From 8fb8cbdaf3f8331f2c64514f8df8b510511e8992 Mon Sep 17 00:00:00 2001 From: Andreas Brett Date: Tue, 26 Oct 2021 13:15:31 +0200 Subject: [PATCH] use auth0/jwt-decode --- package-lock.json | 11 +++++++++++ package.json | 1 + src/pages/Settings.vue | 5 +++-- src/util-frontend.js | 15 --------------- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/package-lock.json b/package-lock.json index 551504d75..9f4125291 100644 --- a/package-lock.json +++ b/package-lock.json @@ -33,6 +33,7 @@ "http-graceful-shutdown": "~3.1.4", "iconv-lite": "^0.6.3", "jsonwebtoken": "~8.5.1", + "jwt-decode": "^3.1.2", "limiter": "^2.1.0", "nodemailer": "~6.6.5", "notp": "~2.0.3", @@ -7846,6 +7847,11 @@ "safe-buffer": "^5.0.1" } }, + "node_modules/jwt-decode": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz", + "integrity": "sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==" + }, "node_modules/kind-of": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", @@ -18495,6 +18501,11 @@ "safe-buffer": "^5.0.1" } }, + "jwt-decode": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/jwt-decode/-/jwt-decode-3.1.2.tgz", + "integrity": "sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==" + }, "kind-of": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", diff --git a/package.json b/package.json index 4f3d32ea7..10ad4a08b 100644 --- a/package.json +++ b/package.json @@ -76,6 +76,7 @@ "http-graceful-shutdown": "~3.1.4", "iconv-lite": "^0.6.3", "jsonwebtoken": "~8.5.1", + "jwt-decode": "^3.1.2", "limiter": "^2.1.0", "nodemailer": "~6.6.5", "notp": "~2.0.3", diff --git a/src/pages/Settings.vue b/src/pages/Settings.vue index ba1e82cd3..93ac07a4e 100644 --- a/src/pages/Settings.vue +++ b/src/pages/Settings.vue @@ -414,10 +414,11 @@ import utc from "dayjs/plugin/utc"; import timezone from "dayjs/plugin/timezone"; import NotificationDialog from "../components/NotificationDialog.vue"; import TwoFADialog from "../components/TwoFADialog.vue"; +import jwt_decode from "jwt-decode"; dayjs.extend(utc); dayjs.extend(timezone); -import { timezoneList, setPageLocale, jwtDecrypt } from "../util-frontend"; +import { timezoneList, setPageLocale } from "../util-frontend"; import { useToast } from "vue-toastification"; const toast = useToast(); @@ -488,7 +489,7 @@ export default { loadUsername() { const jwtToken = this.$root.storage().token; - const jwtPayload = jwtDecrypt(jwtToken); + const jwtPayload = jwt_decode(jwtToken); this.username = jwtPayload.username; }, diff --git a/src/util-frontend.js b/src/util-frontend.js index 2412ced13..9094dda43 100644 --- a/src/util-frontend.js +++ b/src/util-frontend.js @@ -55,18 +55,3 @@ export function setPageLocale() { html.setAttribute('lang', currentLocale() ) html.setAttribute('dir', localeDirection() ) } - -export function jwtDecrypt(token) { - const base64Url = token.split(".")[1]; - const base64 = base64Url.replace(/-/g, "+").replace(/_/g, "/"); - const jsonPayload = decodeURIComponent( - atob(base64) - .split("") - .map(function(c) { - return "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2); - }) - .join("") - ); - - return JSON.parse(jsonPayload); -}