From: SANDHYA.JS Date: Thu, 27 Apr 2023 09:41:06 +0000 (+0530) Subject: Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write) X-Git-Tag: release-v14.0-start^0 X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=refs%2Fchanges%2F01%2F13301%2F2;p=osm%2FNG-UI.git Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write) - Coverity fix for localStorage write issue: For storing datas in browser localStorage so changed it to sessionStorage Change-Id: I3fdce439b923e006b44a50a42fab19b7ffbcdec6 Signed-off-by: SANDHYA.JS --- diff --git a/src/app/AppComponent.ts b/src/app/AppComponent.ts index 4567671..1c5886a 100644 --- a/src/app/AppComponent.ts +++ b/src/app/AppComponent.ts @@ -86,7 +86,7 @@ export class AppComponent { public idleTimeOut(): void { this.idle.onTimeout.subscribe(() => { this.idle.stop(); - if (localStorage.getItem('id_token') !== null) { + if (sessionStorage.getItem('id_token') !== null) { this.authService.logout(); } }); diff --git a/src/app/AppModule.ts b/src/app/AppModule.ts index d260784..889f4be 100644 --- a/src/app/AppModule.ts +++ b/src/app/AppModule.ts @@ -211,14 +211,14 @@ export function appInitializerFactory(translate: TranslateService, injector: Inj return async (): Promise => { await injector.get(LOCATION_INITIALIZED, Promise.resolve(null)); translate.setDefaultLang('en'); - const languageCode: string = localStorage.getItem('languageCode'); + const languageCode: string = sessionStorage.getItem('languageCode'); if (languageCode !== null && languageCode !== undefined && languageCode !== '') { await translate.use(languageCode).toPromise().catch((): void => { translate.setDefaultLang('en'); }); } else { await translate.use('en').toPromise(); - localStorage.setItem('languageCode', 'en'); + sessionStorage.setItem('languageCode', 'en'); } }; } diff --git a/src/app/dashboard/DashboardComponent.ts b/src/app/dashboard/DashboardComponent.ts index 23e928f..d49f708 100644 --- a/src/app/dashboard/DashboardComponent.ts +++ b/src/app/dashboard/DashboardComponent.ts @@ -202,7 +202,7 @@ export class DashboardComponent implements OnInit { */ public ngOnInit(): void { this.username$ = this.authService.username; - this.isAdmin = (localStorage.getItem('isAdmin') === 'true') ? true : false; + this.isAdmin = (sessionStorage.getItem('isAdmin') === 'true') ? true : false; this.selectedProject = this.authService.ProjectName; this.checkAdminPrivilege(); this.getUserAccessedProjects(); diff --git a/src/app/layouts/breadcrumb/BreadcrumbComponent.ts b/src/app/layouts/breadcrumb/BreadcrumbComponent.ts index 2b7ca54..1effed8 100644 --- a/src/app/layouts/breadcrumb/BreadcrumbComponent.ts +++ b/src/app/layouts/breadcrumb/BreadcrumbComponent.ts @@ -99,7 +99,7 @@ export class BreadcrumbComponent implements OnInit { if (!isNullOrUndefined(item.title)) { item.title = item.title.replace('{type}', this.checkTitle(item, child.snapshot.params.type)); item.title = item.title.replace('{id}', child.snapshot.params.id); - item.title = item.title.replace('{project}', localStorage.getItem('project')); + item.title = item.title.replace('{project}', sessionStorage.getItem('project')); } if (!isNullOrUndefined(item.url)) { item.url = item.url.replace('{type}', child.snapshot.params.type); diff --git a/src/app/layouts/header/HeaderComponent.ts b/src/app/layouts/header/HeaderComponent.ts index 9392177..13e2129 100644 --- a/src/app/layouts/header/HeaderComponent.ts +++ b/src/app/layouts/header/HeaderComponent.ts @@ -95,8 +95,8 @@ export class HeaderComponent implements OnInit { /** Lifecyle Hooks the trigger before component is instantiate @public */ public ngOnInit(): void { - this.isAdmin = (localStorage.getItem('isAdmin') === 'true') ? true : false; - this.isSystemAdmin = localStorage.getItem('admin_show') === 'true' ? true : false; + this.isAdmin = (sessionStorage.getItem('isAdmin') === 'true') ? true : false; + this.isSystemAdmin = sessionStorage.getItem('admin_show') === 'true' ? true : false; this.selectedProject = this.authService.ProjectName; this.authService.ProjectName.subscribe((projectNameFinal: string): void => { this.getSelectedProject = projectNameFinal; @@ -105,7 +105,7 @@ export class HeaderComponent implements OnInit { this.projectService.setHeaderProjects(); this.projectList$ = this.projectService.projectList; this.PACKAGEVERSION = environment.packageVersion; - const getLocalStorageVersion: string = localStorage.getItem('osmVersion'); + const getLocalStorageVersion: string = sessionStorage.getItem('osmVersion'); if (getLocalStorageVersion === null) { this.showNewVersion(); } else if (getLocalStorageVersion !