From 14110983efd087bafbcd8336e89504e0e0633491 Mon Sep 17 00:00:00 2001 From: William Chong Date: Sun, 27 Oct 2024 23:03:24 +0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fix=20jwt=20permissions=20not=20?= =?UTF-8?q?signed?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- components/AppHeader.vue | 7 +++++-- layouts/wallet.vue | 7 +++++-- pages/auth/redirect.vue | 7 +++++-- store/wallet.ts | 2 +- utils/auth.ts | 8 +++++++- 5 files changed, 23 insertions(+), 8 deletions(-) diff --git a/components/AppHeader.vue b/components/AppHeader.vue index 8983d3c8..9e99c0ed 100644 --- a/components/AppHeader.vue +++ b/components/AppHeader.vue @@ -178,7 +178,7 @@ export default class AppHeader extends Vue { @walletModule.Action('disconnectWallet') disconnectWallet!: () => void @walletModule.Action('openConnectWalletModal') openConnectWalletModal!: (params: { language: string, fullPath?: string }) => Promise @walletModule.Action('initWallet') initWallet!: (params: { method: any, accounts: any, offlineSigner?: any }) => Promise - @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise + @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise @walletModule.Getter('getWalletAddress') currentAddress!: string @walletModule.Getter('getSigner') signer!: any @bookApiModule.Getter('getSessionWallet') sessionWallet!: string @@ -230,7 +230,10 @@ export default class AppHeader extends Vue { if (!this.currentAddress || !this.signer) { throw new Error('FAILED_TO_CONNECT_WALLET') } - const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS) + const signature = await this.signMessageMemo({ + action: 'authorize', + permissions: SIGN_AUTHORIZATION_PERMISSIONS, + }); if (!signature) { throw new Error('SIGNING_REJECTED') } diff --git a/layouts/wallet.vue b/layouts/wallet.vue index a72735c8..94cbf66e 100644 --- a/layouts/wallet.vue +++ b/layouts/wallet.vue @@ -42,7 +42,7 @@ export default class WalletLayout extends Vue { @walletModule.Action('disconnectWallet') disconnectWallet!: () => void @walletModule.Action('openConnectWalletModal') openConnectWalletModal!: (params: { language: string, fullPath?: string }) => Promise @walletModule.Action('initWallet') initWallet!: (params: { method: any, accounts: any, offlineSigner?: any }) => Promise - @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise + @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise @walletModule.Getter('getSigner') signer!: any @bookApiModule.Getter('getSessionWallet') sessionWallet!: string @bookApiModule.Action('restoreSession') restoreSession!: () => void @@ -90,7 +90,10 @@ export default class WalletLayout extends Vue { if (!this.walletAddress || !this.signer) { throw new Error('FAILED_TO_CONNECT_WALLET') } - const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS) + const signature = await this.signMessageMemo({ + action: 'authorize', + permissions: SIGN_AUTHORIZATION_PERMISSIONS, + }); if (!signature) { throw new Error('SIGNING_REJECTED') } diff --git a/pages/auth/redirect.vue b/pages/auth/redirect.vue index 825100af..8e255a65 100644 --- a/pages/auth/redirect.vue +++ b/pages/auth/redirect.vue @@ -21,7 +21,7 @@ export default class RedirectPage extends Vue { @walletModule.Action('initWallet') initWallet!: (params: { method: any; accounts: any; offlineSigner?: any }) => Promise @walletModule.Action('disconnectWallet') disconnectWallet!: () => void @walletModule.Action('handleConnectorRedirect') handleConnectorRedirect!: (params: { method: string; params: any }) => Promise - @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise + @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise @walletModule.Getter('getSigner') signer!: any @walletModule.Getter('getWalletAddress') currentAddress!: string @@ -53,7 +53,10 @@ export default class RedirectPage extends Vue { if (!this.currentAddress || !this.signer) { throw new Error('FAILED_TO_CONNECT_WALLET') } - const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS) + const signature = await this.signMessageMemo({ + action: 'authorize', + permissions: SIGN_AUTHORIZATION_PERMISSIONS, + }); if (!signature) { throw new Error('SIGNING_REJECTED') } diff --git a/store/wallet.ts b/store/wallet.ts index af0247c9..8dbb08c5 100644 --- a/store/wallet.ts +++ b/store/wallet.ts @@ -219,7 +219,7 @@ export default class Wallet extends VuexModule { } @Action - async signMessageMemo(action: string, permissions?: string[]) { + async signMessageMemo({ action, permissions }: { action: string, permissions?: string[] }) { if (!this.signer || !this.address) { await this.initIfNecessary() } diff --git a/utils/auth.ts b/utils/auth.ts index 3d1d49ce..c31a771b 100644 --- a/utils/auth.ts +++ b/utils/auth.ts @@ -1,11 +1,17 @@ import { jwtDecode } from "jwt-decode"; +import { SIGN_AUTHORIZATION_PERMISSIONS } from "~/constant"; const AUTH_SESSION_KEY = 'likecoin_nft_book_press_token' export function checkJwtTokenValidity (token: string) { try { const decoded = jwtDecode(token); - return decoded?.exp && decoded.exp * 1000 > Date.now(); + if (!decoded) { + return false; + } + const isExpired = decoded.exp && decoded.exp * 1000 < Date.now(); + const isMatchPermissions = (decoded as any).permissions === SIGN_AUTHORIZATION_PERMISSIONS; + return !isExpired && isMatchPermissions; } catch (error) { console.error(error); return false;