Merge pull request #284 from ajinkyapandetekdi/25-feb-1.4.0

Issueid #0000 added meta tag in index html file

public/index.html

@@ -8,11 +8,6 @@
     />
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="theme-color" content="#000000" />
-    <meta http-equiv="Content-Security-Policy" content="default-src 'self';
-      img-src 'self';
-      script-src 'https';
-      connect-src 'https';
-    ">
     <meta
       name="description"
       content="Base React App structure for Devigital Systems Projects"

src/components/Assesment/Assesment.jsx

@@ -352,7 +352,11 @@ export const ProfileHeader = ({
   const handleProfileBack = () => {
     try {
       if (process.env.REACT_APP_IS_APP_IFRAME === "true") {
-        window.parent.postMessage({ type: "restore-iframe-content" }, window?.location?.ancestorOrigins?.[0] || window.parent.location.origin);
+        window.parent.postMessage(
+          { type: "restore-iframe-content" },
+          window?.location?.ancestorOrigins?.[0] ||
+            window.parent.location.origin
+        );
         navigate("/");
       } else {
         navigate("/discover-start");
@@ -572,14 +576,14 @@ const Assesment = ({ discoverStart }) => {
     dispatch(setVirtualId(localStorage.getItem("virtualId")));
     let contentSessionId = localStorage.getItem("contentSessionId");
     localStorage.setItem("sessionId", contentSessionId);
-    const TOKEN = localStorage.getItem("apiToken");
-    let virtualId;
-    if (TOKEN) {
-      const tokenDetails = jwtDecode(TOKEN);
-      virtualId = tokenDetails?.virtual_id;
-    }
+    // const TOKEN = localStorage.getItem("apiToken");
+    // let virtualId;
+    // if (TOKEN) {
+    //   const tokenDetails = jwtDecode(TOKEN);
+    //   virtualId = tokenDetails?.virtual_id;
+    // }
 
-    if (discoverStart && username && !virtualId) {
+    if (discoverStart && username && !TOKEN) {
       (async () => {
         setLocalData("profileName", username);
         const usernameDetails = await fetchVirtualId(username);
@@ -612,7 +616,7 @@ const Assesment = ({ discoverStart }) => {
             });
         }
 
-        dispatch(setVirtualId(virtualId));
+        // dispatch(setVirtualId(virtualId));
       })();
     } else {
       (async () => {
@@ -634,7 +638,7 @@ const Assesment = ({ discoverStart }) => {
 
         if (
           process.env.REACT_APP_IS_APP_IFRAME !== "true" &&
-          virtualId &&
+          TOKEN &&
           localStorage.getItem("contentSessionId") !== null
         ) {
           fetchUserPoints()
@@ -652,10 +656,10 @@ const Assesment = ({ discoverStart }) => {
 
   const TOKEN = localStorage.getItem("apiToken");
   let virtualId;
-  if (TOKEN) {
-    const tokenDetails = jwtDecode(TOKEN);
-    virtualId = JSON.stringify(tokenDetails?.virtual_id);
-  }
+  // if (TOKEN) {
+  //   const tokenDetails = jwtDecode(TOKEN);
+  //   virtualId = JSON.stringify(tokenDetails?.virtual_id);
+  // }
 
   const handleOpenVideo = () => {
     if (process.env.REACT_APP_SHOW_HELP_VIDEO === "true") {
@@ -694,7 +698,7 @@ const Assesment = ({ discoverStart }) => {
   const navigate = useNavigate();
   const handleRedirect = () => {
     const profileName = getLocalData("profileName");
-    if (!username && !profileName && !virtualId && level === 0) {
+    if (!username && !profileName && !TOKEN && level === 0) {
       // alert("please add username in query param");
       setOpenMessageDialog({
         message: "please add username in query param",

src/csp.js

@@ -0,0 +1,24 @@
+export const getCSP = (envVariables) => {
+  const {
+    REACT_APP_HOST,
+    REACT_APP_LEARNER_AI_BASE_URL,
+    REACT_APP_AWS_S3_BUCKET_CONTENT_URL,
+    REACT_APP_AWS_S3_BUCKET_URL,
+    REACT_APP_CSP_APP_HOST,
+  } = envVariables;
+
+  return `
+      default-src 'none';
+      manifest-src 'self';
+      script-src 'self' blob: https://cdn.jsdelivr.net ;
+      style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.cdnfonts.com/;
+      font-src 'self' https://fonts.gstatic.com https://fonts.cdnfonts.com;
+      img-src 'self' data: https://images.squarespace-cdn.com ${REACT_APP_AWS_S3_BUCKET_CONTENT_URL} ${REACT_APP_AWS_S3_BUCKET_URL};
+      media-src 'self' blob: ${REACT_APP_AWS_S3_BUCKET_URL} ${REACT_APP_AWS_S3_BUCKET_CONTENT_URL};
+      connect-src 'self' ${REACT_APP_HOST} ${REACT_APP_LEARNER_AI_BASE_URL} ${REACT_APP_CSP_APP_HOST} blob:;
+      form-action 'self';
+      frame-src 'self' https://www.google.com https://www.gstatic.com;
+      object-src 'none';
+      base-uri 'none';
+    `;
+};

