don't clear application lock when user token expired

2026-05-15 23:47:33 +08:00 · 2020-11-25 00:21:44 +08:00
parent f9f1774215
commit 2c72ce5f5c
7 changed files with 85 additions and 47 deletions
@@ -104,8 +104,8 @@ export default {
                self.$showLoading();

                self.$webauthn.registerCredential(
+                    self.$user.getUserAppLockState(),
                    self.$user.getUserInfo(),
-                    self.$user.getUserAppLockSecret(),
                ).then(({ id }) => {
                    self.$hideLoading();

@@ -160,7 +160,14 @@ export default {
                return;
            }

-            this.$user.encryptToken(pinCode);
+            const user = this.$user.getUserInfo();
+
+            if (!user || !user.username) {
+                this.$alert('An error has occurred');
+                return;
+            }
+
+            this.$user.encryptToken(user.username, pinCode);
            this.$settings.setEnableApplicationLock(true);
            this.isEnableApplicationLock = true;

@@ -185,10 +185,15 @@ export default {
                    return;
                }

-                if (self.$settings.isEnableApplicationLock()) {
-                    self.$settings.setEnableApplicationLock(false);
-                    self.$settings.setEnableApplicationLockWebAuthn(false);
-                    self.$user.clearWebAuthnConfig();
+                if (self.$settings.isEnableApplicationLock() || self.$user.getUserAppLockState()) {
+                    const appLockState = self.$user.getUserAppLockState();
+
+                    if (!appLockState || appLockState.username !== data.result.user.username) {
+                        self.$user.clearTokenAndUserInfo(true);
+                        self.$settings.setEnableApplicationLock(false);
+                        self.$settings.setEnableApplicationLockWebAuthn(false);
+                        self.$user.clearWebAuthnConfig();
+                    }
                }

                self.$user.updateTokenAndUserInfo(data.result);
@@ -264,10 +269,15 @@ export default {
                    return;
                }

-                if (self.$settings.isEnableApplicationLock()) {
-                    self.$settings.setEnableApplicationLock(false);
-                    self.$settings.setEnableApplicationLockWebAuthn(false);
-                    self.$user.clearWebAuthnConfig();
+                if (self.$settings.isEnableApplicationLock() || self.$user.getUserAppLockState()) {
+                    const appLockState = self.$user.getUserAppLockState();
+
+                    if (!appLockState || appLockState.username !== data.result.user.username) {
+                        self.$user.clearTokenAndUserInfo(true);
+                        self.$settings.setEnableApplicationLock(false);
+                        self.$settings.setEnableApplicationLockWebAuthn(false);
+                        self.$user.clearWebAuthnConfig();
+                    }
                }

                self.$user.updateTokenAndUserInfo(data.result);
@@ -184,7 +184,7 @@ export default {
                        return;
                    }

-                    self.$user.clearTokenAndUserInfo();
+                    self.$user.clearTokenAndUserInfo(true);
                    self.$user.clearWebAuthnConfig();
                    self.$exchangeRates.clearExchangeRates();
                    self.$settings.clearSettings();
@@ -53,10 +53,10 @@ export default {
            self.$webauthn.verifyCredential(
                self.$user.getUserInfo(),
                self.$user.getWebAuthnCredentialId()
-            ).then(({ id, userSecret }) => {
+            ).then(({ id, userName, userSecret }) => {
                self.$hideLoading();

-                self.$user.unlockTokenByWebAuthn(id, userSecret);
+                self.$user.unlockTokenByWebAuthn(id, userName, userSecret);
                self.$services.refreshToken();

                if (self.$settings.isAutoUpdateExchangeRatesData()) {
@@ -92,9 +92,15 @@ export default {
            }

            const router = this.$f7router;
+            const user = this.$user.getUserInfo();
+
+            if (!user || !user.username) {
+                this.$alert('An error has occurred');
+                return;
+            }

            try {
-                this.$user.unlockTokenByPinCode(this.pinCode);
+                this.$user.unlockTokenByPinCode(user.username, this.pinCode);
                this.$services.refreshToken();

                if (this.$settings.isAutoUpdateExchangeRatesData()) {
@@ -112,7 +118,7 @@ export default {
            const router = self.$f7router;

            self.$confirm('Are you sure you want to re-login?', () => {
-                self.$user.clearTokenAndUserInfo();
+                self.$user.clearTokenAndUserInfo(true);
                self.$user.clearWebAuthnConfig();
                self.$exchangeRates.clearExchangeRates();
                self.$settings.clearSettings();