From 5afea5ebe9de0ebf2658feb4f128177c48d891df Mon Sep 17 00:00:00 2001 From: Shankari Date: Tue, 16 Mar 2021 08:18:30 -0700 Subject: [PATCH] Include the secret into the user authentication Fairly simple fix We read the hardcoded secret directly from the `SecretCheck` module since we should not have come to this screen unless the input `SecretCheck` and the hardcoded secret match, so we might as well use the hardcoded check. This is the final set of changes for https://github.com/e-mission/e-mission-docs/issues/628 Testing done: Checked the userid on the server. ``` {'_id': ObjectId('60503a011fa22fb602d332b1'), 'user_email': 'REPLACEMEkVVdF9rT', 'uuid': UUID('cf8ccb7b-84d7-40e4-a726-7691e614b042'), 'update_ts': datetime.datetime(2021, 3, 15, 21, 54, 25, 463000)}] ``` Checked the userid on the phone - was the same Checked the server logs, auth was fine ``` START 2021-03-15 21:54:25.460376 POST /profile/create END 2021-03-15 21:54:25.467684 POST /profile/create 0.007261991500854492 START 2021-03-15 21:54:25.583845 POST /profile/get END 2021-03-15 21:54:25.589675 POST /profile/get cf8ccb7b-84d7-40e4-a726-7691e614b042 0.005787849426269531 START 2021-03-15 21:54:26.051814 POST /profile/update END 2021-03-15 21:54:26.057612 POST /profile/update cf8ccb7b-84d7-40e4-a726-7691e614b042 0.0057489871978759766 START 2021-03-15 21:55:32.222428 POST /result/metrics/timestamp END 2021-03-15 21:55:32.234051 POST /result/metrics/timestamp cf8ccb7b-84d7-40e4-a726-7691e614b042 0.011476993560791016 ``` --- www/js/intro.js | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/www/js/intro.js b/www/js/intro.js index aa590ced2..b579bcffa 100644 --- a/www/js/intro.js +++ b/www/js/intro.js @@ -1,7 +1,7 @@ 'use strict'; angular.module('emission.intro', ['emission.splash.startprefs', - 'emission.splash.updatecheck', + 'emission.splash.secretcheck', 'emission.survey.launch', 'emission.i18n.utils', 'ionic-toast']) @@ -22,7 +22,7 @@ angular.module('emission.intro', ['emission.splash.startprefs', }) .controller('IntroCtrl', function($scope, $state, $window, $ionicSlideBoxDelegate, - $ionicPopup, $ionicHistory, ionicToast, $timeout, CommHelper, StartPrefs, SurveyLaunch, UpdateCheck, $translate, i18nUtils) { + $ionicPopup, $ionicHistory, ionicToast, $timeout, CommHelper, StartPrefs, SurveyLaunch, SecretCheck, $translate, i18nUtils) { $scope.platform = $window.device.platform; $scope.osver = $window.device.version.split(".")[0]; if($scope.platform.toLowerCase() == "android") { @@ -193,7 +193,8 @@ angular.module('emission.intro', ['emission.splash.startprefs', }; $scope.login = function(token) { - window.cordova.plugins.BEMJWTAuth.setPromptedAuthToken(token).then(function(userEmail) { + const comboToken = SecretCheck.SECRET+token; + window.cordova.plugins.BEMJWTAuth.setPromptedAuthToken(comboToken).then(function(userEmail) { // ionicToast.show(message, position, stick, time); // $scope.next(); ionicToast.show(userEmail, 'middle', false, 2500); @@ -201,11 +202,6 @@ angular.module('emission.intro', ['emission.splash.startprefs', $scope.alertError("Invalid login "+userEmail); } else { CommHelper.registerUser(function(successResult) { - UpdateCheck.getChannel().then(function(retVal) { - CommHelper.updateUser({ - client: retVal - }); - }); $scope.startSurvey(); $scope.finish(); }, function(errorResult) {