Change to base64 password header

2021-07-23 18:15:32 +03:00 · 2021-07-23 18:15:32 +03:00 · 8522f8b219
parent c324e07eb8
commit 8522f8b219
9 changed files with 23 additions and 21 deletions
--- a/assets/images/logo.png
+++ b/assets/images/logo.png
--- a/lib/constants.dart
+++ b/lib/constants.dart
@ -137,7 +137,6 @@ const int kMillisecondsToRefreshData = 1000 * 60 * 15; // 15 minutes
 const int kUpdatedAtBufferSeconds = 600;
 const int kMillisecondsToRefreshActivities = 1000 * 60 * 60 * 24; // 1 day
 const int kMillisecondsToRefreshStaticData = 1000 * 60 * 60 * 24; // 1 day
-const int kMillisecondsToReenterPassword = 1000 * 60 * 30; // 30 minutes
 const int kMillisecondsToDebounceUpdate = 500; // .5 second
 const int kMillisecondsToDebounceSave = 1500; // 1.5 seconds

--- a/lib/data/web_client.dart
+++ b/lib/data/web_client.dart
@ -208,7 +208,7 @@ Map<String, String> _getHeaders(
  }

  if ((password ?? '').isNotEmpty) {
-    headers['X-API-PASSWORD'] = password;
+    headers['X-API-PASSWORD-BASE64'] = base64Encode(utf8.encode(password));
  }

  return headers;
--- a/lib/redux/app/app_state.dart
+++ b/lib/redux/app/app_state.dart
@ -1,6 +1,7 @@
 import 'dart:io';
 import 'dart:ui';

+import 'package:invoiceninja_flutter/.env.dart';
 import 'package:built_collection/built_collection.dart';
 import 'package:built_value/built_value.dart';
 import 'package:built_value/serializer.dart';
@ -819,6 +820,21 @@ abstract class AppState implements Built<AppState, AppStateBuilder> {
    return isFullScreen;
  }

+  bool get hasRecentlyEnteredPassword {
+    if (Config.DEMO_MODE) {
+      return true;
+    }
+
+    if (authState.lastEnteredPasswordAt == 0) {
+      return false;
+    }
+
+    final millisecondsSinceEnteredPassword =
+        DateTime.now().millisecondsSinceEpoch - authState.lastEnteredPasswordAt;
+
+    return millisecondsSinceEnteredPassword < company.passwordTimeout;
+  }
+
  @override
  String toString() {
    final companyUpdated = userCompanyState.lastUpdated == null ||
@ -865,7 +881,7 @@ abstract class AppState implements Built<AppState, AppStateBuilder> {
        '\nis Large: ${(company?.isLarge ?? false) ? 'Yes' : 'No'}'
        '\nCompany: $companyUpdated${userCompanyState.isStale ? ' [S]' : ''}'
        '\nStatic: $staticUpdated${staticState.isStale ? ' [S]' : ''}'
-        '\nPassword: $passwordUpdated${authState.hasRecentlyEnteredPassword ? '' : ' [S]'}'
+        '\nPassword: $passwordUpdated${hasRecentlyEnteredPassword ? '' : ' [S]'}'
        '\n';
  }
 }
--- a/lib/redux/auth/auth_state.dart
+++ b/lib/redux/auth/auth_state.dart
@ -2,7 +2,6 @@ import 'package:built_value/built_value.dart';
 import 'package:built_value/serializer.dart';
 import 'package:invoiceninja_flutter/constants.dart';
 import 'package:invoiceninja_flutter/utils/formatting.dart';
-import 'package:invoiceninja_flutter/.env.dart';

 part 'auth_state.g.dart';

@ -39,19 +38,6 @@ abstract class AuthState implements Built<AuthState, AuthStateBuilder> {

  int get lastEnteredPasswordAt;

-  bool get hasRecentlyEnteredPassword {
-    if (Config.DEMO_MODE) {
-      return true;
-    }
-
-    if (lastEnteredPasswordAt == 0) {
-      return false;
-    }
-
-    return DateTime.now().millisecondsSinceEpoch - lastEnteredPasswordAt <
-        kMillisecondsToReenterPassword;
-  }
-
  bool get isHosted {
    final cleanUrl = cleanApiUrl(url);

--- a/lib/ui/auth/login_view.dart
+++ b/lib/ui/auth/login_view.dart
@ -291,11 +291,10 @@ class _LoginState extends State<LoginView> {
        ScrollableListView(
          children: <Widget>[
            Padding(
-              padding: EdgeInsets.only(top: 20.0, bottom: 20.0),
+              padding: EdgeInsets.only(top: 25, bottom: 15),
              child: Center(
                child: InkWell(
-                  child: Image.asset('assets/images/icon.png',
-                      width: 100, height: 100),
+                  child: Image.asset('assets/images/logo.png', height: 66),
                  onTap: isApple()
                      ? null
                      : () {
--- a/lib/utils/dialogs.dart
+++ b/lib/utils/dialogs.dart
@ -146,7 +146,7 @@ void passwordCallback({
  bool skipOAuth = false,
 }) {
  final state = StoreProvider.of<AppState>(context).state;
-  if (state.authState.hasRecentlyEnteredPassword && !alwaysRequire) {
+  if (state.hasRecentlyEnteredPassword && !alwaysRequire) {
    callback(null, null);
    return;
  } else if (!state.user.hasPassword && skipOAuth) {
--- a/pubspec.foss.yaml
+++ b/pubspec.foss.yaml
@ -85,5 +85,6 @@ flutter:

  assets:
    - assets/images/icon.png
+    - assets/images/logo.png
    - assets/images/google-icon.png
    - assets/images/payment_types/
--- a/pubspec.yaml
+++ b/pubspec.yaml
@ -104,5 +104,6 @@ flutter:

  assets:
    - assets/images/icon.png
+    - assets/images/logo.png
    - assets/images/google-icon.png
    - assets/images/payment_types/