From 7ca317912fc7ea7eec420560de6adfc8cdb0f222 Mon Sep 17 00:00:00 2001
From: Jaco Greeff <jaco@ethcore.io>
Date: Sat, 12 Nov 2016 17:09:55 +0100
Subject: [PATCH] Set signer token via #/auth=token={}

---
 js/src/index.js     | 10 +++++++++-
 js/src/secureApi.js | 25 +++++++++++++++++++------
 2 files changed, 28 insertions(+), 7 deletions(-)

diff --git a/js/src/index.js b/js/src/index.js
index c0f4f94ad..fda785842 100644
--- a/js/src/index.js
+++ b/js/src/index.js
@@ -25,6 +25,7 @@ import ReactDOM from 'react-dom';
 import injectTapEventPlugin from 'react-tap-event-plugin';
 import { createHashHistory } from 'history';
 import { Redirect, Router, Route, useRouterHistory } from 'react-router';
+import qs from 'querystring';
 
 import SecureApi from './secureApi';
 import ContractInstances from './contracts';
@@ -45,6 +46,7 @@ import './index.html';
 
 injectTapEventPlugin();
 
+const AUTH_HASH = '#/auth?';
 const parityUrl = process.env.PARITY_URL ||
   (
     process.env.NODE_ENV === 'production'
@@ -52,7 +54,12 @@ const parityUrl = process.env.PARITY_URL ||
     : '127.0.0.1:8180'
   );
 
-const api = new SecureApi(`ws://${parityUrl}`);
+let token = null;
+if (window.location.hash && window.location.hash.indexOf(AUTH_HASH) === 0) {
+  token = qs.parse(window.location.hash.substr(AUTH_HASH.length)).token;
+}
+
+const api = new SecureApi(`ws://${parityUrl}`, token);
 ContractInstances.create(api);
 
 const store = initStore(api);
@@ -67,6 +74,7 @@ ReactDOM.render(
   <ContextProvider api={ api } muiTheme={ muiTheme } store={ store }>
     <Router className={ styles.reset } history={ routerHistory }>
       <Redirect from='/' to='/accounts' />
+      <Redirect from='/auth' to='/accounts' query={ {} } />
       <Redirect from='/settings' to='/settings/views' />
       <Route path='/' component={ Application }>
         <Route path='accounts' component={ Accounts } />
diff --git a/js/src/secureApi.js b/js/src/secureApi.js
index ed665a5e6..67b38ff1b 100644
--- a/js/src/secureApi.js
+++ b/js/src/secureApi.js
@@ -19,23 +19,36 @@ import Api from './api';
 const sysuiToken = window.localStorage.getItem('sysuiToken');
 
 export default class SecureApi extends Api {
-  constructor (url) {
-    super(new Api.Transport.Ws(url, sysuiToken));
+  constructor (url, _token) {
+    super(new Api.Transport.Ws(url, SecureApi.sanitizeToken(_token || sysuiToken)));
+
+    const token = _token || sysuiToken;
 
     this._isConnecting = true;
-    this._connectState = sysuiToken === 'initial' ? 1 : 0;
+    this._connectState = token === 'initial' ? 1 : 0;
     this._needsToken = false;
     this._dappsPort = 8080;
     this._dappsInterface = null;
     this._signerPort = 8180;
 
-    console.log('SecureApi:constructor', sysuiToken);
+    console.log('SecureApi:constructor', token);
 
+    this.storeToken(token);
     this._followConnection();
   }
 
+  static sanitizeToken (token) {
+    return token
+      ? token.replace(/[^a-zA-Z0-9]/g, '')
+      : null;
+  }
+
+  storeToken (token) {
+    window.localStorage.setItem('sysuiToken', SecureApi.sanitizeToken(token));
+  }
+
   setToken = () => {
-    window.localStorage.setItem('sysuiToken', this._transport.token);
+    this.storeToken(this._transport.token);
     console.log('SecureApi:setToken', this._transport.token);
   }
 
@@ -115,7 +128,7 @@ export default class SecureApi extends Api {
 
   updateToken (token, connectState = 0) {
     this._connectState = connectState;
-    this._transport.updateToken(token.replace(/[^a-zA-Z0-9]/g, ''));
+    this._transport.updateToken(SecureApi.sanitizeToken(token));
     this._followConnection();
     console.log('SecureApi:updateToken', this._transport.token, connectState);
   }