== this.sharedService.osmVersion) { @@ -126,7 +126,7 @@ export class HeaderComponent implements OnInit { /** Close Version and add in local storage @public */ public closeVersion(): void { this.toShowNewTag = false; - localStorage.setItem('osmVersion', this.sharedService.osmVersion); + sessionStorage.setItem('osmVersion', this.sharedService.osmVersion); } /** Implementation of model for UserSettings options.@public */ @@ -139,7 +139,7 @@ export class HeaderComponent implements OnInit { public changePassword(): void { // eslint-disable-next-line security/detect-non-literal-fs-filename const modalRef: NgbModalRef = this.modalService.open(AddEditUserComponent, { backdrop: 'static' }); - modalRef.componentInstance.userID = localStorage.getItem('user_id'); + modalRef.componentInstance.userID = sessionStorage.getItem('user_id'); modalRef.componentInstance.userTitle = this.translateService.instant('PAGE.USERS.EDITCREDENTIALS'); modalRef.componentInstance.userType = 'changePassword'; modalRef.result.then((result: MODALCLOSERESPONSEDATA): void => { diff --git a/src/app/login/LoginComponent.ts b/src/app/login/LoginComponent.ts index db842d8..1ffa8c3 100644 --- a/src/app/login/LoginComponent.ts +++ b/src/app/login/LoginComponent.ts @@ -195,7 +195,7 @@ export class LoginComponent implements OnInit { userName: ['', [Validators.required]], password: ['', [Validators.required]] }); - this.returnUrl = isNullOrUndefined(localStorage.getItem('returnUrl')) ? '/' : localStorage.getItem('returnUrl'); + this.returnUrl = isNullOrUndefined(sessionStorage.getItem('returnUrl')) ? '/' : sessionStorage.getItem('returnUrl'); } /** @@ -227,15 +227,15 @@ export class LoginComponent implements OnInit { this.router.navigate([this.returnUrl]).catch((): void => { // Catch Navigation Error }); - this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false; - this.isUserShow = localStorage.getItem('user_show') === 'true' ? true : false; + this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false; + this.isUserShow = sessionStorage.getItem('user_show') === 'true' ? true : false; setTimeout((): void => { if (this.isAdminShow === true || this.isUserShow === true) { this.generateData(); } }, this.epochTime1000); } - localStorage.removeItem('returnUrl'); + sessionStorage.removeItem('returnUrl'); }, (err: HttpErrorResponse): void => { this.isLoadingResults = false; this.restService.handleError(err, 'post'); @@ -244,7 +244,7 @@ export class LoginComponent implements OnInit { /** Fetching the data from server to load it in toaster @public */ public generateData(): void { - const userID: string = localStorage.getItem('user_id'); + const userID: string = sessionStorage.getItem('user_id'); if (userID !== '') { this.isLoadingResults = true; this.restService.getResource(environment.USERS_URL + '/' + userID).subscribe((userDetails: UserDetail): void => { @@ -267,8 +267,8 @@ export class LoginComponent implements OnInit { this.accountExpireMessage = this.translateService.instant('PAGE.LOGIN.ACCOUNTEXPIRE'); this.passwordExpireMessage = this.translateService.instant('PAGE.LOGIN.PASSWORDEXPIRE'); this.daysMessage = this.translateService.instant('PAGE.LOGIN.DAYS'); - this.lastLogin = localStorage.getItem('last_login'); - this.failedAttempts = localStorage.getItem('failed_count'); + this.lastLogin = sessionStorage.getItem('last_login'); + this.failedAttempts = sessionStorage.getItem('failed_count'); if (this.accountNoOfDays !== '0' && this.passwordNoOfDays !== '0' && this.accountNoOfDays !== '1' && this.passwordNoOfDays !== '1') { this.showToaster(); diff --git a/src/app/sdn-controller/SDNControllerModule.ts b/src/app/sdn-controller/SDNControllerModule.ts index 9b2f523..4bd392d 100644 --- a/src/app/sdn-controller/SDNControllerModule.ts +++ b/src/app/sdn-controller/SDNControllerModule.ts @@ -37,7 +37,7 @@ import { SDNControllerDetailsComponent } from 'SDNControllerDetailsComponent'; import { SDNControllerInfoComponent } from 'SDNControllerInfoComponent'; /** To halndle project information */ -const projectInfo: {} = localStorage.getItem('project') !