web-ui/crate/src/logic.rs

@@ -2,13 +2,11 @@ use crate::{
     api,
     state::{Action, Claims, Room, WebUiDispatcher},
 };
-use jsonwebtoken::{
+use jsonwebtoken::dangerous_insecure_decode;
-    dangerous_insecure_decode_with_validation as decode_without_verify, Validation,
-};
 
 pub(crate) type LogicResult = Result<Vec<Action>, Action>;
 
-trait LogicResultExt {
+pub(crate) trait LogicResultExt {
     /// Consumes self into the vec of Actions to apply to state,
     /// either the list of successful actions, or a list containing
     /// the error action.
@@ -36,8 +34,7 @@ async fn ensure_jwt(dispatch: &WebUiDispatcher) -> Result<(String, Option<Action
     //TODO lots of clones here. can we avoid?
     use jsonwebtoken::errors::ErrorKind;
     let token = dispatch.state().jwt_token.as_deref().unwrap_or_default();
-    let validation: Result<Claims, _> =
+    let validation: Result<Claims, _> = dangerous_insecure_decode(token).map(|data| data.claims);
-        decode_without_verify(token, &Validation::default()).map(|data| data.claims);
 
     //If valid, simply return token. If expired, attempt to refresh.
     //Otherwise, bubble error.

web-ui/crate/src/rooms.rs

@@ -1,5 +1,6 @@
 use crate::api;
 use crate::error::UiError;
+use crate::logic::{self, LogicResultExt};
 use crate::state::{Action, DispatchExt, Room, WebUiDispatcher};
 use std::sync::Arc;
 use wasm_bindgen_futures::spawn_local;
@@ -26,19 +27,11 @@ fn view_room(room: &Room) -> Html {
 }
 
 async fn load_rooms(dispatch: &WebUiDispatcher) -> Result<(), UiError> {
-    let jwt_token = dispatch
+    let result = logic::fetch_rooms(dispatch).await;
-        .state()
+    let actions = result.actions();
-        .jwt_token
-        .as_ref()
-        .ok_or(UiError::NotLoggedIn)?;
 
-    let rooms = api::dicebot::rooms_for_user(jwt_token, "@projectmoon:agnos.is").await?;
+    for action in actions {
-
+        dispatch.send(action);
-    for room in rooms {
-        dispatch.send(Action::AddRoom(Room {
-            room_id: room.room_id,
-            display_name: room.display_name,
-        }));
     }
 
     Ok(())

web-ui/crate/src/state.rs

@@ -1,7 +1,5 @@
 use crate::error::UiError;
-use jsonwebtoken::{
+use jsonwebtoken::dangerous_insecure_decode;
-    dangerous_insecure_decode_with_validation as decode_without_verify, Validation,
-};
 use serde::{Deserialize, Serialize};
 use wasm_bindgen::{prelude::Closure, JsCast};
 use yewdux::prelude::*;
@@ -52,10 +50,11 @@ pub(crate) enum Action {
 
 impl WebUiState {
     fn login(&mut self, jwt_token: String) {
-        let validation: Result<Claims, _> =
+        //TODO this will not work because we cannot ignore the key to decode the JWT.
-            decode_without_verify(&jwt_token, &Validation::default()).map(|data| data.claims);
+        let jwt_decoding: Result<Claims, _> =
+            dangerous_insecure_decode(&jwt_token).map(|data| data.claims);
 
-        match validation {
+        match jwt_decoding {
             Ok(claims) => {
                 self.jwt_token = Some(jwt_token);
                 self.auth_state = AuthState::LoggedIn;