From d8457441e30d05ddfc45ac8b6500b9266048b273 Mon Sep 17 00:00:00 2001 From: Frieder Schrempf Date: Fri, 5 Apr 2024 11:04:49 +0200 Subject: [PATCH] Check if cookie expired when doing CT API login Otherwise we might use an expired cookie which causes unauthenticated API requests and therefore incomplete data to be returned. --- package-lock.json | 14 ++++++++++++++ package.json | 1 + src/ctconnection.js | 15 ++++++++++++--- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index b8f3d3e..edac37f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,6 +10,7 @@ "license": "GPL-3.0-or-later", "dependencies": { "axios": "^0.21.4", + "cookie": "^0.6.0", "ldap-escape": "^2.0.5", "ldap-filter": "^0.3.3", "ldapjs": "^2.3.1", @@ -557,6 +558,14 @@ "dev": true, "license": "MIT" }, + "node_modules/cookie": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/core-util-is": { "version": "1.0.2", "license": "MIT" @@ -3359,6 +3368,11 @@ "version": "1.0.11", "dev": true }, + "cookie": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==" + }, "core-util-is": { "version": "1.0.2" }, diff --git a/package.json b/package.json index 035ac8e..65ec5d0 100644 --- a/package.json +++ b/package.json @@ -24,6 +24,7 @@ }, "dependencies": { "axios": "^0.21.4", + "cookie": "^0.6.0", "ldap-escape": "^2.0.5", "ldap-filter": "^0.3.3", "ldapjs": "^2.3.1", diff --git a/src/ctconnection.js b/src/ctconnection.js index a17c684..aba4025 100644 --- a/src/ctconnection.js +++ b/src/ctconnection.js @@ -1,4 +1,5 @@ const axiosReal = require('axios').default; +const cookie = require('cookie'); const log = require('./logging'); const c = require('./constants'); const ctapi = require('./ctapi'); @@ -44,12 +45,12 @@ exports.infoReal = async (baseurl) => { return ctapi.request(request); }; -exports.getCsrfTokenReal = async (baseurl, cookie) => { +exports.getCsrfTokenReal = async (baseurl, ck) => { const request = { method: 'get', url: baseurl + c.API_SLUG + c.CSRF_AP, headers: { - Cookie: cookie, + Cookie: ck, }, json: true, }; @@ -60,6 +61,14 @@ let getCsrfToken = this.getCsrfTokenReal; const getCookie = (result) => result.headers['set-cookie'][0]; +const cookieIsValid = (ck) => { + const parsed = cookie.parse(ck); + const expires = Date.parse(parsed.expires); + if (expires > Date.now()) return true; + log.info('Cookie expired'); + return false; +}; + const getLoginRequest = (baseurl, user, password) => ({ method: 'post', url: baseurl + c.API_SLUG + c.LOGIN_AP, @@ -129,7 +138,7 @@ exports.getPromiseReal = async (url, site) => { while (retryWithAuth) { retryWithAuth = false; try { - if (!this.isConnected(site.name)) { + if (!this.isConnected(site.name) || !cookieIsValid(conn.cookie)) { log.debug('Try again to log in'); await this.login(site); }