== null ? { title: localStorage.getItem('project'), url: '/' } : {}; +const projectInfo: {} = sessionStorage.getItem('project') !== null ? { title: sessionStorage.getItem('project'), url: '/' } : {}; /** * configures routers diff --git a/src/app/user-settings/UserSettingsComponent.ts b/src/app/user-settings/UserSettingsComponent.ts index 5212eb5..67aa092 100644 --- a/src/app/user-settings/UserSettingsComponent.ts +++ b/src/app/user-settings/UserSettingsComponent.ts @@ -81,7 +81,7 @@ export class UserSettingsComponent implements OnInit { this.usersettingsForm = this.formBuilder.group({ selectedLanguage: [null, [Validators.required]] }); - const setLanguage: string = localStorage.getItem('languageCode'); + const setLanguage: string = sessionStorage.getItem('languageCode'); if (setLanguage !== null && this.validateLanguageList(setLanguage)) { this.usersettingsForm.get('selectedLanguage').setValue(setLanguage); } else { @@ -97,7 +97,7 @@ export class UserSettingsComponent implements OnInit { this.submitted = true; if (!this.usersettingsForm.invalid) { const selectedLanguage: string = this.usersettingsForm.value.selectedLanguage; - localStorage.setItem('languageCode', this.usersettingsForm.value.selectedLanguage); + sessionStorage.setItem('languageCode', this.usersettingsForm.value.selectedLanguage); this.translateService.use(selectedLanguage); location.reload(); } diff --git a/src/app/users/add-user/AddEditUserComponent.ts b/src/app/users/add-user/AddEditUserComponent.ts index e7592e4..2931d79 100644 --- a/src/app/users/add-user/AddEditUserComponent.ts +++ b/src/app/users/add-user/AddEditUserComponent.ts @@ -79,7 +79,7 @@ export class AddEditUserComponent implements OnInit { public isPassword: boolean; /** Variable holds value for first login user @public */ - public isFirstLogin: boolean = Boolean(localStorage.getItem('firstLogin') === 'true'); + public isFirstLogin: boolean = Boolean(sessionStorage.getItem('firstLogin') === 'true'); /** Instance of the rest service @private */ private restService: RestService; @@ -273,10 +273,10 @@ export class AddEditUserComponent implements OnInit { /** Method to check loggedin username and update @private */ private checkUsername(payLoad: LOGINPARAMS): void { - const logUsername: string = localStorage.getItem('username'); + const logUsername: string = sessionStorage.getItem('username'); if (this.userType === 'editUserName' && logUsername === this.userName) { this.authService.userName.next(payLoad.username); - localStorage.setItem('username', payLoad.username); + sessionStorage.setItem('username', payLoad.username); } } } diff --git a/src/app/users/user-details/UserDetailsComponent.ts b/src/app/users/user-details/UserDetailsComponent.ts index 51047ba..12c37fe 100644 --- a/src/app/users/user-details/UserDetailsComponent.ts +++ b/src/app/users/user-details/UserDetailsComponent.ts @@ -125,7 +125,7 @@ export class UserDetailsComponent implements OnInit, OnDestroy { this.projectService.getAllProjects().subscribe((projects: {}[]) => { this.projectList = projects; }); - this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false; + this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false; this.generateColumns(); this.generateSettings(); this.generateData(); diff --git a/src/app/utilities/change-password/ChangePasswordComponent.ts b/src/app/utilities/change-password/ChangePasswordComponent.ts index 4c6aa5a..2b32a8b 100644 --- a/src/app/utilities/change-password/ChangePasswordComponent.ts +++ b/src/app/utilities/change-password/ChangePasswordComponent.ts @@ -61,7 +61,7 @@ export class ChangePasswordComponent implements OnInit { public ngOnInit(): void { // eslint-disable-next-line security/detect-non-literal-fs-filename const modalRef: NgbModalRef = this.modalService.open(AddEditUserComponent, { backdrop: 'static', keyboard: false }); - modalRef.componentInstance.userID = localStorage.getItem('user_id'); + modalRef.componentInstance.userID = sessionStorage.getItem('user_id'); if (this.editType === 'changePassword') { modalRef.componentInstance.userTitle = this.translateService.instant('PAGE.USERS.EDITCREDENTIALS'); } diff --git a/src/app/utilities/project-link/ProjectLinkComponent.ts b/src/app/utilities/project-link/ProjectLinkComponent.ts index 5f956f2..86feb97 100644 --- a/src/app/utilities/project-link/ProjectLinkComponent.ts +++ b/src/app/utilities/project-link/ProjectLinkComponent.ts @@ -63,13 +63,13 @@ export class ProjectLinkComponent implements OnInit { } public ngOnInit(): void { - this.selectedProject = localStorage.getItem('project'); + this.selectedProject = sessionStorage.getItem('project'); this.getAdminProjects(); } /** Get the admin projects to be selectable @public */ public getAdminProjects(): void { - const username: string = localStorage.getItem('username'); + const username: string = sessionStorage.getItem('username'); this.restService.getResource(environment.USERS_URL + '/' + username).subscribe((projects: UserDetail) => { this.projectList = projects.project_role_mappings; this.isPresent = this.projectList.some((item: ProjectData) => item.project === this.value.project); diff --git a/src/app/utilities/switch-project/SwitchProjectComponent.ts b/src/app/utilities/switch-project/SwitchProjectComponent.ts index f3dffcb..b7bc9a4 100644 --- a/src/app/utilities/switch-project/SwitchProjectComponent.ts +++ b/src/app/utilities/switch-project/SwitchProjectComponent.ts @@ -124,12 +124,12 @@ export class SwitchProjectComponent implements OnInit { }; this.restService.postResource(apiURLHeader, payLoad).subscribe((data: LOCALSTORAGE) => { if (data) { - localStorage.setItem('id_token', data.id); - localStorage.setItem('project_id', this.params.projectID); - localStorage.setItem('expires', data.expires.toString()); - localStorage.setItem('username', data.username); - localStorage.setItem('project', data.project_name); - localStorage.setItem('token_state', data.id); + sessionStorage.setItem('id_token', data.id); + sessionStorage.setItem('project_id', this.params.projectID); + sessionStorage.setItem('expires', data.expires.toString()); + sessionStorage.setItem('username', data.username); + sessionStorage.setItem('project', data.project_name); + sessionStorage.setItem('token_state', data.id); this.activeModal.close(); if (this.router.url.includes('history-operations')) { this.router.navigate(['/instances/ns']).then((): void => { diff --git a/src/app/utilities/users-action/UsersActionComponent.ts b/src/app/utilities/users-action/UsersActionComponent.ts index 04fd58a..799779d 100644 --- a/src/app/utilities/users-action/UsersActionComponent.ts +++ b/src/app/utilities/users-action/UsersActionComponent.ts @@ -74,8 +74,8 @@ export class UsersActionComponent { * Lifecyle Hooks the trigger before component is instantiate */ public ngOnInit(): void { - this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false; - this.isUserShow = localStorage.getItem('user_show') === 'true' ? true : false; + this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false; + this.isUserShow = sessionStorage.getItem('user_show') === 'true' ? true : false; if (!isNullOrUndefined(this.value.user_status)) { this.isUserStatus = this.value.user_status; } @@ -134,8 +134,8 @@ export class UsersActionComponent { public unlockRenewUser(editType: string): void { // eslint-disable-next-line security/detect-non-literal-fs-filename const modalRef: NgbModalRef = this.modalService.open(WarningComponent, { backdrop: 'static' }); - localStorage.setItem('renew', 'true'); - const id: string = localStorage.getItem('user_id'); + sessionStorage.setItem('renew', 'true'); + const id: string = sessionStorage.getItem('user_id'); if (editType === 'unlock') { modalRef.componentInstance.heading = this.translateService.instant('Unlock User'); modalRef.componentInstance.confirmationMessage = this.translateService.instant('Are you sure want to unlock this user'); diff --git a/src/app/utilities/warning/WarningComponent.ts b/src/app/utilities/warning/WarningComponent.ts index c687fb0..d52e989 100644 --- a/src/app/utilities/warning/WarningComponent.ts +++ b/src/app/utilities/warning/WarningComponent.ts @@ -113,7 +113,7 @@ export class WarningComponent { const modalData: MODALCLOSERESPONSEDATA = { message: 'Done' }; - const id: string = localStorage.getItem('user_id'); + const id: string = sessionStorage.getItem('user_id'); const payLoad: UNLOCKPARAMS = {}; if (this.editType === 'unlock') { payLoad.system_admin_id = id; diff --git a/src/services/AcessGuardService.ts b/src/services/AcessGuardService.ts index 42d36a5..1ee7f64 100644 --- a/src/services/AcessGuardService.ts +++ b/src/services/AcessGuardService.ts @@ -34,7 +34,7 @@ export class AcessGuardService implements CanLoad { */ public