accounts-frontend/src/components/accounts/actions.js

import { browserHistory } from 'services/history';

import { sessionStorage } from 'services/localStorage';
import authentication from 'services/api/authentication';
import { updateUser, setGuest } from 'components/user/actions';
import { setLocale } from 'components/i18n/actions';
import { setAccountSwitcher } from 'components/auth/actions';
import logger from 'services/logger';
import { InternalServerError } from 'services/request';

import {
    add,
    remove,
    activate,
    reset,
    updateToken
} from 'components/accounts/actions/pure-actions';

export { updateToken };

/**
 * @typedef {object} Account
 * @property {string} id
 * @property {string} username
 * @property {string} email
 * @property {string} token
 * @property {string} refreshToken
 */

/**
 * @param {Account|object} account
 * @param {string} account.token
 * @param {string} account.refreshToken
 *
 * @return {function}
 */
export function authenticate({token, refreshToken}) {
    return (dispatch, getState) =>
        authentication.validateToken({token, refreshToken})
            .catch((resp = {}) => {
                if (resp instanceof InternalServerError) {
                    // delegate error recovering to the later logic
                    return Promise.reject(resp);
                }

                logger.warn('Error validating token during auth', {
                    resp
                });

                return dispatch(logoutAll())
                    .then(() => Promise.reject(resp));
            })
            .then(({token, refreshToken, user}) => ({
                user: {
                    isGuest: false,
                    ...user
                },
                account: {
                    id: user.id,
                    username: user.username,
                    email: user.email,
                    token,
                    refreshToken
                }
            }))
            .then(({user, account}) => {
                const {auth} = getState();

                dispatch(add(account));
                dispatch(activate(account));
                dispatch(updateUser(user));

                // TODO: probably should be moved from here, because it is a side effect
                logger.setUser(user);

                if (!account.refreshToken) {
                    // mark user as stranger (user does not want us to remember his account)
                    sessionStorage.setItem(`stranger${account.id}`, 1);
                }

                if (auth && auth.oauth && auth.oauth.clientId) {
                    // if we authenticating during oauth, we disable account chooser
                    // because user probably has made his choise now
                    // this may happen, when user registers, logs in or uses account
                    // chooser panel during oauth
                    dispatch(setAccountSwitcher(false));
                }

                return dispatch(setLocale(user.lang))
                    .then(() => account);
            });
}

/**
 * Remove one account from current user's account list
 *
 * @param {Account} account
 *
 * @return {function}
 */
export function revoke(account) {
    return (dispatch, getState) => {
        const accountToReplace = getState().accounts.available.find(({id}) => id !== account.id);

        if (accountToReplace) {
            return dispatch(authenticate(accountToReplace))
                .then(() => {
                    authentication.logout(account);
                    dispatch(remove(account));
                });
        }

        return dispatch(logoutAll());
    };
}

export function logoutAll() {
    return (dispatch, getState) => {
        dispatch(setGuest());

        const {accounts: {available}} = getState();

        available.forEach((account) => authentication.logout(account));

        dispatch(reset());

        browserHistory.push('/login');

        return Promise.resolve();
    };
}

/**
 * Logouts accounts, that was marked as "do not remember me"
 *
 * We detecting foreign accounts by the absence of refreshToken. The account
 * won't be removed, until key `stranger${account.id}` is present in sessionStorage
 *
 * @return {function}
 */
export function logoutStrangers() {
    return (dispatch, getState) => {
        const {accounts: {available, active}} = getState();

        const isStranger = ({refreshToken, id}) => !refreshToken && !sessionStorage.getItem(`stranger${id}`);

        if (available.some(isStranger)) {
            const accountToReplace = available.filter((account) => !isStranger(account))[0];

            if (accountToReplace) {
                available.filter(isStranger)
                    .forEach((account) => {
                        dispatch(remove(account));
                        authentication.logout(account);
                    });

                if (isStranger(active)) {
                    return dispatch(authenticate(accountToReplace));
                }
            } else {
                return dispatch(logoutAll());
            }
        }

