Merge pull request #291 from ajinkyapandetekdi/25-feb-1.4.0

Issue #236402 Secure all Localstorage Value for VAPT fixes

package.json

@@ -22,6 +22,7 @@
     "canvas-confetti": "^1.9.2",
     "character-error-rate": "^1.1.4",
     "classnames": "^2.3.1",
+    "crypto-js": "^4.2.0",
     "eslint-plugin-import": "^2.28.0",
     "eslint-plugin-jsx-a11y": "^6.7.1",
     "eslint-plugin-react": "^7.33.1",

src/App.js

@@ -81,32 +81,32 @@ const App = () => {
     };
   }, []);
 
-  useEffect(() => {
-    axios.interceptors.response.use(
-      (response) => response,
-      (error) => {
-        if (error.response && error.response.status === 401) {
-          if (error?.response?.data?.error === "Unauthorized") {
-            if (
-              localStorage.getItem("contentSessionId") &&
-              process.env.REACT_APP_IS_APP_IFRAME === "true"
-            ) {
-              window.parent.postMessage(
-                {
-                  message: "Unauthorized",
-                }, window?.location?.ancestorOrigins?.[0] || window.parent.location.origin
-              );
-            } else {
-              localStorage.clear();
-              sessionStorage.clear();
-              navigate("/login");
-            }
+  axios.interceptors.response.use(
+    (response) => response,
+    (error) => {
+      if (error.response && error.response.status === 401) {
+        if (error?.response?.data?.error === "Unauthorized") {
+          if (
+            localStorage.getItem("contentSessionId") &&
+            process.env.REACT_APP_IS_APP_IFRAME === "true"
+          ) {
+            window.parent.postMessage(
+              {
+                message: "Unauthorized",
+              },
+              window?.location?.ancestorOrigins?.[0] ||
+                window.parent.location.origin
+            );
+          } else {
+            localStorage.clear();
+            sessionStorage.clear();
+            navigate("/login");
           }
         }
-        return Promise.reject(error);
       }
-    );
-  }, []);
+      return Promise.reject(error);
+    }
+  );
 
   return (
     <StyledEngineProvider injectFirst>

src/components/Assesment/Assesment.jsx

@@ -573,9 +573,8 @@ const Assesment = ({ discoverStart }) => {
     // const level = getLocalData('userLevel');
     // setLevel(level);
     setLocalData("lang", lang);
-    dispatch(setVirtualId(localStorage.getItem("virtualId")));
     let contentSessionId = localStorage.getItem("contentSessionId");
-    localStorage.setItem("sessionId", contentSessionId);
+    setLocalData("sessionId", contentSessionId);
     // const TOKEN = localStorage.getItem("apiToken");
     // let virtualId;
     // if (TOKEN) {
@@ -589,19 +588,19 @@ const Assesment = ({ discoverStart }) => {
         const usernameDetails = await fetchVirtualId(username);
         const getMilestoneDetails = await getFetchMilestoneDetails(lang);
 
-        localStorage.setItem(
+        setLocalData(
           "getMilestone",
           JSON.stringify({ ...getMilestoneDetails })
         );
         setLevel(getMilestoneDetails?.data?.milestone_level?.replace("m", ""));
-        let session_id = localStorage.getItem("sessionId");
+        let session_id = getLocalData("sessionId");
 
         if (!session_id) {
           session_id = uniqueId();
-          localStorage.setItem("sessionId", session_id);
+          setLocalData("sessionId", session_id);
         }
 
-        localStorage.setItem("lang", lang || "ta");
+        setLocalData("lang", lang || "ta");
         if (
           process.env.REACT_APP_IS_APP_IFRAME !== "true" &&
           localStorage.getItem("contentSessionId") !== null
@@ -622,7 +621,7 @@ const Assesment = ({ discoverStart }) => {
       (async () => {
         const language = lang;
         const getMilestoneDetails = await getFetchMilestoneDetails(language);
-        localStorage.setItem(
+        setLocalData(
           "getMilestone",
           JSON.stringify({ ...getMilestoneDetails })
         );
@@ -633,7 +632,7 @@ const Assesment = ({ discoverStart }) => {
 
