From: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
Date: Thu, 27 Apr 2023 09:41:06 +0000 (+0530)
Subject: Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)
X-Git-Tag: release-v14.0-start^0
X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNG-UI.git;a=commitdiff_plain;h=5b35bcd21392dc71d3a847ba3a20e9fcd38534f6

Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)

	- Coverity fix for localStorage write issue: For storing datas
	  in browser localStorage so changed it to sessionStorage

Change-Id: I3fdce439b923e006b44a50a42fab19b7ffbcdec6
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
---

diff --git a/src/app/AppComponent.ts b/src/app/AppComponent.ts
index 4567671..1c5886a 100644
--- a/src/app/AppComponent.ts
+++ b/src/app/AppComponent.ts
@@ -86,7 +86,7 @@ export class AppComponent {
     public idleTimeOut(): void {
         this.idle.onTimeout.subscribe(() => {
             this.idle.stop();
-            if (localStorage.getItem('id_token') !== null) {
+            if (sessionStorage.getItem('id_token') !== null) {
                 this.authService.logout();
             }
         });
diff --git a/src/app/AppModule.ts b/src/app/AppModule.ts
index d260784..889f4be 100644
--- a/src/app/AppModule.ts
+++ b/src/app/AppModule.ts
@@ -211,14 +211,14 @@ export function appInitializerFactory(translate: TranslateService, injector: Inj
     return async (): Promise<any> => {
         await injector.get(LOCATION_INITIALIZED, Promise.resolve(null));
         translate.setDefaultLang('en');
-        const languageCode: string = localStorage.getItem('languageCode');
+        const languageCode: string = sessionStorage.getItem('languageCode');
         if (languageCode !== null && languageCode !== undefined && languageCode !== '') {
             await translate.use(languageCode).toPromise().catch((): void => {
                 translate.setDefaultLang('en');
             });
         } else {
             await translate.use('en').toPromise();
-            localStorage.setItem('languageCode', 'en');
+            sessionStorage.setItem('languageCode', 'en');
         }
     };
 }
diff --git a/src/app/dashboard/DashboardComponent.ts b/src/app/dashboard/DashboardComponent.ts
index 23e928f..d49f708 100644
--- a/src/app/dashboard/DashboardComponent.ts
+++ b/src/app/dashboard/DashboardComponent.ts
@@ -202,7 +202,7 @@ export class DashboardComponent implements OnInit {
      */
     public ngOnInit(): void {
         this.username$ = this.authService.username;
-        this.isAdmin = (localStorage.getItem('isAdmin') === 'true') ? true : false;
+        this.isAdmin = (sessionStorage.getItem('isAdmin') === 'true') ? true : false;
         this.selectedProject = this.authService.ProjectName;
         this.checkAdminPrivilege();
         this.getUserAccessedProjects();
diff --git a/src/app/layouts/breadcrumb/BreadcrumbComponent.ts b/src/app/layouts/breadcrumb/BreadcrumbComponent.ts
index 2b7ca54..1effed8 100644
--- a/src/app/layouts/breadcrumb/BreadcrumbComponent.ts
+++ b/src/app/layouts/breadcrumb/BreadcrumbComponent.ts
@@ -99,7 +99,7 @@ export class BreadcrumbComponent implements OnInit {
           if (!isNullOrUndefined(item.title)) {
             item.title = item.title.replace('{type}', this.checkTitle(item, child.snapshot.params.type));
             item.title = item.title.replace('{id}', child.snapshot.params.id);
-            item.title = item.title.replace('{project}', localStorage.getItem('project'));
+            item.title = item.title.replace('{project}', sessionStorage.getItem('project'));
           }
           if (!isNullOrUndefined(item.url)) {
             item.url = item.url.replace('{type}', child.snapshot.params.type);
diff --git a/src/app/layouts/header/HeaderComponent.ts b/src/app/layouts/header/HeaderComponent.ts
index 9392177..13e2129 100644
--- a/src/app/layouts/header/HeaderComponent.ts
+++ b/src/app/layouts/header/HeaderComponent.ts
@@ -95,8 +95,8 @@ export class HeaderComponent implements OnInit {
 