        return Promise.resolve();
    };
}
#85: updated to react router 4 and migrated code to support a new api 2017-05-26 00:41:57 +05:30			`import { browserHistory } from 'services/history';`
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30
Fix linting errors 2017-04-12 00:55:27 +05:30			`import { sessionStorage } from 'services/localStorage';`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`import authentication from 'services/api/authentication';`
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30			`import { updateUser, setGuest } from 'components/user/actions';`
#48: integrate accounts with app 2016-11-05 15:41:41 +05:30			`import { setLocale } from 'components/i18n/actions';`
#245: add register link to account chooser auth panel 2017-01-31 11:35:36 +05:30			`import { setAccountSwitcher } from 'components/auth/actions';`
#169: forntend logging. Sentry integration 2016-12-07 02:36:45 +05:30			`import logger from 'services/logger';`
#303: properly handling json and request errors. Added InternalServerError 2017-02-26 17:10:07 +05:30			`import { InternalServerError } from 'services/request';`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30
Decouple pure and private accounts actions from async actions. 2017-01-27 11:59:20 +05:30			`import {`
			`add,`
			`remove,`
			`activate,`
			`reset,`
			`updateToken`
			`} from 'components/accounts/actions/pure-actions';`

			`export { updateToken };`

#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`/**`
			`* @typedef {object} Account`
#246: remove User class in favor of plain object in reducer 2017-01-12 11:42:56 +05:30			`* @property {string} id`
			`* @property {string} username`
			`* @property {string} email`
			`* @property {string} token`
			`* @property {string} refreshToken`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*/`

			`/**`
			`* @param {Account\|object} account`
			`* @param {string} account.token`
			`* @param {string} account.refreshToken`
#48: fix the bug, whent account.current was requested without disabling refreshToken middleware 2016-11-08 12:00:53 +05:30			`*`
			`* @return {function}`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*/`
			`export function authenticate({token, refreshToken}) {`
#245: add register link to account chooser auth panel 2017-01-31 11:35:36 +05:30			`return (dispatch, getState) =>`
#48: fix the bug, whent account.current was requested without disabling refreshToken middleware 2016-11-08 12:00:53 +05:30			`authentication.validateToken({token, refreshToken})`
#303: do not logout user if 5xx during authentication 2017-02-24 11:20:32 +05:30			`.catch((resp = {}) => {`
#303: properly handling json and request errors. Added InternalServerError 2017-02-26 17:10:07 +05:30			`if (resp instanceof InternalServerError) {`
#303: do not logout user if 5xx during authentication 2017-02-24 11:20:32 +05:30			`// delegate error recovering to the later logic`
			`return Promise.reject(resp);`
			`}`

#246: remove redundant /current calls during account authentication 2017-01-06 11:34:14 +05:30			`logger.warn('Error validating token during auth', {`
			`resp`
			`});`
Propper error handling, when initial user auth failed 2016-11-20 15:06:15 +05:30
#246: remove redundant /current calls during account authentication 2017-01-06 11:34:14 +05:30			`return dispatch(logoutAll())`
#303: do not logout user if 5xx during authentication 2017-02-24 11:20:32 +05:30			`.then(() => Promise.reject(resp));`
Propper error handling, when initial user auth failed 2016-11-20 15:06:15 +05:30			`})`
#246: remove redundant /current calls during account authentication 2017-01-06 11:34:14 +05:30			`.then(({token, refreshToken, user}) => ({`
			`user: {`
			`isGuest: false,`
			`...user`
			`},`
			`account: {`
			`id: user.id,`
			`username: user.username,`
			`email: user.email,`
			`token,`
			`refreshToken`
			`}`
			`}))`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`.then(({user, account}) => {`
#245: add register link to account chooser auth panel 2017-01-31 11:35:36 +05:30			`const {auth} = getState();`

#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`dispatch(add(account));`
			`dispatch(activate(account));`
#169: forntend logging. Sentry integration 2016-12-07 02:36:45 +05:30			`dispatch(updateUser(user));`

			`// TODO: probably should be moved from here, because it is a side effect`
			`logger.setUser(user);`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30			`if (!account.refreshToken) {`
			`// mark user as stranger (user does not want us to remember his account)`
			sessionStorage.setItem(`stranger${account.id}`, 1);
			`}`

