stash

2023-05-28 21:05:22 +02:00 · 2023-05-28 21:05:22 +02:00 · 7e8f984ee2
commit 7e8f984ee2
parent 02e41214d2
7 changed files with 15 additions and 12 deletions
--- a/frontend/package.json
+++ b/frontend/package.json
@ -11,6 +11,7 @@
    "bootstrap-icons-vue": "^1.10.3",
    "dns-query": "^0.11.2",
    "js-nacl": "^1.4.0",
+    "moment": "^2.29.4",
    "vue": "^3.2.47",
    "vue-router": "^4.1.6",
    "vuex": "^4.1.0"
--- a/frontend/src/assets/js/app.js
+++ b/frontend/src/assets/js/app.js
--- a/frontend/src/components/Notifications.vue
+++ b/frontend/src/components/Notifications.vue
@ -48,6 +48,7 @@
 <script>
 import {mapGetters, mapMutations} from 'vuex';
 import * as BIcons from "bootstrap-icons-vue";
+import moment from 'moment';

 export default {
    name: 'Notifications',
--- a/frontend/src/federation.js
+++ b/frontend/src/federation.js
@ -28,7 +28,7 @@ class ServerSet {
                    method: 'POST',
                    headers: {
                        'Content-Type': 'application/json',
-                        ...auth.buildAuthHeader(url)
+                        ...auth.buildAuthHeader(url, data)
                    },
                    credentials: 'omit',
                    body: JSON.stringify(data)
@ -55,7 +55,7 @@ class ServerSet {
                    method: 'PATCH',
                    headers: {
                        'Content-Type': 'application/json',
-                        ...auth.buildAuthHeader(url)
+                        ...auth.buildAuthHeader(url, data)
                    },
                    credentials: 'omit',
                    body: JSON.stringify(data)
@ -132,7 +132,7 @@ class ServerSet {
                    method: 'PUT',
                    headers: {
                        'Content-Type': 'application/json',
-                        ...auth.buildAuthHeader(url)
+                        ...auth.buildAuthHeader(url, data)
                    },
                    credentials: 'omit',
                    body: JSON.stringify(data)
@ -167,6 +167,7 @@ function createSignAuth(username, signKey) {
    return new authMethod(({signKey, username}, {url, data}) => {
        const json = JSON.stringify(data)
        const signature = nacl.crypto_sign_detached(nacl.encode_utf8(url + (data ? json : "")), signKey)
+        console.log('sign', nacl.to_hex(signature), url, json)
        return {'Authorization': 'Signature ' + username + ':' + nacl.to_hex(signature)}
    }, context)
 }
--- a/frontend/src/main.js
+++ b/frontend/src/main.js
@ -4,7 +4,6 @@ import { BootstrapIconsPlugin } from 'bootstrap-icons-vue';
 import App from './App.vue'

 import './assets/css/toolshed.css'
-import './assets/js/app.js'

 import router from './router'
 import store from './store';
--- a/frontend/src/store.js
+++ b/frontend/src/store.js
@ -175,15 +175,16 @@ export default createStore({
            const servers = await dispatch('getAllFriendsServers')
            return await servers.get(getters.signAuth, '/api/inventory/search/?q=' + query)
        },
-        async createInventoryItem({state, dispatch, getters}, {item}) {
+        async createInventoryItem({state, dispatch, getters}, item) {
            const servers = await dispatch('getHomeServers')
-            return await servers.post(getters.signAuth, '/api/inventory_items/', item)
+            const data = {...item, owned_amount: 1, availability_policy: 'friends', category: 'other'}
+            return await servers.post(getters.signAuth, '/api/inventory_items/', data)
        },
-        async updateInventoryItem({state, dispatch, getters}, {item}) {
+        async updateInventoryItem({state, dispatch, getters}, item) {
            const servers = await dispatch('getHomeServers')
            return await servers.patch(getters.signAuth, '/api/inventory_items/' + item.id + '/', item)
        },
-        async deleteInventoryItem({state, dispatch, getters}, {item}) {
+        async deleteInventoryItem({state, dispatch, getters}, item) {
            const servers = await dispatch('getHomeServers')
            return await servers.delete(getters.signAuth, '/api/inventory_items/' + item.id + '/')
        },
--- a/frontend/vite.config.js
+++ b/frontend/vite.config.js
@ -3,7 +3,6 @@ import {fileURLToPath, URL} from 'node:url'
 import {defineConfig} from 'vite'
 import vue from '@vitejs/plugin-vue'

-// https://vitejs.dev/config/
 export default defineConfig({
    plugins: [vue()],
    resolve: {
@ -20,7 +19,10 @@ export default defineConfig({
            'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
            'Access-Control-Allow-Headers': 'Origin, Content-Type, X-Auth-Token, Authorization, Accept,charset,boundary,Content-Length',
            'Access-Control-Allow-Credentials': 'true',
-            'Content-Security-Policy': 'default-src \'self\' \'unsafe-inline\' \'unsafe-eval\' data: \'self\' connect-src *', // change to https://* for production
+            'Content-Security-Policy': 'default-src \'self\';'
+                + ' script-src \'self\' \'wasm-unsafe-eval\';'
+                + ' style-src \'self\' \'unsafe-inline\';'
+                + ' connect-src * data:', // TODO: change * to https://* for production
        },
        proxy: {
            '^/api/': {