     /** Lifecyle Hooks the trigger before component is instantiate @public */
     public ngOnInit(): void {
-        this.isAdmin = (localStorage.getItem('isAdmin') === 'true') ? true : false;
-        this.isSystemAdmin = localStorage.getItem('admin_show') === 'true' ? true : false;
+        this.isAdmin = (sessionStorage.getItem('isAdmin') === 'true') ? true : false;
+        this.isSystemAdmin = sessionStorage.getItem('admin_show') === 'true' ? true : false;
         this.selectedProject = this.authService.ProjectName;
         this.authService.ProjectName.subscribe((projectNameFinal: string): void => {
             this.getSelectedProject = projectNameFinal;
@@ -105,7 +105,7 @@ export class HeaderComponent implements OnInit {
         this.projectService.setHeaderProjects();
         this.projectList$ = this.projectService.projectList;
         this.PACKAGEVERSION = environment.packageVersion;
-        const getLocalStorageVersion: string = localStorage.getItem('osmVersion');
+        const getLocalStorageVersion: string = sessionStorage.getItem('osmVersion');
         if (getLocalStorageVersion === null) {
             this.showNewVersion();
         } else if (getLocalStorageVersion !== this.sharedService.osmVersion) {
@@ -126,7 +126,7 @@ export class HeaderComponent implements OnInit {
     /** Close Version and add in local storage  @public */
     public closeVersion(): void {
         this.toShowNewTag = false;
-        localStorage.setItem('osmVersion', this.sharedService.osmVersion);
+        sessionStorage.setItem('osmVersion', this.sharedService.osmVersion);
     }
 
     /** Implementation of model for UserSettings options.@public */
@@ -139,7 +139,7 @@ export class HeaderComponent implements OnInit {
     public changePassword(): void {
         // eslint-disable-next-line security/detect-non-literal-fs-filename
         const modalRef: NgbModalRef = this.modalService.open(AddEditUserComponent, { backdrop: 'static' });
-        modalRef.componentInstance.userID = localStorage.getItem('user_id');
+        modalRef.componentInstance.userID = sessionStorage.getItem('user_id');
         modalRef.componentInstance.userTitle = this.translateService.instant('PAGE.USERS.EDITCREDENTIALS');
         modalRef.componentInstance.userType = 'changePassword';
         modalRef.result.then((result: MODALCLOSERESPONSEDATA): void => {
diff --git a/src/app/login/LoginComponent.ts b/src/app/login/LoginComponent.ts
index db842d8..1ffa8c3 100644
--- a/src/app/login/LoginComponent.ts
+++ b/src/app/login/LoginComponent.ts
@@ -195,7 +195,7 @@ export class LoginComponent implements OnInit {
             userName: ['', [Validators.required]],
             password: ['', [Validators.required]]
         });
-        this.returnUrl = isNullOrUndefined(localStorage.getItem('returnUrl')) ? '/' : localStorage.getItem('returnUrl');
+        this.returnUrl = isNullOrUndefined(sessionStorage.getItem('returnUrl')) ? '/' : sessionStorage.getItem('returnUrl');
     }
 
     /**
@@ -227,15 +227,15 @@ export class LoginComponent implements OnInit {
                     this.router.navigate([this.returnUrl]).catch((): void => {
                         // Catch Navigation Error
                     });
-                    this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false;
-                    this.isUserShow = localStorage.getItem('user_show') === 'true' ? true : false;
+                    this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false;
+                    this.isUserShow = sessionStorage.getItem('user_show') === 'true' ? true : false;
                     setTimeout((): void => {
                         if (this.isAdminShow === true || this.isUserShow === true) {
                             this.generateData();
                         }
                     }, this.epochTime1000);
                 }
-                localStorage.removeItem('returnUrl');
+                sessionStorage.removeItem('returnUrl');
             }, (err: HttpErrorResponse): void => {
                 this.isLoadingResults = false;
                 this.restService.handleError(err, 'post');
@@ -244,7 +244,7 @@ export class LoginComponent implements OnInit {
 
