fixes derived key reissue (#276)

deso-protocol · Sep 22, 2023 · ae896e4 · ae896e4
1 parent 30c77c0
commit ae896e4
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 0 deletions.
diff --git a/src/app/app.component.ts b/src/app/app.component.ts
@@ -66,6 +66,17 @@ export class AppComponent implements OnInit {
       this.globalVars.getFreeDeso = true;
     }
 
+    const authenticatedUsers = new Set(
+      params.get('authenticatedUsers')?.split(',') ?? []
+    );
+    if (authenticatedUsers.size > 0) {
+      this.globalVars.authenticatedUsers = authenticatedUsers;
+    }
+
+    if (params.get('subAccounts') === 'true') {
+      this.globalVars.subAccounts = true;
+    }
+
     // Callback should only be used in mobile applications, where payload is passed through URL parameters.
     const callback = params.get('callback') || stateParamsFromGoogle.callback;
     if (callback) {

diff --git a/src/app/derive/derive.component.ts b/src/app/derive/derive.component.ts
@@ -193,6 +193,19 @@ export class DeriveComponent implements OnInit {
           });
           return;
         }
+
+        // If this user has already approved a derived key for login, then we can just log them in
+        // without approval.
+        if (this.globalVars.authenticatedUsers.has(publicKey)) {
+          this.identityService.login({
+            users: this.accountService.getEncryptedUsers(),
+            publicKeyAdded: publicKey,
+          });
+
+          return;
+        }
+
+        // Otherwise, setting the public key will trigger the approval UI to show.
         this.publicKeyBase58Check = publicKey;
       });
   }

diff --git a/src/app/global-vars.service.ts b/src/app/global-vars.service.ts
@@ -62,6 +62,21 @@ export class GlobalVarsService {
    */
   showSkip: boolean = false;
 
+  /**
+   * Flag used to gate the new subAccounts functionality. After some sunset
+   * period (TBD), we can remove this flag and make this the default behavior.
+   */
+  subAccounts: boolean = false;
+
+  /**
+   * Set of public keys that have been authenticated by the calling application.
+   * This is used as a hint to decide whether to show the derived key approval
+   * UI or not after the user selects an account to login with. If the account
+   * they select is provided in this set, then we skip the approval UI and issue
+   * a plain login payload.
+   */
+  authenticatedUsers: Set<string> = new Set();
+
   isFullAccessHostname(): boolean {
     return GlobalVarsService.fullAccessHostnames.includes(this.hostname);
   }