         if (!sessionId || sessionId === "null") {
           sessionId = uniqueId();
-          localStorage.setItem("sessionId", sessionId);
+          setLocalData("sessionId", sessionId);
         }
 
         if (

src/components/AssesmentEnd/AssesmentEnd.jsx

@@ -46,7 +46,7 @@ const AssesmentEnd = () => {
       let sessionId = getLocalData("sessionId");
       if (!sessionId) {
         sessionId = uniqueId();
-        localStorage.setItem("sessionId", sessionId);
+        setLocalData("sessionId", sessionId);
       }
       if (
         process.env.REACT_APP_IS_APP_IFRAME !== "true" &&

src/components/DiscoverSentance/DiscoverSentance.jsx

@@ -5,6 +5,7 @@ import elephant from "../../assets/images/elephant.svg";
 import {
   callConfetti,
   getLocalData,
+  sendTestRigScore,
   setLocalData,
 } from "../../utils/constants";
 import WordsOrImage from "../Mechanism/WordsOrImage";
@@ -112,17 +113,6 @@ const SpeakSentenceComponent = () => {
     //eslint-disable-next-line
   }, [voiceText]);
 
-  const send = (score) => {
-    if (process.env.REACT_APP_IS_APP_IFRAME === "true") {
-      window.parent.postMessage(
-        {
-          score: score,
-          message: "all-test-rig-score",
-        }, window?.location?.ancestorOrigins?.[0] || window.parent.location.origin
-      );
-    }
-  };
-
   const handleNext = async () => {
     setIsNextButtonCalled(true);
     setEnableNext(false);
@@ -164,7 +154,7 @@ const SpeakSentenceComponent = () => {
             console.error("Error adding points:", error);
           }
         } else {
-          send(5);
+          sendTestRigScore(5);
           // setPoints(localStorage.getItem("currentLessonScoreCount"));
         }
 
@@ -279,7 +269,7 @@ const SpeakSentenceComponent = () => {
         setTotalSyllableCount(resPagination?.totalSyllableCount);
         setCurrentCollectionId(sentences?.collectionId);
         setAssessmentResponse(resAssessment);
-        localStorage.setItem("storyTitle", sentences?.name);
+        setLocalData("storyTitle", sentences?.name);
         quesArr = [...quesArr, ...(resPagination?.data || [])];
         setQuestions(quesArr);
       } catch (error) {

src/services/content/contentService.js

@@ -6,12 +6,12 @@ const API_BASE_URL_CONTENT_SERVICE =
   process.env.REACT_APP_CONTENT_SERVICE_APP_HOST;
 
 const getHeaders = () => {
-  const token = getLocalData("apiToken");
+  const token = localStorage.getItem("apiToken");
   return {
     headers: {
       Authorization: `Bearer ${token}`,
-      "Content-Type": "application/json"
-    }
+      "Content-Type": "application/json",
+    },
   };
 };
 

src/services/learnerAi/learnerAiService.js

@@ -6,7 +6,7 @@ import { getVirtualId } from "../userservice/userService";
 const API_LEARNER_AI_APP_HOST = process.env.REACT_APP_LEARNER_AI_APP_HOST;
 
 const getHeaders = () => {
-  const token = getLocalData("apiToken");
+  const token = localStorage.getItem("apiToken");
   return {
     headers: {
       Authorization: `Bearer ${token}`,
@@ -33,7 +33,7 @@ export const getContent = async (criteria, lang, limit, options = {}) => {
 };
 
 export const getFetchMilestoneDetails = async (lang) => {
-  if (getLocalData("apiToken")) {
+  if (localStorage.getItem("apiToken")) {
     try {
       const response = await axios.get(
         `${API_LEARNER_AI_APP_HOST}/${config.URLS.GET_MILESTONE}?language=${lang}`,
@@ -53,7 +53,7 @@ export const fetchGetSetResult = async (
   currentCollectionId,
   totalSyllableCount
 ) => {
-  const session_id = localStorage.getItem("sessionId");
+  const session_id = getLocalData("sessionId");
   const lang = getLocalData("lang");
 
   try {
@@ -91,7 +91,7 @@ export const getSetResultPractice = async ({
         contentType: currentContentType,
         session_id: sessionId,
         totalSyllableCount: totalSyllableCount,
-        language: localStorage.getItem("lang"),
+        language: getLocalData("lang"),
         is_mechanics: mechanism && mechanism?.id ? true : false,
       },
       getHeaders()

