tsai
/
squidex
mirror of https://github.com/Squidex/squidex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Headless CMS and Content Managment Hub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4768 Commits
10 Branches
150 Tags
122 MiB
 
 
 
 
 
Tree: 621d53322f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '621d53322f'
${ noResults }
squidex/frontend/app/shared/interceptors/auth.interceptor.ts

75 lines
2.7 KiB
Raw Blame History

/*
* Squidex Headless CMS
*
* @license
* Copyright (c) Squidex UG (haftungsbeschränkt). All rights reserved.
*/
import { HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Router } from '@angular/router';
import { ApiUrlConfig, ErrorDto } from '@app/framework';
import { EMPTY, Observable, throwError } from 'rxjs';
import { catchError, switchMap, take } from 'rxjs/operators';
import { AuthService, Profile } from './../services/auth.service';
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
private readonly baseUrl: string;
constructor(apiUrlConfig: ApiUrlConfig,
private readonly authService: AuthService,
private readonly router: Router,
) {
this.baseUrl = apiUrlConfig.buildUrl('');
}
public intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
if (req.url.indexOf(this.baseUrl) === 0 && !req.headers.has('NoAuth')) {
return this.authService.userChanges.pipe(
take(1),
switchMap(user => {
return this.makeRequest(req, next, user, true);
}));
} else {
return next.handle(req);
}
}
private makeRequest(req: HttpRequest<any>, next: HttpHandler, user: Profile | null, renew = false): Observable<HttpEvent<any>> {
const token = user?.authorization || '';
req = req.clone({
headers: req.headers
.set('Authorization', token)
.set('Pragma', 'no-cache'),
});
return next.handle(req).pipe(
catchError((error: HttpErrorResponse) => {
if (error.status === 401 && renew) {
return this.authService.loginSilent().pipe(
catchError(() => {
this.authService.logoutRedirect();
return EMPTY;
}),
switchMap(u => this.makeRequest(req, next, u)));
} else if (error.status === 401 || error.status === 403) {
if (req.method === 'GET') {
if (error.status === 401) {
this.authService.logoutRedirect();
} else {
this.router.navigate(['/forbidden'], { replaceUrl: true });
}
return EMPTY;
} else {
return throwError(() => new ErrorDto(403, 'i18n:common.errorNoPermission'));
}
}
return throwError(() => error);
}));
}
}