     /** Fetching the data from server to load it in toaster @public */
     public generateData(): void {
-        const userID: string = localStorage.getItem('user_id');
+        const userID: string = sessionStorage.getItem('user_id');
         if (userID !== '') {
             this.isLoadingResults = true;
             this.restService.getResource(environment.USERS_URL + '/' + userID).subscribe((userDetails: UserDetail): void => {
@@ -267,8 +267,8 @@ export class LoginComponent implements OnInit {
                     this.accountExpireMessage = this.translateService.instant('PAGE.LOGIN.ACCOUNTEXPIRE');
                     this.passwordExpireMessage = this.translateService.instant('PAGE.LOGIN.PASSWORDEXPIRE');
                     this.daysMessage = this.translateService.instant('PAGE.LOGIN.DAYS');
-                    this.lastLogin = localStorage.getItem('last_login');
-                    this.failedAttempts = localStorage.getItem('failed_count');
+                    this.lastLogin = sessionStorage.getItem('last_login');
+                    this.failedAttempts = sessionStorage.getItem('failed_count');
                     if (this.accountNoOfDays !== '0' && this.passwordNoOfDays !== '0' &&
                         this.accountNoOfDays !== '1' && this.passwordNoOfDays !== '1') {
                         this.showToaster();
diff --git a/src/app/sdn-controller/SDNControllerModule.ts b/src/app/sdn-controller/SDNControllerModule.ts
index 9b2f523..4bd392d 100644
--- a/src/app/sdn-controller/SDNControllerModule.ts
+++ b/src/app/sdn-controller/SDNControllerModule.ts
@@ -37,7 +37,7 @@ import { SDNControllerDetailsComponent } from 'SDNControllerDetailsComponent';
 import { SDNControllerInfoComponent } from 'SDNControllerInfoComponent';
 
 /** To halndle project information */
-const projectInfo: {} = localStorage.getItem('project') !== null ? { title: localStorage.getItem('project'), url: '/' } : {};
+const projectInfo: {} = sessionStorage.getItem('project') !== null ? { title: sessionStorage.getItem('project'), url: '/' } : {};
 
 /**
  * configures  routers
diff --git a/src/app/user-settings/UserSettingsComponent.ts b/src/app/user-settings/UserSettingsComponent.ts
index 5212eb5..67aa092 100644
--- a/src/app/user-settings/UserSettingsComponent.ts
+++ b/src/app/user-settings/UserSettingsComponent.ts
@@ -81,7 +81,7 @@ export class UserSettingsComponent implements OnInit {
         this.usersettingsForm = this.formBuilder.group({
             selectedLanguage: [null, [Validators.required]]
         });
-        const setLanguage: string = localStorage.getItem('languageCode');
+        const setLanguage: string = sessionStorage.getItem('languageCode');
         if (setLanguage !== null && this.validateLanguageList(setLanguage)) {
             this.usersettingsForm.get('selectedLanguage').setValue(setLanguage);
         } else {
@@ -97,7 +97,7 @@ export class UserSettingsComponent implements OnInit {
         this.submitted = true;
         if (!this.usersettingsForm.invalid) {
             const selectedLanguage: string = this.usersettingsForm.value.selectedLanguage;
-            localStorage.setItem('languageCode', this.usersettingsForm.value.selectedLanguage);
+            sessionStorage.setItem('languageCode', this.usersettingsForm.value.selectedLanguage);
             this.translateService.use(selectedLanguage);
             location.reload();
         }
diff --git a/src/app/users/add-user/AddEditUserComponent.ts b/src/app/users/add-user/AddEditUserComponent.ts
index e7592e4..2931d79 100644
--- a/src/app/users/add-user/AddEditUserComponent.ts
+++ b/src/app/users/add-user/AddEditUserComponent.ts
@@ -79,7 +79,7 @@ export class AddEditUserComponent implements OnInit {
     public isPassword: boolean;
 
     /** Variable holds value for first login user @public */
-    public isFirstLogin: boolean = Boolean(localStorage.getItem('firstLogin') === 'true');
+    public isFirstLogin: boolean = Boolean(sessionStorage.getItem('firstLogin') === 'true');
 
     /** Instance of the rest service @private */
     private restService: RestService;
@@ -273,10 +273,10 @@ export class AddEditUserComponent implements OnInit {
 