src/services/orchestration/orchestrationService.js

@@ -7,7 +7,7 @@ const API_BASE_URL_ORCHESTRATION =
   process.env.REACT_APP_LEARNER_AI_ORCHESTRATION_HOST;
 
 const getHeaders = () => {
-  const token = getLocalData("apiToken");
+  const token = localStorage.getItem("apiToken");
   return {
     headers: {
       Authorization: `Bearer ${token}`,
@@ -46,7 +46,7 @@ export const fetchUserPoints = async () => {
 };
 
 export const addPointer = async (points, milestone) => {
-  const sessionId = localStorage.getItem("sessionId");
+  const sessionId = getLocalData("sessionId");
   const lang = getLocalData("lang");
 
   try {
@@ -72,8 +72,8 @@ export const createLearnerProgress = async (
   milestoneLevel,
   totalSyllableCount
 ) => {
-  const sessionId = localStorage.getItem("sessionId");
-  const language = localStorage.getItem("lang");
+  const sessionId = getLocalData("sessionId");
+  const language = getLocalData("lang");
 
   try {
     const requestBody = {

src/services/telementryService.js

@@ -2,6 +2,7 @@ import { CsTelemetryModule } from "@project-sunbird/client-services/telemetry";
 
 import { uniqueId } from "./utilService";
 import { jwtDecode } from "../../node_modules/jwt-decode/build/cjs/index";
+import { getLocalData } from "../utils/constants";
 
 let startTime; // Variable to store the timestamp when the start event is raised
 let contentSessionId;
@@ -266,7 +267,7 @@ export const getEventOptions = () => {
         },
         { id: playSessionId, type: "PlaySession" },
         { id: userId, type: userType },
-        { id: localStorage.getItem("lang") || "ta", type: "language" },
+        { id: getLocalData("lang") || "ta", type: "language" },
         { id: userDetails?.school_name, type: "school_name" },
         {
           id: userDetails?.class_studying_id,

src/utils/Badwords.js

@@ -1,7 +1,8 @@
-import wordLists from '../Badwords/badWords.json'
+import wordLists from "../Badwords/badWords.json";
+import { getLocalData } from "./constants";
 
-export const checkBadWord = userInput => {
-  const lang_code = localStorage.getItem('lang') || 'ta';
+export const checkBadWord = (userInput) => {
+  const lang_code = getLocalData("lang") || "ta";
   const words = wordLists[lang_code];
 
   if (!words || !Array.isArray(words)) {
@@ -12,20 +13,20 @@ export const checkBadWord = userInput => {
   return words.includes(cleanedInput);
 };
 
-export const filterBadWords = input => {
-  let texttemp = input.replace(/[.,|!?']/g, '');
+export const filterBadWords = (input) => {
+  let texttemp = input.replace(/[.,|!?']/g, "");
   const wordsToFilter = texttemp.toLowerCase().split(/\s+/); // Split the input into an array of words
-  const filteredWords = wordsToFilter.map(word => {
+  const filteredWords = wordsToFilter.map((word) => {
     if (checkBadWord(word)) {
-      return `${word[0]}*****${word[word.length-1]}`; // Replace bad words with ****
+      return `${word[0]}*****${word[word.length - 1]}`; // Replace bad words with ****
     }
     return word;
   });
 
-  return filteredWords.join(' '); // Join the array back into a string
+  return filteredWords.join(" "); // Join the array back into a string
 };
 
-export const isProfanityWord=()=>{
-  let isProfanity = localStorage.getItem('voiceText') || '';
-  return isProfanity.includes("*****")
-}
+export const isProfanityWord = () => {
+  let isProfanity = localStorage.getItem("voiceText") || "";
+  return isProfanity.includes("*****");
+};

src/utils/VoiceAnalyser.js

@@ -363,7 +363,7 @@ function VoiceAnalyser(props) {
         sub_session_id,
         contentId,
         contentType,
-        mechanics_id: localStorage.getItem("mechanism_id") || "",
+        mechanics_id: getLocalData("mechanism_id") || "",
       };
 
       if (props.selectedOption) {