#85 universal login across locales - attempt

components/Account.vue

@@ -121,6 +121,14 @@
                 <T>user.deleteAccount</T>
             </a>
         </section>
+
+        <div>
+            <iframe v-for="domain in universalDomains"
+                    :src="`${domain}/api/user/init-universal/${$cookies.get('token')}`"
+                    style="width: 1px; height: 1px; opacity: .01"
+            >
+            </iframe>
+        </div>
     </section>
 </template>
 
@@ -152,6 +160,8 @@
                 gravatar,
 
                 captchaToken: null,
+
+                universalDomains: process.env.ALL_LOCALES_URLS.split(',').filter(x => x !== process.env.BASE_URL),
             }
         },
         async mounted() {

nuxt.config.js

@@ -1,6 +1,6 @@
 import { loadSuml } from './server/loader';
 import fs from 'fs';
-import {buildDict, buildLocaleList} from "./src/helpers";
+import {buildDict, buildList, buildLocaleList} from "./src/helpers";
 
 const config = loadSuml('config');
 const translations = loadSuml('translations');
@@ -14,6 +14,18 @@ const colour = '#C71585';
 
 process.env.LOCALE = locale;
 
+const allVersionsUrls = buildList(function*() {
+    if (process.env.NODE_ENV === 'development') {
+        yield 'http://pronouns.test:3000';
+        yield 'http://localhost:3000';
+    } else {
+        for (let loc in locales) {
+            yield locales[loc].url;
+        }
+    }
+});
+process.env.ALL_LOCALES_URLS = allVersionsUrls.join(',');
+
 const bodyParser = require('body-parser');
 
 const buildFlags = () => {
@@ -154,6 +166,7 @@ export default {
         BUCKET: `https://${process.env.AWS_S3_BUCKET}.s3-${process.env.AWS_REGION}.amazonaws.com`,
         STATS_FILE: process.env.STATS_FILE,
         HCAPTCHA_SITEKEY: process.env.HCAPTCHA_SITEKEY,
+        ALL_LOCALES_URLS: process.env.ALL_LOCALES_URLS,
     },
     serverMiddleware: ['~/server/no-ssr.js', '~/server/index.js'],
     axios: {

server/routes/user.js

@@ -467,4 +467,13 @@ router.post('/user/set-avatar', handleErrorAsync(async (req, res) => {
     return res.json({token: await issueAuthentication(req.db, req.user)});
 }));
 
+router.get('/user/init-universal/:token', handleErrorAsync(async (req, res) => {
+    if (!req.user) {
+        return res.json('Already logged in');
+    }
+
+    res.cookie('token', req.params.token, cookieSettings);
+    return res.json('Token saved');
+}));
+
 export default router;

src/jwt.js

@@ -11,7 +11,7 @@ class Jwt {
         return jwt.sign(payload, this.privateKey, {
             expiresIn,
             algorithm: 'RS256',
-            audience: process.env.BASE_URL,
+            audience: process.env.ALL_LOCALES_URLS.split(','),
             issuer: process.env.BASE_URL,
         });
     }
@@ -20,8 +20,8 @@ class Jwt {
         try {
             return jwt.verify(token, this.publicKey, {
                 algorithm: 'RS256',
-                audience: process.env.BASE_URL,
+                audience: process.env.ALL_LOCALES_URLS.split(','),
-                issuer: process.env.BASE_URL,
+                issuer: process.env.ALL_LOCALES_URLS.split(','),
             });
         } catch (e) {
             console.error(e);

store/index.js

@@ -18,10 +18,11 @@ export const mutations = {
         try {
             user = jwt.verify(token, process.env.PUBLIC_KEY, {
                 algorithm: 'RS256',
-                audience: process.env.BASE_URL,
+                audience: process.env.ALL_LOCALES_URLS.split(','),
-                issuer: process.env.BASE_URL,
+                issuer: process.env.ALL_LOCALES_URLS.split(','),
             });
-        } catch {
+        } catch (e) {
+            console.error(e);
             user = null;
         }