canLoad(route: Route): Observable | Promise | boolean { // Need to get the Role and valid here for authorization - if (localStorage.getItem('role') === 'Admin') { + if (sessionStorage.getItem('role') === 'Admin') { return true; } else { return false; diff --git a/src/services/AuthInterceptorService.ts b/src/services/AuthInterceptorService.ts index d2166e3..5f4255e 100644 --- a/src/services/AuthInterceptorService.ts +++ b/src/services/AuthInterceptorService.ts @@ -68,7 +68,7 @@ export class AuthInterceptorService implements HttpInterceptor { public intercept(req: HttpRequest<{}>, next: HttpHandler): Observable | HttpUserEvent | any> { - const idToken: string = localStorage.getItem('id_token'); + const idToken: string = sessionStorage.getItem('id_token'); const excludedUrl: string[] = ['osm/admin/v1/tokens', 'assets/i18n/', 'osm/version']; if (excludedUrl.some((x: string): boolean => req.url.includes(x))) { return next.handle(req); } if (idToken.length > 0) { diff --git a/src/services/AuthenticationService.ts b/src/services/AuthenticationService.ts index 36cf476..a8950e5 100644 --- a/src/services/AuthenticationService.ts +++ b/src/services/AuthenticationService.ts @@ -88,16 +88,16 @@ export class AuthenticationService { this.modalService = this.injector.get(NgbModal); this.idle = this.injector.get(Idle); this.sharedService = this.injector.get(SharedService); - if (localStorage.getItem('username') !== null) { + if (sessionStorage.getItem('username') !== null) { this.loggedIn.next(true); this.changePassword.next(false); - } else if (localStorage.getItem('firstLogin') !== null) { + } else if (sessionStorage.getItem('firstLogin') !== null) { this.changePassword.next(true); this.loggedIn.next(false); } else { this.loggedIn.next(false); } - this.userName.next(localStorage.getItem('username')); + this.userName.next(sessionStorage.getItem('username')); this.redirectToPage(); } @@ -141,9 +141,9 @@ export class AuthenticationService { return this.restService.postResource(apiURLHeader, this.payLoad) .pipe(map((data: ProjectModel): BehaviorSubject => { if (data.message === 'change_password') { - localStorage.setItem('firstLogin', 'true'); - localStorage.setItem('id_token', data.id); - localStorage.setItem('user_id', data.user_id); + sessionStorage.setItem('firstLogin', 'true'); + sessionStorage.setItem('id_token', data.id); + sessionStorage.setItem('user_id', data.user_id); this.idle.watch(true); this.changePassword.next(true); this.loggedIn.next(false); @@ -179,32 +179,32 @@ export class AuthenticationService { /** set local storage on auth process @public */ public setLocalStorage(data: ProjectModel): void { - localStorage.setItem('id_token', data.id); - localStorage.setItem('expires', data.expires.toString()); - localStorage.setItem('username', data.username); - localStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false'); - localStorage.setItem('project_id', data.project_id); - localStorage.setItem('project', data.project_name); - localStorage.setItem('token_state', data.id); - localStorage.setItem('user_id', data.user_id); - localStorage.setItem('user_show', String(data.user_show)); - localStorage.setItem('admin_show', String(data.admin_show)); - localStorage.setItem('last_login', this.sharedService.convertEpochTime(!isNullOrUndefined(data.last_login) ? data.last_login : null)); - localStorage.setItem('failed_count', data.login_count); + sessionStorage.setItem('id_token', data.id); + sessionStorage.setItem('expires', data.expires.toString()); + sessionStorage.setItem('username', data.username); + sessionStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false'); + sessionStorage.setItem('project_id', data.project_id); + sessionStorage.setItem('project', data.project_name); + sessionStorage.setItem('token_state', data.id); + sessionStorage.setItem('user_id', data.user_id); + sessionStorage.setItem('user_show', String(data.user_show)); + sessionStorage.setItem('admin_show', String(data.admin_show)); + sessionStorage.setItem('last_login', this.sharedService.convertEpochTime(!isNullOrUndefined(data.last_login) ? data.last_login : null)); + sessionStorage.setItem('failed_count', data.login_count); this.projectName$.next(data.project_name); } /** Destory tokens API response handling @public */ public logoutResponse(): void { this.loggedIn.next(false); this.changePassword.next(false); - const