From 4f8c4d641fc883ec85762a06ffbf728128ca8116 Mon Sep 17 00:00:00 2001
From: garrettmills <garrett@glmdev.tech>
Date: Fri, 22 May 2020 09:54:48 -0500
Subject: [PATCH] Login form will force username if there is an authenticated
 user

---
 TODO.text                                   |  2 +-
 app/assets/app/auth/login/Form.component.js |  8 ++++++++
 app/assets/app/service/AuthApi.service.js   |  6 ++++++
 app/controllers/api/v1/Auth.controller.js   | 11 +++++++++++
 app/routing/routers/api/v1/auth.routes.js   |  4 +++-
 5 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/TODO.text b/TODO.text
index e71f0ce..d4eea01 100644
--- a/TODO.text
+++ b/TODO.text
@@ -2,4 +2,4 @@
 - Forgot password handling
     - Admin password reset mechanism -> flag users as needing PW resets
 - OAuth2 -> support refresh tokens
-- Trust token page -> force username of current user
+- Traps -> not clearing trust?
diff --git a/app/assets/app/auth/login/Form.component.js b/app/assets/app/auth/login/Form.component.js
index faed648..9cd00df 100644
--- a/app/assets/app/auth/login/Form.component.js
+++ b/app/assets/app/auth/login/Form.component.js
@@ -75,6 +75,14 @@ export default class AuthLoginForm extends Component {
         this.button_text = 'Next'
     }
 
+    async vue_on_create() {
+        const auth_user = await auth_api.get_authenticated_user()
+        if ( auth_user ) {
+            this.username = auth_user
+            await this.step_click()
+        }
+    }
+
     async on_key_up(event) {
         if ( event.keyCode === 13 ) {
             // Enter was pressed
diff --git a/app/assets/app/service/AuthApi.service.js b/app/assets/app/service/AuthApi.service.js
index 5aff1c0..8b4c447 100644
--- a/app/assets/app/service/AuthApi.service.js
+++ b/app/assets/app/service/AuthApi.service.js
@@ -68,6 +68,12 @@ class AuthAPI {
         if ( result && result.data && result.data.data ) return result.data.data
     }
 
+    async get_authenticated_user() {
+        const result = await axios.get('/api/v1/auth/authenticated_user')
+        if ( result && result.data && result.data.data && result.data.data.authenticated )
+            return result.data.data.uid
+    }
+
     async delete_app_password(uuid) {
         await axios.delete(`/api/v1/password/app_passwords/${uuid}`)
     }
diff --git a/app/controllers/api/v1/Auth.controller.js b/app/controllers/api/v1/Auth.controller.js
index d4d8dd4..2b3b03f 100644
--- a/app/controllers/api/v1/Auth.controller.js
+++ b/app/controllers/api/v1/Auth.controller.js
@@ -7,6 +7,17 @@ class AuthController extends Controller {
         return [...super.services, 'models', 'auth', 'MFA', 'output', 'configs', 'utility']
     }
 
+    async get_auth_user(req, res, next) {
+        if ( req.user ) {
+            return res.api({
+                authenticated: true,
+                uid: req.user.uid,
+            })
+        }
+
+        return res.api({ authenticated: false })
+    }
+
     async get_traps(req, res, next) {
         const trap_config = this.configs.get('traps')
         const data = [{ name: '(None)', trap: '', redirect_to: '/' }]
diff --git a/app/routing/routers/api/v1/auth.routes.js b/app/routing/routers/api/v1/auth.routes.js
index 864e3da..8c1428c 100644
--- a/app/routing/routers/api/v1/auth.routes.js
+++ b/app/routing/routers/api/v1/auth.routes.js
@@ -13,7 +13,9 @@ const auth_routes = {
             ['middleware::api:Permission', { check: 'v1:auth:traps:list'}],
             'controller::api:v1:Auth.get_traps',
         ],
-
+        '/authenticated_user': [
+            'controller::api:v1:Auth.get_auth_user',
+        ],
         '/roles': [
             'middleware::auth:APIRoute',
             ['middleware::api:Permission', { check: 'v1:auth:roles:list' }],