     /** Method to check loggedin username and update  @private */
     private checkUsername(payLoad: LOGINPARAMS): void {
-        const logUsername: string = localStorage.getItem('username');
+        const logUsername: string = sessionStorage.getItem('username');
         if (this.userType === 'editUserName' && logUsername === this.userName) {
             this.authService.userName.next(payLoad.username);
-            localStorage.setItem('username', payLoad.username);
+            sessionStorage.setItem('username', payLoad.username);
         }
     }
 }
diff --git a/src/app/users/user-details/UserDetailsComponent.ts b/src/app/users/user-details/UserDetailsComponent.ts
index 51047ba..12c37fe 100644
--- a/src/app/users/user-details/UserDetailsComponent.ts
+++ b/src/app/users/user-details/UserDetailsComponent.ts
@@ -125,7 +125,7 @@ export class UserDetailsComponent implements OnInit, OnDestroy {
     this.projectService.getAllProjects().subscribe((projects: {}[]) => {
       this.projectList = projects;
     });
-    this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false;
+    this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false;
     this.generateColumns();
     this.generateSettings();
     this.generateData();
diff --git a/src/app/utilities/change-password/ChangePasswordComponent.ts b/src/app/utilities/change-password/ChangePasswordComponent.ts
index 4c6aa5a..2b32a8b 100644
--- a/src/app/utilities/change-password/ChangePasswordComponent.ts
+++ b/src/app/utilities/change-password/ChangePasswordComponent.ts
@@ -61,7 +61,7 @@ export class ChangePasswordComponent implements OnInit {
     public ngOnInit(): void {
         // eslint-disable-next-line security/detect-non-literal-fs-filename
         const modalRef: NgbModalRef = this.modalService.open(AddEditUserComponent, { backdrop: 'static', keyboard: false });
-        modalRef.componentInstance.userID = localStorage.getItem('user_id');
+        modalRef.componentInstance.userID = sessionStorage.getItem('user_id');
         if (this.editType === 'changePassword') {
             modalRef.componentInstance.userTitle = this.translateService.instant('PAGE.USERS.EDITCREDENTIALS');
         }
diff --git a/src/app/utilities/project-link/ProjectLinkComponent.ts b/src/app/utilities/project-link/ProjectLinkComponent.ts
index 5f956f2..86feb97 100644
--- a/src/app/utilities/project-link/ProjectLinkComponent.ts
+++ b/src/app/utilities/project-link/ProjectLinkComponent.ts
@@ -63,13 +63,13 @@ export class ProjectLinkComponent implements OnInit {
   }
 
   public ngOnInit(): void {
-    this.selectedProject = localStorage.getItem('project');
+    this.selectedProject = sessionStorage.getItem('project');
     this.getAdminProjects();
   }
 
