From d0a0366b05d12dc0c9002c62beeb3a4c8d5a41c7 Mon Sep 17 00:00:00 2001
From: azivner <adam.zivner@gmail.com>
Date: Wed, 29 Nov 2017 23:30:35 -0500
Subject: [PATCH] more complete support for network-less electron
 frontend-backend communication including protected session

---
 app.js                                  | 12 ++++++++++--
 public/javascripts/init.js              |  4 ++--
 public/javascripts/note_tree.js         |  2 +-
 public/javascripts/protected_session.js |  9 +++------
 public/javascripts/server.js            | 26 +++++++++++++------------
 public/javascripts/utils.js             |  4 ++++
 services/protected_session.js           | 13 +++++++------
 7 files changed, 41 insertions(+), 29 deletions(-)

diff --git a/app.js b/app.js
index 77165068a..661f7dffd 100644
--- a/app.js
+++ b/app.js
@@ -80,16 +80,24 @@ if (utils.isElectron()) {
         req.url = arg.url;
         req.method = arg.method;
         req.body = arg.data;
-        req.headers = {};
+        req.headers = arg.headers;
+
+        const res = {
+            statusCode: 200
+        };
 
-        const res = {};
         res.setHeader = function() {
 
         };
 
+        res.status = function(statusCode) {
+            res.statusCode = statusCode;
+        };
+
         res.send = function(obj) {
             event.sender.send('server-response', {
                 requestId: arg.requestId,
+                statusCode: res.statusCode,
                 body: obj
             });
         };
diff --git a/public/javascripts/init.js b/public/javascripts/init.js
index b51872028..1f3ddccc7 100644
--- a/public/javascripts/init.js
+++ b/public/javascripts/init.js
@@ -24,13 +24,13 @@ $(document).bind('keydown', 'alt+t', () => {
 });
 
 $(document).bind('keydown', 'f5', () => {
-    window.location.reload(true);
+    reloadApp();
 
     return false;
 });
 
 $(document).bind('keydown', 'ctrl+r', () => {
-    window.location.reload(true);
+    reloadApp();
 
     return false;
 });
diff --git a/public/javascripts/note_tree.js b/public/javascripts/note_tree.js
index a600da6c7..00b28fce1 100644
--- a/public/javascripts/note_tree.js
+++ b/public/javascripts/note_tree.js
@@ -625,6 +625,6 @@ const noteTree = (function() {
         createNewTopLevelNote,
         createNote,
         setPrefix,
-        getNotePathTitle
+
     };
 })();
\ No newline at end of file
diff --git a/public/javascripts/protected_session.js b/public/javascripts/protected_session.js
index a00a677a9..2cdb21ab7 100644
--- a/public/javascripts/protected_session.js
+++ b/public/javascripts/protected_session.js
@@ -10,8 +10,8 @@ const protected_session = (function() {
     let protectedSessionTimeout = null;
     let protectedSessionId = null;
 
-    server.get('settings/all').then(settings => {
-        protectedSessionTimeout = settings.protected_session_timeout;
+    $(document).ready(() => {
+        server.get('settings/all').then(settings => protectedSessionTimeout = settings.protected_session_timeout);
     });
 
     function setProtectedSessionTimeout(encSessTimeout) {
@@ -57,7 +57,6 @@ const protected_session = (function() {
         }
 
         protectedSessionId = response.protectedSessionId;
-        server.initAjax();
 
         dialogEl.dialog("close");
 
@@ -96,11 +95,9 @@ const protected_session = (function() {
     function resetProtectedSession() {
         protectedSessionId = null;
 
-        server.initAjax();
-
         // most secure solution - guarantees nothing remained in memory
         // since this expires because user doesn't use the app, it shouldn't be disruptive
-        window.location.reload(true);
+        reloadApp();
     }
 
     function isProtectedSessionAvailable() {
diff --git a/public/javascripts/server.js b/public/javascripts/server.js
index 05ac046cb..e04ca2595 100644
--- a/public/javascripts/server.js
+++ b/public/javascripts/server.js
@@ -1,10 +1,8 @@
 const server = (function() {
-    function initAjax() {
-        $.ajaxSetup({
-            headers: {
-                'x-protected-session-id': typeof protected_session !== 'undefined' ? protected_session.getProtectedSessionId() : null
-            }
-        });
+    function getHeaders() {
+        return {
+            'x-protected-session-id': protected_session.getProtectedSessionId()
+        };
     }
 
     async function get(url) {
@@ -34,8 +32,11 @@ const server = (function() {
             return new Promise((resolve, reject) => {
                 reqResolves[requestId] = resolve;
 
+                console.log("Request #" + requestId + " to " + method + " " + url);
+
                 ipc.send('server-request', {
                     requestId: requestId,
+                    headers: getHeaders(),
                     method: method,
                     url: "/" + baseApiUrl + url,
                     data: data
@@ -51,14 +52,19 @@ const server = (function() {
         const ipc = require('electron').ipcRenderer;
 
         ipc.on('server-response', (event, arg) => {
+            console.log("Response #" + arg.requestId + ": " + arg.statusCode);
+
             reqResolves[arg.requestId](arg.body);
+
+            delete reqResolves[arg.requestId];
         });
     }
 
     async function ajax(url, method, data) {
         const options = {
             url: baseApiUrl + url,
-            type: method
+            type: method,
+            headers: getHeaders()
         };
 
         if (data) {
@@ -71,14 +77,10 @@ const server = (function() {
         });
     }
 
-
-    initAjax();
-
     return {
         get,
         post,
         put,
-        remove,
-        initAjax
+        remove
     }
 })();
\ No newline at end of file
diff --git a/public/javascripts/utils.js b/public/javascripts/utils.js
index 72e2c661e..7495ebf50 100644
--- a/public/javascripts/utils.js
+++ b/public/javascripts/utils.js
@@ -1,5 +1,9 @@
 "use strict";
 
+function reloadApp() {
+    window.location.reload(true);
+}
+
 function showMessage(message) {
     console.log("message: ", message);
 
diff --git a/services/protected_session.js b/services/protected_session.js
index d1db0cb42..c32ded505 100644
--- a/services/protected_session.js
+++ b/services/protected_session.js
@@ -1,12 +1,13 @@
 "use strict";
 
 const utils = require('./utils');
+const session = {};
 
 function setDataKey(req, decryptedDataKey) {
-    req.session.decryptedDataKey = Array.from(decryptedDataKey); // can't store buffer in session
-    req.session.protectedSessionId = utils.randomSecureToken(32);
+    session.decryptedDataKey = Array.from(decryptedDataKey); // can't store buffer in session
+    session.protectedSessionId = utils.randomSecureToken(32);
 
-    return req.session.protectedSessionId;
+    return session.protectedSessionId;
 }
 
 function getProtectedSessionId(req) {
@@ -16,8 +17,8 @@ function getProtectedSessionId(req) {
 function getDataKey(req) {
     const protectedSessionId = getProtectedSessionId(req);
 
-    if (protectedSessionId && req.session.protectedSessionId === protectedSessionId) {
-        return req.session.decryptedDataKey;
+    if (protectedSessionId && session.protectedSessionId === protectedSessionId) {
+        return session.decryptedDataKey;
     }
     else {
         return null;
@@ -27,7 +28,7 @@ function getDataKey(req) {
 function isProtectedSessionAvailable(req) {
     const protectedSessionId = getProtectedSessionId(req);
 
-    return protectedSessionId && req.session.protectedSessionId === protectedSessionId;
+    return protectedSessionId && session.protectedSessionId === protectedSessionId;
 }
 
 module.exports = {