Add staff instance in session cookie.

2020-08-11 23:35:10 -03:00 · 2020-08-11 23:35:10 -03:00 · d72aec3976
parent 01718cf92b
commit d72aec3976
5 changed files with 29 additions and 7 deletions
--- a/client/src/actions/session-actions.js
+++ b/client/src/actions/session-actions.js
@ -54,8 +54,8 @@ export default {
                data: {
                    userId: rememberData.userId,
                    rememberToken: rememberData.token,
+                    staff: rememberData.isStaff,
                    remember: 1,
-                    isAutomatic: 1
                }
            }).then((result) => {
                store.dispatch(this.getUserData(result.data.userId, result.data.token));
--- a/client/src/lib-app/session-store.js
+++ b/client/src/lib-app/session-store.js
@ -48,9 +48,10 @@ class SessionStore {
        return JSON.parse(this.getItem('departments'));
    }

-    storeRememberData({token, userId, expiration}) {
+    storeRememberData({token, userId, expiration, isStaff}) {
        this.setItem('rememberData-token', token);
        this.setItem('rememberData-userId', userId);
+        this.setItem('rememberData-isStaff', isStaff);
        this.setItem('rememberData-expiration', expiration);
    }

@ -106,6 +107,7 @@ class SessionStore {
        return {
            token: this.getItem('rememberData-token'),
            userId: this.getItem('rememberData-userId'),
+            isStaff: this.getItem('rememberData-isStaff'),
            expiration: this.getItem('rememberData-expiration')
        };
    }
@ -113,6 +115,7 @@ class SessionStore {
    clearRememberData() {
        this.removeItem('rememberData-token');
        this.removeItem('rememberData-userId');
+        this.removeItem('rememberData-isStaff');
        this.removeItem('rememberData-expiration');
    }

--- a/client/src/reducers/session-reducer.js
+++ b/client/src/reducers/session-reducer.js
@ -95,7 +95,7 @@ class SessionReducer extends Reducer {
            sessionStore.storeRememberData({
                token: resultData.rememberToken,
                userId: resultData.userId,
-                staff: resultData.staff,
+                isStaff: resultData.staff,
                expiration: resultData.rememberExpiration
            });
        }
--- a/server/controllers/user/login.php
+++ b/server/controllers/user/login.php
@ -61,6 +61,7 @@ class LoginController extends Controller {

            $this->createUserSession();
            $this->createRememberToken();
+
            if(Controller::request('staff')) {
                $this->userInstance->lastLogin = Date::getCurrentDate();
                $this->userInstance->store();
@ -116,12 +117,14 @@ class LoginController extends Controller {
        $rememberToken = Controller::request('rememberToken');
        $userInstance = new NullDataStore();

-        if ($rememberToken) {
+        if($rememberToken) {
            $sessionCookie = SessionCookie::getDataStore($rememberToken, 'token');
            $userId = Controller::request('userId');
+            $isStaff = Controller::request('staff');
+            $loggedInstance = $isStaff ? $sessionCookie->staff : $sessionCookie->user;

-            if (!$sessionCookie->isNull() && $userId === $sessionCookie->user->id) {
-                $userInstance = $sessionCookie->user;
+            if ((!$sessionCookie->isNull()) && ($userId === $loggedInstance->id) && ($isStaff === $sessionCookie->isStaff)) {
+                $userInstance = $loggedInstance;
                $sessionCookie->delete();
            }
        }
@ -146,7 +149,9 @@ class LoginController extends Controller {

            $sessionCookie = new SessionCookie();
            $sessionCookie->setProperties(array(
-                'user' => $this->userInstance,
+                'isStaff' => Controller::request('staff'),
+                'user' => $this->userInstance instanceof User ? $this->userInstance : null,
+                'staff' => $this->userInstance instanceof Staff ? $this->userInstance : null,
                'token' => $this->rememberToken,
                'ip' => $_SERVER['REMOTE_ADDR'],
                'creationDate' =>  Date::getCurrentDate(),
--- a/server/models/SessionCookie.php
+++ b/server/models/SessionCookie.php
@ -1,10 +1,24 @@
 <?php
+/**
+ * @api {OBJECT} SessionCookie SessionCookie
+ * @apiVersion 4.8.0
+ * @apiGroup Data Structures
+ * @apiParam {Boolean} isStaff Indicates if it wants to login a staff or a regular user.
+ * @apiParam {Object} user The user.
+ * @apiParam {Object} staff The staff.
+ * @apiParam {String} token Token of the session, used to verify the session when making other requests.
+ * @apiParam {String} ip The ip.
+ * @apiParam {String} creationDate The creationDate.
+ * @apiParam {String} expirationDate The expirationDate.
+ */

 class SessionCookie extends DataStore {
    const TABLE = 'sessioncookie';

    public static function getProps() {
        return array (
+            'isStaff',
+            'staff',
            'user',
            'token',
            'ip',