src/index.js

@@ -6,6 +6,21 @@ import "./assets/styles/index.scss";
 import store from "./store/configureStore";
 import "./index.css";
 import { BrowserRouter as Router } from "react-router-dom";
+import { getCSP } from "./csp";
+
+const injectCSP = () => {
+  try {
+    const cspContent = getCSP(process.env); // Pass environment variables
+    const metaTag = document.createElement("meta");
+    metaTag.httpEquiv = "Content-Security-Policy";
+    metaTag.content = cspContent.trim();
+    document.head.appendChild(metaTag);
+  } catch (error) {
+    console.error("Failed to inject CSP:", error);
+  }
+};
+
+injectCSP();
 
 render(
   <React.StrictMode>

src/routes/index.js

@@ -69,16 +69,16 @@ const routData = [
 ];
 // add login route for test rig
 const TOKEN = localStorage.getItem("apiToken");
-let virtualId;
-if (TOKEN) {
-  const tokenDetails = jwtDecode(TOKEN);
-  virtualId = JSON.stringify(tokenDetails?.virtual_id);
-}else{
-  virtualId = null;
-}
+// let virtualId;
+// if (TOKEN) {
+//   const tokenDetails = jwtDecode(TOKEN);
+//   virtualId = JSON.stringify(tokenDetails?.virtual_id);
+// }else{
+//   virtualId = null;
+// }
 const isLogin = process.env.REACT_APP_IS_IN_APP_AUTHORISATION === "true";
 
-if (isLogin && !virtualId) {
+if (isLogin && !TOKEN) {
   routData.push({
     id: "route-000",
     path: "*",

src/services/telementryService.js

@@ -215,12 +215,12 @@ function checkTelemetryMode(currentMode) {
 
 const getVirtualId = () => {
   const TOKEN = localStorage.getItem("apiToken");
-  let virtualId;
-  if (TOKEN) {
-    const tokenDetails = jwtDecode(TOKEN);
-    virtualId = JSON.stringify(tokenDetails?.virtual_id);
-  }
-  return virtualId;
+  // let virtualId;
+  // if (TOKEN) {
+  //   const tokenDetails = jwtDecode(TOKEN);
+  //   virtualId = JSON.stringify(tokenDetails?.virtual_id);
+  // }
+  return TOKEN;
 };
 
 export const getEventOptions = () => {

src/views/AppContent/AppContent.jsx

@@ -6,17 +6,17 @@ import { jwtDecode } from "jwt-decode";
 const PrivateRoute = (props) => {
   let virtualId;
   const TOKEN = localStorage.getItem("apiToken");
-  if (TOKEN) {
-    const tokenDetails = jwtDecode(TOKEN);
-    virtualId = JSON.stringify(tokenDetails?.virtual_id);
-  }
+  // if (TOKEN) {
+  //   const tokenDetails = jwtDecode(TOKEN);
+  //   virtualId = JSON.stringify(tokenDetails?.virtual_id);
+  // }
 
   const navigate = useNavigate();
   useEffect(() => {
-    if (!virtualId && props.requiresAuth) {
+    if (!TOKEN && props.requiresAuth) {
       navigate("/login");
     }
-  }, [virtualId]);
+  }, [TOKEN]);
 
   return <>{props.children}</>;
 };

src/views/LoginPage/LoginPage.jsx

@@ -23,15 +23,15 @@ const LoginPage = () => {
       let token = usernameDetails?.result?.token;
 
       localStorage.setItem("apiToken", token);
-      const tokenDetails = jwtDecode(token);
-      if (tokenDetails?.virtual_id) {
+      // const tokenDetails = jwtDecode(token);
+      if (token) {
         localStorage.setItem("profileName", username);
         navigate("/discover-start");
       } else {
         alert("Enter correct username and password");
       }
     } catch (error) {
-      console.error(error)
+      console.error(error);
       alert("An error occurred. Please try again later.");
     }
   };