   /** Get the admin projects to be selectable @public */
   public getAdminProjects(): void {
-    const username: string = localStorage.getItem('username');
+    const username: string = sessionStorage.getItem('username');
     this.restService.getResource(environment.USERS_URL + '/' + username).subscribe((projects: UserDetail) => {
       this.projectList = projects.project_role_mappings;
       this.isPresent = this.projectList.some((item: ProjectData) => item.project === this.value.project);
diff --git a/src/app/utilities/switch-project/SwitchProjectComponent.ts b/src/app/utilities/switch-project/SwitchProjectComponent.ts
index f3dffcb..b7bc9a4 100644
--- a/src/app/utilities/switch-project/SwitchProjectComponent.ts
+++ b/src/app/utilities/switch-project/SwitchProjectComponent.ts
@@ -124,12 +124,12 @@ export class SwitchProjectComponent implements OnInit {
       };
       this.restService.postResource(apiURLHeader, payLoad).subscribe((data: LOCALSTORAGE) => {
         if (data) {
-          localStorage.setItem('id_token', data.id);
-          localStorage.setItem('project_id', this.params.projectID);
-          localStorage.setItem('expires', data.expires.toString());
-          localStorage.setItem('username', data.username);
-          localStorage.setItem('project', data.project_name);
-          localStorage.setItem('token_state', data.id);
+          sessionStorage.setItem('id_token', data.id);
+          sessionStorage.setItem('project_id', this.params.projectID);
+          sessionStorage.setItem('expires', data.expires.toString());
+          sessionStorage.setItem('username', data.username);
+          sessionStorage.setItem('project', data.project_name);
+          sessionStorage.setItem('token_state', data.id);
           this.activeModal.close();
           if (this.router.url.includes('history-operations')) {
             this.router.navigate(['/instances/ns']).then((): void => {
diff --git a/src/app/utilities/users-action/UsersActionComponent.ts b/src/app/utilities/users-action/UsersActionComponent.ts
index 04fd58a..799779d 100644
--- a/src/app/utilities/users-action/UsersActionComponent.ts
+++ b/src/app/utilities/users-action/UsersActionComponent.ts
@@ -74,8 +74,8 @@ export class UsersActionComponent {
      * Lifecyle Hooks the trigger before component is instantiate
      */
     public ngOnInit(): void {
-        this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false;
-        this.isUserShow = localStorage.getItem('user_show') === 'true' ? true : false;
+        this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false;
+        this.isUserShow = sessionStorage.getItem('user_show') === 'true' ? true : false;
         if (!isNullOrUndefined(this.value.user_status)) {
             this.isUserStatus = this.value.user_status;
         }
@@ -134,8 +134,8 @@ export class UsersActionComponent {
     public unlockRenewUser(editType: string): void {
         // eslint-disable-next-line security/detect-non-literal-fs-filename
         const modalRef: NgbModalRef = this.modalService.open(WarningComponent, { backdrop: 'static' });
-        localStorage.setItem('renew', 'true');
-        const id: string = localStorage.getItem('user_id');
+        sessionStorage.setItem('renew', 'true');
+        const id: string = sessionStorage.getItem('user_id');
         if (editType === 'unlock') {
             modalRef.componentInstance.heading = this.translateService.instant('Unlock User');
             modalRef.componentInstance.confirmationMessage = this.translateService.instant('Are you sure want to unlock this user');
diff --git a/src/app/utilities/warning/WarningComponent.ts b/src/app/utilities/warning/WarningComponent.ts
index c687fb0..d52e989 100644
--- a/src/app/utilities/warning/WarningComponent.ts
+++ b/src/app/utilities/warning/WarningComponent.ts
@@ -113,7 +113,7 @@ export class WarningComponent {
         const modalData: MODALCLOSERESPONSEDATA = {
             message: 'Done'
         };
-        const id: string = localStorage.getItem('user_id');
+        const id: string = sessionStorage.getItem('user_id');
         const payLoad: UNLOCKPARAMS = {};
         if (this.editType === 'unlock') {
             payLoad.system_admin_id = id;
diff --git a/src/services/AcessGuardService.ts b/src/services/AcessGuardService.ts
index 42d36a5..1ee7f64 100644
--- a/src/services/AcessGuardService.ts
+++ b/src/services/AcessGuardService.ts
@@ -34,7 +34,7 @@ export class AcessGuardService implements CanLoad {
      */
     public canLoad(route: Route): Observable<boolean> | Promise<boolean> | boolean {
         // Need to get the Role and valid here for authorization
-        if (localStorage.getItem('role') === 'Admin') {
+        if (sessionStorage.getItem('role') === 'Admin') {
             return true;
         } else {
             return false;
diff --git a/src/services/AuthInterceptorService.ts b/src/services/AuthInterceptorService.ts
index d2166e3..5f4255e 100644
--- a/src/services/AuthInterceptorService.ts
+++ b/src/services/AuthInterceptorService.ts
@@ -68,7 +68,7 @@ export class AuthInterceptorService implements HttpInterceptor {
     public intercept(req: HttpRequest<{}>, next: HttpHandler): Observable<HttpSentEvent |
         // eslint-disable-next-line @typescript-eslint/no-explicit-any
         HttpHeaderResponse | HttpProgressEvent | HttpResponse<{}> | HttpUserEvent<any> | any> {
-        const idToken: string = localStorage.getItem('id_token');
+        const idToken: string = sessionStorage.getItem('id_token');
         const excludedUrl: string[] = ['osm/admin/v1/tokens', 'assets/i18n/', 'osm/version'];
         if (excludedUrl.some((x: string): boolean => req.url.includes(x))) { return next.handle(req); }
         if (idToken.length > 0) {
diff --git a/src/services/AuthenticationService.ts b/src/services/AuthenticationService.ts
index 36cf476..a8950e5 100644
--- a/src/services/AuthenticationService.ts
+++ b/src/services/AuthenticationService.ts
@@ -88,16 +88,16 @@ export class AuthenticationService {
         this.modalService = this.injector.get(NgbModal);
         this.idle = this.injector.get(Idle);
         this.sharedService = this.injector.get(SharedService);
-        if (localStorage.getItem('username') !== null) {
+        if (sessionStorage.getItem('username') !== null) {
             this.loggedIn.next(true);
             this.changePassword.next(false);
-        } else if (localStorage.getItem('firstLogin') !== null) {
+        } else if (sessionStorage.getItem('firstLogin') !== null) {
             this.changePassword.next(true);
             this.loggedIn.next(false);
         } else {
             this.loggedIn.next(false);
         }
-        this.userName.next(localStorage.getItem('username'));
+        this.userName.next(sessionStorage.getItem('username'));
         this.redirectToPage();
     }
 
