST /profile/create END 2021-03-15 21:54:25.467684 POST /profile/create 0.007261991500854492 START 2021-03-15 21:54:25.583845 POST /profile/get END 2021-03-15 21:54:25.589675 POST /profile/get cf8ccb7b-84d7-40e4-a726-7691e614b042 0.005787849426269531 START 2021-03-15 21:54:26.051814 POST /profile/update END 2021-03-15 21:54:26.057612 POST /profile/update cf8ccb7b-84d7-40e4-a726-7691e614b042 0.0057489871978759766 START 2021-03-15 21:55:32.222428 POST /result/metrics/timestamp END 2021-03-15 21:55:32.234051 POST /result/metrics/timestamp cf8ccb7b-84d7-40e4-a726-7691e614b042 0.011476993560791016 ```
shankari · Mar 16, 2021 · 5afea5e · 5afea5e
1 parent c00f63b
commit 5afea5e
Showing 1 changed file with 4 additions and 8 deletions.
diff --git a/www/js/intro.js b/www/js/intro.js
@@ -1,7 +1,7 @@
 'use strict';
 
 angular.module('emission.intro', ['emission.splash.startprefs',
-                                  'emission.splash.updatecheck',
+                                  'emission.splash.secretcheck',
                                   'emission.survey.launch',
                                   'emission.i18n.utils',
                                   'ionic-toast'])
@@ -22,7 +22,7 @@ angular.module('emission.intro', ['emission.splash.startprefs',
 })
 
 .controller('IntroCtrl', function($scope, $state, $window, $ionicSlideBoxDelegate,
-    $ionicPopup, $ionicHistory, ionicToast, $timeout, CommHelper, StartPrefs, SurveyLaunch, UpdateCheck, $translate, i18nUtils) {
+    $ionicPopup, $ionicHistory, ionicToast, $timeout, CommHelper, StartPrefs, SurveyLaunch, SecretCheck, $translate, i18nUtils) {
   $scope.platform = $window.device.platform;
   $scope.osver = $window.device.version.split(".")[0];
   if($scope.platform.toLowerCase() == "android") {
@@ -193,19 +193,15 @@ angular.module('emission.intro', ['emission.splash.startprefs',
   };
 
   $scope.login = function(token) {
-    window.cordova.plugins.BEMJWTAuth.setPromptedAuthToken(token).then(function(userEmail) {
+    const comboToken = SecretCheck.SECRET+token;
+    window.cordova.plugins.BEMJWTAuth.setPromptedAuthToken(comboToken).then(function(userEmail) {
       // ionicToast.show(message, position, stick, time);
       // $scope.next();
       ionicToast.show(userEmail, 'middle', false, 2500);
       if (userEmail == "null" || userEmail == "") {
         $scope.alertError("Invalid login "+userEmail);
       } else {
         CommHelper.registerUser(function(successResult) {
-          UpdateCheck.getChannel().then(function(retVal) {
-            CommHelper.updateUser({
-             client: retVal
-            });
-          });
           $scope.startSurvey();
           $scope.finish();
         }, function(errorResult) {