Skip to content

migrate from local storage to cookies for jwt token#1875

Closed
adarshm11 wants to merge 16 commits into
devfrom
Adarsh/jwt-cookies
Closed

migrate from local storage to cookies for jwt token#1875
adarshm11 wants to merge 16 commits into
devfrom
Adarsh/jwt-cookies

Conversation

@adarshm11

Copy link
Copy Markdown
Contributor

addresses issue #1788

now we don't have local storage of jwtToken, only cookies!!!

Comment thread src/Components/Navbar/AdminNavbar.js Outdated
function handleLogout() {
setAuthenticated(false);
cookies.remove('jwtToken');
window.localStorage.removeItem('jwtToken');

@joshua-demo joshua-demo Aug 5, 2025

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove local storage line

Comment thread src/Components/Navbar/NavBarWrapper.js Outdated
setAuthenticated(false);
setUser({});
cookies.remove('jwtToken');
window.localStorage.removeItem('jwtToken');

@joshua-demo joshua-demo Aug 5, 2025

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove local storage line

Comment thread src/Pages/Login/Login.js Outdated
if (!loginStatus.error) {
setAuthenticated(true);
window.localStorage.setItem('jwtToken', loginStatus.token);
cookies.set('jwtToken', loginStatus.token); // expire cookie after 1 week

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There should be more settings we add here, like https only if we are in prod and same site secure

Comment thread src/Pages/Login/Login.js Outdated
if (!loginStatus.error) {
setAuthenticated(true);
window.localStorage.setItem('jwtToken', loginStatus.token);
cookies.set('jwtToken', loginStatus.token); // expire cookie after 1 week

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There should be more settings we add here, like https only if we are in prod and same site secure

adarshm11 and others added 15 commits August 5, 2025 20:05
* created button for expiration w/ no logic rn

* fixed conflict

* set expiration

* frontend core-v4 no longer fails with expiration button

* enabed led sign in config.json

* added sign_message class

* changed 'cancel' button to 'hide'

* made expiration button disappear when pressed and set expiration to null when updated without expiration

* polishing ui of expiration inputs

* made the expiration button ui look good on pc and mobile :D - char & tiffany

* added condition for expiration that is in the past

* i was in room 2 wbu

* made led sign page send expiration date in utc

* and thats the internship

* lint

* remove src/Pages/LedSign/sign_message.py

* undo button classname change

* separate variable

* why not await

* npx mocha test/api/LedSign.js

---------

Co-authored-by: Tyffoni <tyffoni@gmail.com>
Co-authored-by: evan <evanuxd@gmail.com>
* Added door code to profile View

* Update Profile.js
* printer now rejects expired sessions

* fix lint
* combine decodeTokenFromBodyOrQuery into decodeToken

* fixed misreference

* optimize logic for member access level

* fixed bug with decodeToken

* refactor decodeToken to handle unauthorized, forbidden, ok

* global use of decodeToken only

* tests pass, lint wont

* all green (?)

* remove commented out code, undo stray diff

* how safe are the user related apis

* specify access level for some apis

* const { membershipState } = require('../../../src/Enums.js');

---------

Co-authored-by: evan <evanuxd@gmail.com>
adarsh sux he typed that comment
* Add edit alias functionality for OfficeAccessCard (#1900)

- Implemented a new endpoint to edit card aliases, including validation for input.
- Updated the OfficeAccessCard utility to support alias editing.
- Enhanced the CardReader component to allow users to edit card aliases directly in the UI.
- Added corresponding tests to ensure proper functionality and error handling for the new feature.
- Introduced a new audit log action for alias edits.

* fixed lint issues

* fixed issues with edit alias

* fixed input re-sizing

* fix token decoding for office cards

* fix failing test

* separate frontend changes

* Add edit alias functionality for OfficeAccessCard (#1900)

- Implemented a new endpoint to edit card aliases, including validation for input.
- Updated the OfficeAccessCard utility to support alias editing.
- Enhanced the CardReader component to allow users to edit card aliases directly in the UI.
- Added corresponding tests to ensure proper functionality and error handling for the new feature.
- Introduced a new audit log action for alias edits.

* fixed lint issues

* fixed issues with edit alias

* fixed input re-sizing

* fix token decoding for office cards

* fix failing test

* separate frontend changes

* modify required checks for /edit

* addressed requested changes

* try to fix failing test

* try to fix that failing test one more time

* remove this test cuz it wont work

* OfficeAccessCard editing - UI changes (#1935)

* Add edit alias functionality for OfficeAccessCard (#1900)

- Implemented a new endpoint to edit card aliases, including validation for input.
- Updated the OfficeAccessCard utility to support alias editing.
- Enhanced the CardReader component to allow users to edit card aliases directly in the UI.
- Added corresponding tests to ensure proper functionality and error handling for the new feature.
- Introduced a new audit log action for alias edits.

* fixed lint issues

* fixed issues with edit alias

* fixed input re-sizing

* fix token decoding for office cards

* fix failing test

* card reader frontend

* rebase

* undo diff

* fixed requested changes

* fixed requested changes

---------

Co-authored-by: DavidN016 <david.a.nguyen01@sjsu.edu>

---------

Co-authored-by: DavidN016 <david.a.nguyen01@sjsu.edu>
Co-authored-by: adarshm11 <amlearning2023@gmail.com>
Co-authored-by: adarsh <110150037+adarshm11@users.noreply.github.com>
@adarshm11 adarshm11 closed this Dec 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

8 participants