@@ -141,9 +141,9 @@ export class AuthenticationService {
         return this.restService.postResource(apiURLHeader, this.payLoad)
             .pipe(map((data: ProjectModel): BehaviorSubject<boolean> => {
                 if (data.message === 'change_password') {
-                    localStorage.setItem('firstLogin', 'true');
-                    localStorage.setItem('id_token', data.id);
-                    localStorage.setItem('user_id', data.user_id);
+                    sessionStorage.setItem('firstLogin', 'true');
+                    sessionStorage.setItem('id_token', data.id);
+                    sessionStorage.setItem('user_id', data.user_id);
                     this.idle.watch(true);
                     this.changePassword.next(true);
                     this.loggedIn.next(false);
@@ -179,32 +179,32 @@ export class AuthenticationService {
 
     /** set local storage on auth process @public */
     public setLocalStorage(data: ProjectModel): void {
-        localStorage.setItem('id_token', data.id);
-        localStorage.setItem('expires', data.expires.toString());
-        localStorage.setItem('username', data.username);
-        localStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false');
-        localStorage.setItem('project_id', data.project_id);
-        localStorage.setItem('project', data.project_name);
-        localStorage.setItem('token_state', data.id);
-        localStorage.setItem('user_id', data.user_id);
-        localStorage.setItem('user_show', String(data.user_show));
-        localStorage.setItem('admin_show', String(data.admin_show));
-        localStorage.setItem('last_login', this.sharedService.convertEpochTime(!isNullOrUndefined(data.last_login) ? data.last_login : null));
-        localStorage.setItem('failed_count', data.login_count);
+        sessionStorage.setItem('id_token', data.id);
+        sessionStorage.setItem('expires', data.expires.toString());
+        sessionStorage.setItem('username', data.username);
+        sessionStorage.setItem('isAdmin', (data.admin) ? 'true' : 'false');
+        sessionStorage.setItem('project_id', data.project_id);
+        sessionStorage.setItem('project', data.project_name);
+        sessionStorage.setItem('token_state', data.id);
+        sessionStorage.setItem('user_id', data.user_id);
+        sessionStorage.setItem('user_show', String(data.user_show));
+        sessionStorage.setItem('admin_show', String(data.admin_show));
+        sessionStorage.setItem('last_login', this.sharedService.convertEpochTime(!isNullOrUndefined(data.last_login) ? data.last_login : null));
+        sessionStorage.setItem('failed_count', data.login_count);
         this.projectName$.next(data.project_name);
     }
     /** Destory tokens API response handling @public */
     public logoutResponse(): void {
         this.loggedIn.next(false);
         this.changePassword.next(false);
-        const langCode: string = localStorage.getItem('languageCode');
-        const redirecturl: string = isNullOrUndefined(localStorage.getItem('returnUrl')) ? '/' : localStorage.getItem('returnUrl');
-        const osmVersion: string = isNullOrUndefined(localStorage.getItem('osmVersion')) ? '' : localStorage.getItem('osmVersion');
-        localStorage.clear();
-        localStorage.setItem('languageCode', langCode);
-        localStorage.setItem('returnUrl', redirecturl);
-        localStorage.setItem('token_state', null);
-        localStorage.setItem('osmVersion', osmVersion);
+        const langCode: string = sessionStorage.getItem('languageCode');
+        const redirecturl: string = isNullOrUndefined(sessionStorage.getItem('returnUrl')) ? '/' : sessionStorage.getItem('returnUrl');
+        const osmVersion: string = isNullOrUndefined(sessionStorage.getItem('osmVersion')) ? '' : sessionStorage.getItem('osmVersion');
+        sessionStorage.clear();
+        sessionStorage.setItem('languageCode', langCode);
+        sessionStorage.setItem('returnUrl', redirecturl);
+        sessionStorage.setItem('token_state', null);
+        sessionStorage.setItem('osmVersion', osmVersion);
         this.idle.stop();
         this.router.navigate(['login']).catch((): void => {
             // Catch Navigation Error
@@ -215,13 +215,13 @@ export class AuthenticationService {
      */
     public logout(): void {
         this.returnUrl = this.router.url;
-        localStorage.setItem('returnUrl', this.returnUrl);
+        sessionStorage.setItem('returnUrl', this.returnUrl);
         this.modalService.dismissAll();
         this.destoryToken();
     }
     /** Destory tokens on logout @public */
     public destoryToken(): void {
-        const tokenID: string = localStorage.getItem('id_token');
+        const tokenID: string = sessionStorage.getItem('id_token');
         if (tokenID !== null) {
             const deletingURl: string = environment.GENERATETOKEN_URL + '/' + tokenID;
             this.restService.deleteResource(deletingURl).subscribe((res: {}): void => {
@@ -234,9 +234,9 @@ export class AuthenticationService {
 
