From b5dfaff29277e087fe58e165a63d90292dbdb9fd Mon Sep 17 00:00:00 2001
From: Anthony Lapenna <lapenna.anthony@gmail.com>
Date: Tue, 23 Oct 2018 17:28:59 +1300
Subject: [PATCH] refactor(app): refactor unauthenticated state management
 (#2393)

* refactor(app): refactor Authentication service

* refactor(app): refactor unauthenticated state management
---
 app/app.js                               |  8 ++-
 app/config.js                            |  3 -
 app/portainer/services/authentication.js | 90 ++++++++++++++----------
 3 files changed, 59 insertions(+), 42 deletions(-)

diff --git a/app/app.js b/app/app.js
index a32633fe2..3c54bc3bf 100644
--- a/app/app.js
+++ b/app/app.js
@@ -37,9 +37,13 @@ function ($rootScope, $state, Authentication, authManager, StateManager, Endpoin
 
 function initAuthentication(authManager, Authentication, $rootScope, $state) {
   authManager.checkAuthOnRefresh();
-  authManager.redirectWhenUnauthenticated();
   Authentication.init();
-  $rootScope.$on('tokenHasExpired', function() {
+
+  // The unauthenticated event is broadcasted by the jwtInterceptor when
+  // hitting a 401. We're using this instead of the usual combination of
+  // authManager.redirectWhenUnauthenticated() + unauthenticatedRedirector
+  // to have more controls on which URL should trigger the unauthenticated state.
+  $rootScope.$on('unauthenticated', function () {
     $state.go('portainer.auth', {error: 'Your session has expired'});
   });
 }
diff --git a/app/config.js b/app/config.js
index 8e3366856..4cdd7fa8c 100644
--- a/app/config.js
+++ b/app/config.js
@@ -14,9 +14,6 @@ angular.module('portainer')
     jwtOptionsProvider.config({
       tokenGetter: ['LocalStorage', function(LocalStorage) {
         return LocalStorage.getJWT();
-      }],
-      unauthenticatedRedirector: ['$state', function($state) {
-        $state.go('portainer.auth', {error: 'Your session has expired'});
       }]
     });
     $httpProvider.interceptors.push('jwtInterceptor');
diff --git a/app/portainer/services/authentication.js b/app/portainer/services/authentication.js
index e0fb48cc1..0e9f19a93 100644
--- a/app/portainer/services/authentication.js
+++ b/app/portainer/services/authentication.js
@@ -2,43 +2,59 @@ angular.module('portainer.app')
 .factory('Authentication', ['$q', 'Auth', 'jwtHelper', 'LocalStorage', 'StateManager', 'EndpointProvider', function AuthenticationFactory($q, Auth, jwtHelper, LocalStorage, StateManager, EndpointProvider) {
   'use strict';
 
+  var service = {};
   var user = {};
-  return {
-    init: function() {
-      var jwt = LocalStorage.getJWT();
-      if (jwt) {
-        var tokenPayload = jwtHelper.decodeToken(jwt);
-        user.username = tokenPayload.username;
-        user.ID = tokenPayload.id;
-        user.role = tokenPayload.role;
-      }
-    },
-    login: function(username, password) {
-      return $q(function (resolve, reject) {
-        Auth.login({username: username, password: password}).$promise
-        .then(function(data) {
-          LocalStorage.storeJWT(data.jwt);
-          var tokenPayload = jwtHelper.decodeToken(data.jwt);
-          user.username = username;
-          user.ID = tokenPayload.id;
-          user.role = tokenPayload.role;
-          resolve();
-        }, function() {
-          reject();
-        });
-      });
-    },
-    logout: function() {
-      StateManager.clean();
-      EndpointProvider.clean();
-      LocalStorage.clean();
-    },
-    isAuthenticated: function() {
-      var jwt = LocalStorage.getJWT();
-      return jwt && !jwtHelper.isTokenExpired(jwt);
-    },
-    getUserDetails: function() {
-      return user;
+
+  service.init = init;
+  service.login = login;
+  service.logout = logout;
+  service.isAuthenticated = isAuthenticated;
+  service.getUserDetails = getUserDetails;
+
+  function init() {
+    var jwt = LocalStorage.getJWT();
+
+    if (jwt) {
+      var tokenPayload = jwtHelper.decodeToken(jwt);
+      user.username = tokenPayload.username;
+      user.ID = tokenPayload.id;
+      user.role = tokenPayload.role;
     }
-  };
+  }
+
+  function login(username, password) {
+    var deferred = $q.defer();
+
+    Auth.login({username: username, password: password}).$promise
+    .then(function success(data) {
+      LocalStorage.storeJWT(data.jwt);
+      var tokenPayload = jwtHelper.decodeToken(data.jwt);
+      user.username = username;
+      user.ID = tokenPayload.id;
+      user.role = tokenPayload.role;
+      deferred.resolve();
+    })
+    .catch(function error() {
+      deferred.reject();
+    });
+
+    return deferred.promise;
+  }
+
+  function logout() {
+    StateManager.clean();
+    EndpointProvider.clean();
+    LocalStorage.clean();
+  }
+
+  function isAuthenticated() {
+    var jwt = LocalStorage.getJWT();
+    return jwt && !jwtHelper.isTokenExpired(jwt);
+  }
+
+  function getUserDetails() {
+    return user;
+  }
+
+  return service;
 }]);