Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)

[osm/NG-UI.git] / src / services / ProjectService.ts

diff --git a/src/services/ProjectService.ts b/src/services/ProjectService.ts
index 4206ea4..632500b 100644 (file)
--- a/src/services/ProjectService.ts
+++ b/src/services/ProjectService.ts
@@ -77,13 +77,13 @@ export class ProjectService {
 
     /** Get current project details from local storage @public */
     public getCurrentProjectDetails(): Observable<{}> {
-        const project: string = localStorage.getItem('project_id');
+        const project: string = sessionStorage.getItem('project_id');
         return this.restService.getResource(environment.PROJECTS_URL + '/' + project);
     }
 
     /** Returns all the projects for a particular users @public */
     public getUserProjects(): Observable<{}> {
-        const username: string = localStorage.getItem('username');
+        const username: string = sessionStorage.getItem('username');
         return this.restService.getResource(environment.USERS_URL + '/' + username);
     }
 
@@ -92,8 +92,8 @@ export class ProjectService {
         this.getUserProjects().subscribe((projects: UserDetail) => {
             const projectList: {}[] = projects.project_role_mappings;
             projectList.filter((list: ProjectModel) => {
-                if (list.project === localStorage.getItem('project_id')) {
-                    localStorage.setItem('project', list.project_name);
+                if (list.project === sessionStorage.getItem('project_id')) {
+                    sessionStorage.setItem('project', list.project_name);
                     this.authService.projectName$.next(list.project_name);
                 }
             });
@@ -107,7 +107,7 @@ export class ProjectService {
 
     /** Toggle projects on selection @public */
     public switchProjectModal(list: ProjectData): void {
-        const username: string = localStorage.getItem('username');
+        const username: string = sessionStorage.getItem('username');
         // eslint-disable-next-line security/detect-non-literal-fs-filename
         this.modalService.open(SwitchProjectComponent, { backdrop: 'static' })
             .componentInstance.params = { projectID: list.project, username };