🐛 Fix jwt permissions not signed

likecoin · Oct 29, 2024 · 1411098 · 1411098
1 parent d81556a
commit 1411098
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 8 deletions.
diff --git a/components/AppHeader.vue b/components/AppHeader.vue
@@ -178,7 +178,7 @@ export default class AppHeader extends Vue {
   @walletModule.Action('disconnectWallet') disconnectWallet!: () => void
   @walletModule.Action('openConnectWalletModal') openConnectWalletModal!: (params: { language: string, fullPath?: string }) => Promise<any>
   @walletModule.Action('initWallet') initWallet!: (params: { method: any, accounts: any, offlineSigner?: any }) => Promise<any>
-  @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise<any>
+  @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise<any>
   @walletModule.Getter('getWalletAddress') currentAddress!: string
   @walletModule.Getter('getSigner') signer!: any
   @bookApiModule.Getter('getSessionWallet') sessionWallet!: string
@@ -230,7 +230,10 @@ export default class AppHeader extends Vue {
       if (!this.currentAddress || !this.signer) {
         throw new Error('FAILED_TO_CONNECT_WALLET')
       }
-      const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS)
+      const signature = await this.signMessageMemo({
+        action: 'authorize',
+        permissions: SIGN_AUTHORIZATION_PERMISSIONS,
+      });
       if (!signature) {
         throw new Error('SIGNING_REJECTED')
       }

diff --git a/layouts/wallet.vue b/layouts/wallet.vue
@@ -42,7 +42,7 @@ export default class WalletLayout extends Vue {
   @walletModule.Action('disconnectWallet') disconnectWallet!: () => void
   @walletModule.Action('openConnectWalletModal') openConnectWalletModal!: (params: { language: string, fullPath?: string }) => Promise<any>
   @walletModule.Action('initWallet') initWallet!: (params: { method: any, accounts: any, offlineSigner?: any }) => Promise<any>
-  @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise<any>
+  @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise<any>
   @walletModule.Getter('getSigner') signer!: any
   @bookApiModule.Getter('getSessionWallet') sessionWallet!: string
   @bookApiModule.Action('restoreSession') restoreSession!: () => void
@@ -90,7 +90,10 @@ export default class WalletLayout extends Vue {
           if (!this.walletAddress || !this.signer) {
             throw new Error('FAILED_TO_CONNECT_WALLET')
           }
-          const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS)
+          const signature = await this.signMessageMemo({
+            action: 'authorize',
+            permissions: SIGN_AUTHORIZATION_PERMISSIONS,
+          });
           if (!signature) {
             throw new Error('SIGNING_REJECTED')
           }

diff --git a/pages/auth/redirect.vue b/pages/auth/redirect.vue
@@ -21,7 +21,7 @@ export default class RedirectPage extends Vue {
   @walletModule.Action('initWallet') initWallet!: (params: { method: any; accounts: any; offlineSigner?: any }) => Promise<any>
   @walletModule.Action('disconnectWallet') disconnectWallet!: () => void
   @walletModule.Action('handleConnectorRedirect') handleConnectorRedirect!: (params: { method: string; params: any }) => Promise<any>
-  @walletModule.Action('signMessageMemo') signMessageMemo!: (action: string, permissions?: string[]) => Promise<any>
+  @walletModule.Action('signMessageMemo') signMessageMemo!: (params: { action: string; permissions: string[] }) => Promise<any>
   @walletModule.Getter('getSigner') signer!: any
   @walletModule.Getter('getWalletAddress') currentAddress!: string
 
@@ -53,7 +53,10 @@ export default class RedirectPage extends Vue {
           if (!this.currentAddress || !this.signer) {
             throw new Error('FAILED_TO_CONNECT_WALLET')
           }
-          const signature = await this.signMessageMemo('authorize', SIGN_AUTHORIZATION_PERMISSIONS)
+          const signature = await this.signMessageMemo({
+            action: 'authorize',
+            permissions: SIGN_AUTHORIZATION_PERMISSIONS,
+          });
           if (!signature) {
             throw new Error('SIGNING_REJECTED')
           }

diff --git a/store/wallet.ts b/store/wallet.ts
@@ -219,7 +219,7 @@ export default class Wallet extends VuexModule {
   }
 
   @Action
-  async signMessageMemo(action: string, permissions?: string[]) {
+  async signMessageMemo({ action, permissions }: { action: string, permissions?: string[] }) {
     if (!this.signer || !this.address) {
       await this.initIfNecessary()
     }

diff --git a/utils/auth.ts b/utils/auth.ts
@@ -1,11 +1,17 @@
 import { jwtDecode } from "jwt-decode";
+import { SIGN_AUTHORIZATION_PERMISSIONS } from "~/constant";
 
 const AUTH_SESSION_KEY = 'likecoin_nft_book_press_token'
 
 export function checkJwtTokenValidity (token: string) {
   try {
     const decoded = jwtDecode(token);
-    return decoded?.exp && decoded.exp * 1000 > Date.now();
+    if (!decoded) {
+      return false;
+    }
+    const isExpired = decoded.exp && decoded.exp * 1000 < Date.now();
+    const isMatchPermissions = (decoded as any).permissions === SIGN_AUTHORIZATION_PERMISSIONS;
+    return !isExpired && isMatchPermissions;
   } catch (error) {
     console.error(error);
     return false;