From 9861ec96c8dabf9cf6fd899db6897d49d6deec35 Mon Sep 17 00:00:00 2001
From: Bill Erickson <berick@esilibrary.com>
Date: Tue, 6 May 2014 10:08:49 -0400
Subject: [PATCH] avoid cookie dep.  store authtoken in sessionStorage

Signed-off-by: Bill Erickson <berick@esilibrary.com>
---
 Open-ILS/src/templates/staff/t_base_js.tt2        |  6 +++---
 Open-ILS/web/js/ui/default/staff/services/auth.js | 24 +++++++++--------------
 Open-ILS/web/js/ui/default/staff/services/core.js |  2 +-
 3 files changed, 13 insertions(+), 19 deletions(-)

diff --git a/Open-ILS/src/templates/staff/t_base_js.tt2 b/Open-ILS/src/templates/staff/t_base_js.tt2
index f63564fa71..95b97867c8 100644
--- a/Open-ILS/src/templates/staff/t_base_js.tt2
+++ b/Open-ILS/src/templates/staff/t_base_js.tt2
@@ -9,7 +9,6 @@
 <!-- hosted angular libs -->
 <script src="//ajax.googleapis.com/ajax/libs/angularjs/[% ANGULAR_VERSION %]/angular.min.js"></script>
 <script src="//ajax.googleapis.com/ajax/libs/angularjs/[% ANGULAR_VERSION %]/angular-route.min.js"></script>
-<script src="//ajax.googleapis.com/ajax/libs/angularjs/[% ANGULAR_VERSION %]/angular-cookies.min.js"></script>
 <script src="//cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/[% ANGULAR_BOOTSTRAP_VERSION %]/ui-bootstrap-tpls.min.js"></script>
 
 <!-- IDL / opensrf (network) -->
@@ -37,8 +36,9 @@
 <script src="[% ctx.media_prefix %]/js/ui/default/staff/services/hatch.js"></script>
 <script src="[% ctx.media_prefix %]/js/ui/default/staff/services/coresvc.js"></script>
 
-<script src="[% ctx.media_prefix %]/js/ui/default/staff/services/ui.js"></script>
 <script src="[% ctx.media_prefix %]/js/ui/default/staff/services/statusbar.js"></script>
 
-<!-- navbar driver -->
+<script src="[% ctx.media_prefix %]/js/ui/default/staff/services/ui.js"></script>
+
 <script src="[% ctx.media_prefix %]/js/ui/default/staff/navbar.js"></script>
+
diff --git a/Open-ILS/web/js/ui/default/staff/services/auth.js b/Open-ILS/web/js/ui/default/staff/services/auth.js
index f45cae4c74..851ddc7662 100644
--- a/Open-ILS/web/js/ui/default/staff/services/auth.js
+++ b/Open-ILS/web/js/ui/default/staff/services/auth.js
@@ -1,19 +1,12 @@
 /* Core Sevice - egAuth
  *
- * Manages login and auth session retrieval
- *
- * Angular cookies are still fairly primitive.  
- * In particular, you can't set the path.
- * https://github.com/angular/angular.js/issues/1786
+ * Manages login and auth session retrieval.
  */
 
 angular.module('egCoreMod')
 
-.constant('EG_AUTH_COOKIE', 'ses')
-
 .factory('egAuth', 
-       ['$q','$cookies','egNet','EG_AUTH_COOKIE','egHatch',
-function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
+    ['$q','$window','egNet','egHatch', function($q, $window, egNet, egHatch) {
 
     var service = {
         // the currently active user (au) object
@@ -23,7 +16,7 @@ function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
 
         // the currently active auth token string
         token : function() {
-            return $cookies[EG_AUTH_COOKIE];
+            return $window.sessionStorage.getItem('eg.auth.token');
         },
 
         // the currently active workstation name
@@ -68,7 +61,7 @@ function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
                     }
                 } else {
                     // authtoken test failed
-                    delete $cookies[EG_AUTH_COOKIE]; 
+                    $window.sessionStorage.removeItem('eg.auth.token');
                     deferred.reject(); 
                 }
             });
@@ -98,7 +91,8 @@ function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
                     function(evt) {
                         if (evt.textcode == 'SUCCESS') {
                             service.ws = args.workstation; 
-                            $cookies[EG_AUTH_COOKIE] = evt.payload.authtoken;
+                            $window.sessionStorage.setItem(
+                                'eg.auth.token', evt.payload.authtoken);
                             deferred.resolve();
                         } else {
                             // note: the likely outcome here is a NO_SESION
@@ -121,7 +115,7 @@ function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
                 'open-ils.auth', 
                 'open-ils.auth.session.delete', 
                 service.token()); // fire and forget
-            delete $cookies[EG_AUTH_COOKIE];
+            $window.sessionStorage.removeItem('eg.auth.token');
         }
         service._user = null;
     };
@@ -136,8 +130,8 @@ function($q , $cookies , egNet , EG_AUTH_COOKIE , egHatch) {
  * dependency of egOrg -> egEnv -> egAuth -> egOrg
  */
 .factory('egPerm', 
-       ['$q','$cookies','egNet','egAuth','egOrg',
-function($q , $cookies , egNet , egAuth , egOrg) {
+       ['$q','egNet','egAuth','egOrg',
+function($q , egNet , egAuth , egOrg) {
     var service = {};
 
     /*
diff --git a/Open-ILS/web/js/ui/default/staff/services/core.js b/Open-ILS/web/js/ui/default/staff/services/core.js
index d862450902..c43ca3957a 100644
--- a/Open-ILS/web/js/ui/default/staff/services/core.js
+++ b/Open-ILS/web/js/ui/default/staff/services/core.js
@@ -3,4 +3,4 @@
  * egCoreMod houses all of the services, etc. required by all pages
  * for basic functionality.
  */
-angular.module('egCoreMod', ['ngCookies']);
+angular.module('egCoreMod', []);
-- 
2.11.0