langCode: string = localStorage.getItem('languageCode'); - const redirecturl: string = isNullOrUndefined(localStorage.getItem('returnUrl')) ? '/' : localStorage.getItem('returnUrl'); - const osmVersion: string = isNullOrUndefined(localStorage.getItem('osmVersion')) ? '' : localStorage.getItem('osmVersion'); - localStorage.clear(); - localStorage.setItem('languageCode', langCode); - localStorage.setItem('returnUrl', redirecturl); - localStorage.setItem('token_state', null); - localStorage.setItem('osmVersion', osmVersion); + const langCode: string = sessionStorage.getItem('languageCode'); + const redirecturl: string = isNullOrUndefined(sessionStorage.getItem('returnUrl')) ? '/' : sessionStorage.getItem('returnUrl'); + const osmVersion: string = isNullOrUndefined(sessionStorage.getItem('osmVersion')) ? '' : sessionStorage.getItem('osmVersion'); + sessionStorage.clear(); + sessionStorage.setItem('languageCode', langCode); + sessionStorage.setItem('returnUrl', redirecturl); + sessionStorage.setItem('token_state', null); + sessionStorage.setItem('osmVersion', osmVersion); this.idle.stop(); this.router.navigate(['login']).catch((): void => { // Catch Navigation Error @@ -215,13 +215,13 @@ export class AuthenticationService { */ public logout(): void { this.returnUrl = this.router.url; - localStorage.setItem('returnUrl', this.returnUrl); + sessionStorage.setItem('returnUrl', this.returnUrl); this.modalService.dismissAll(); this.destoryToken(); } /** Destory tokens on logout @public */ public destoryToken(): void { - const tokenID: string = localStorage.getItem('id_token'); + const tokenID: string = sessionStorage.getItem('id_token'); if (tokenID !== null) { const deletingURl: string = environment.GENERATETOKEN_URL + '/' + tokenID; this.restService.deleteResource(deletingURl).subscribe((res: {}): void => { @@ -234,9 +234,9 @@ export class AuthenticationService { /** Return to previous page deny access to changepassword */ public redirectToPage(): void { - if (window.location.pathname === '/changepassword' && localStorage.getItem('username') !== null) { + if (window.location.pathname === '/changepassword' && sessionStorage.getItem('username') !== null) { window.history.back(); - } else if (window.location.pathname === '/' && localStorage.getItem('firstLogin') === 'true') { + } else if (window.location.pathname === '/' && sessionStorage.getItem('firstLogin') === 'true') { this.router.navigate(['/login']).catch((): void => { // Catch Navigation Error }); diff --git a/src/services/ProjectService.ts b/src/services/ProjectService.ts index 4206ea4..632500b 100644 --- a/src/services/ProjectService.ts +++ b/src/services/ProjectService.ts @@ -77,13 +77,13 @@ export class ProjectService { /** Get current project details from local storage @public */ public getCurrentProjectDetails(): Observable<{}> { - const project: string = localStorage.getItem('project_id'); + const project: string = sessionStorage.getItem('project_id'); return this.restService.getResource(environment.PROJECTS_URL + '/' + project); } /** Returns all the projects for a particular users @public */ public getUserProjects(): Observable<{}> { - const username: string = localStorage.getItem('username'); + const username: string = sessionStorage.getItem('username'); return this.restService.getResource(environment.USERS_URL + '/' + username); } @@ -92,8 +92,8 @@ export class ProjectService { this.getUserProjects().subscribe((projects: UserDetail) => { const projectList: {}[] = projects.project_role_mappings; projectList.filter((list: ProjectModel) => { - if (list.project === localStorage.getItem('project_id')) { - localStorage.setItem('project', list.project_name); + if (list.project === sessionStorage.getItem('project_id')) { + sessionStorage.setItem('project', list.project_name); this.authService.projectName$.next(list.project_name); } }); @@ -107,7 +107,7 @@ export class ProjectService { /** Toggle projects on selection @public */ public switchProjectModal(list: ProjectData): void { - const username: string = localStorage.getItem('username'); + const username: string = sessionStorage.getItem('username'); // eslint-disable-next-line security/detect-non-literal-fs-filename this.modalService.open(SwitchProjectComponent, { backdrop: 'static' }) .componentInstance.params = { projectID: list.project, username };