     /** Return to previous page deny access to changepassword */
     public redirectToPage(): void {
-        if (window.location.pathname === '/changepassword' && localStorage.getItem('username') !== null) {
+        if (window.location.pathname === '/changepassword' && sessionStorage.getItem('username') !== null) {
             window.history.back();
-        } else if (window.location.pathname === '/' && localStorage.getItem('firstLogin') === 'true') {
+        } else if (window.location.pathname === '/' && sessionStorage.getItem('firstLogin') === 'true') {
             this.router.navigate(['/login']).catch((): void => {
                 // Catch Navigation Error
             });
diff --git a/src/services/ProjectService.ts b/src/services/ProjectService.ts
index 4206ea4..632500b 100644
--- a/src/services/ProjectService.ts
+++ b/src/services/ProjectService.ts
@@ -77,13 +77,13 @@ export class ProjectService {
 
     /** Get current project details from local storage @public */
     public getCurrentProjectDetails(): Observable<{}> {
-        const project: string = localStorage.getItem('project_id');
+        const project: string = sessionStorage.getItem('project_id');
         return this.restService.getResource(environment.PROJECTS_URL + '/' + project);
     }
 
     /** Returns all the projects for a particular users @public */
     public getUserProjects(): Observable<{}> {
-        const username: string = localStorage.getItem('username');
+        const username: string = sessionStorage.getItem('username');
         return this.restService.getResource(environment.USERS_URL + '/' + username);
     }
 
@@ -92,8 +92,8 @@ export class ProjectService {
         this.getUserProjects().subscribe((projects: UserDetail) => {
             const projectList: {}[] = projects.project_role_mappings;
             projectList.filter((list: ProjectModel) => {
-                if (list.project === localStorage.getItem('project_id')) {
-                    localStorage.setItem('project', list.project_name);
+                if (list.project === sessionStorage.getItem('project_id')) {
+                    sessionStorage.setItem('project', list.project_name);
                     this.authService.projectName$.next(list.project_name);
                 }
             });
@@ -107,7 +107,7 @@ export class ProjectService {
 
     /** Toggle projects on selection @public */
     public switchProjectModal(list: ProjectData): void {
-        const username: string = localStorage.getItem('username');
+        const username: string = sessionStorage.getItem('username');
         // eslint-disable-next-line security/detect-non-literal-fs-filename
         this.modalService.open(SwitchProjectComponent, { backdrop: 'static' })
             .componentInstance.params = { projectID: list.project, username };