#245: add register link to account chooser auth panel 2017-01-31 11:35:36 +05:30			`if (auth && auth.oauth && auth.oauth.clientId) {`
			`// if we authenticating during oauth, we disable account chooser`
			`// because user probably has made his choise now`
			`// this may happen, when user registers, logs in or uses account`
			`// chooser panel during oauth`
			`dispatch(setAccountSwitcher(false));`
			`}`

#48: integrate accounts with app 2016-11-05 15:41:41 +05:30			`return dispatch(setLocale(user.lang))`
			`.then(() => account);`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`});`
			`}`

			`/**`
Decouple pure and private accounts actions from async actions. 2017-01-27 11:59:20 +05:30			`* Remove one account from current user's account list`
			`*`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`* @param {Account} account`
#48: fix the bug, whent account.current was requested without disabling refreshToken middleware 2016-11-08 12:00:53 +05:30			`*`
			`* @return {function}`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`*/`
			`export function revoke(account) {`
			`return (dispatch, getState) => {`
#48: add/remove accounts from account switcher. Allow authorized users to log in into another account 2016-11-13 02:01:44 +05:30			`const accountToReplace = getState().accounts.available.find(({id}) => id !== account.id);`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30
#48: add/remove accounts from account switcher. Allow authorized users to log in into another account 2016-11-13 02:01:44 +05:30			`if (accountToReplace) {`
			`return dispatch(authenticate(accountToReplace))`
#48: call authentication.logout for each revoked account 2016-11-15 11:25:15 +05:30			`.then(() => {`
			`authentication.logout(account);`
			`dispatch(remove(account));`
			`});`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`}`
#48: fix the bug, whent account.current was requested without disabling refreshToken middleware 2016-11-08 12:00:53 +05:30
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30			`return dispatch(logoutAll());`
#48: initial logic for multy-accounts actions 2016-10-30 17:42:49 +05:30			`};`
			`}`

#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30			`export function logoutAll() {`
			`return (dispatch, getState) => {`
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30			`dispatch(setGuest());`

#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30			`const {accounts: {available}} = getState();`

			`available.forEach((account) => authentication.logout(account));`

			`dispatch(reset());`
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30
#85: drop react-router-redux dependency 2017-05-09 01:04:50 +05:30			`browserHistory.push('/login');`
#246: remove logout from user/actions. Use logoutAll from account/actions everywhere 2017-01-04 11:22:46 +05:30
			`return Promise.resolve();`
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30			`};`
			`}`

			`/**`
			`* Logouts accounts, that was marked as "do not remember me"`
			`*`
			`* We detecting foreign accounts by the absence of refreshToken. The account`
			* won't be removed, until key `stranger${account.id}` is present in sessionStorage
			`*`
			`* @return {function}`
			`*/`
			`export function logoutStrangers() {`
			`return (dispatch, getState) => {`
#246: fixed bug, when active account reset to the first one after page refresh. removed authenticate call, when there are no strangers to logout on app startup. 2017-01-12 10:59:39 +05:30			`const {accounts: {available, active}} = getState();`
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30
			const isStranger = ({refreshToken, id}) => !refreshToken && !sessionStorage.getItem(`stranger${id}`);

#246: fixed bug, when active account reset to the first one after page refresh. removed authenticate call, when there are no strangers to logout on app startup. 2017-01-12 10:59:39 +05:30			`if (available.some(isStranger)) {`
			`const accountToReplace = available.filter((account) => !isStranger(account))[0];`
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30
#246: fixed bug, when active account reset to the first one after page refresh. removed authenticate call, when there are no strangers to logout on app startup. 2017-01-12 10:59:39 +05:30			`if (accountToReplace) {`
			`available.filter(isStranger)`
			`.forEach((account) => {`
			`dispatch(remove(account));`
			`authentication.logout(account);`
			`});`
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30
#246: fixed bug, when active account reset to the first one after page refresh. removed authenticate call, when there are no strangers to logout on app startup. 2017-01-12 10:59:39 +05:30			`if (isStranger(active)) {`
			`return dispatch(authenticate(accountToReplace));`
			`}`
			`} else {`
			`return dispatch(logoutAll());`
			`}`
#232: fix remember me logic on frontend 2016-12-06 00:44:38 +05:30			`}`

			`return Promise.resolve();`
			`};`
			`}`