From 0febc9cd99e0d8b80b1385593e25e7670d5c842b Mon Sep 17 00:00:00 2001
From: stuebinm
Date: Fri, 3 May 2024 21:38:55 +0200
Subject: onboard/tracker: remember token as query parameter

there's some trade-offs here (cookies may be discarded by the browser,
query parameters lost if people use a bookmark), but either works fine
for not re-issuing tokens if someone reloads the web site.
---
 site/tracker.hamlet | 36 +++++++++++++++++++++++-------------
 todo.org            |  2 +-
 2 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/site/tracker.hamlet b/site/tracker.hamlet
index 5877c5d..2cc05e4 100644
--- a/site/tracker.hamlet
+++ b/site/tracker.hamlet
@@ -1,7 +1,7 @@
 <h1>_{MsgOBU}
 
 <section>
-  <h2>Blub
+  <h2>Tracker
   <strong>Token:</strong> <span id="token">
 <section>
   <h2>Status
@@ -116,21 +116,31 @@
   async function main() {
     initGeopos();
 
-    token = await (await fetch("/api/tracker/register/", {
-      method: "POST",
-      body: JSON.stringify({agent: "tracktrain-website"}),
-      headers: {"Content-Type": "application/json"}
-    })).json();
+    let urlparams = new URLSearchParams(window.location.search);
 
-    if (token.error) {
-      alert("could not obtain token: \n" + token.msg);
-      setStatus("_{MsgTokenFailed}");
-    } else {
-      console.log("got token");
+    token = urlparams.get("token");
+
+    if (token === null) {
+        token = await (await fetch("/api/tracker/register/", {
+             method: "POST",
+             body: JSON.stringify({agent: "tracktrain-website"}),
+             headers: {"Content-Type": "application/json"}
+        })).json();
+
+        if (token.error) {
+            alert("could not obtain token: \n" + token.msg);
+            setStatus("_{MsgTokenFailed}");
+        } else {
+            console.log("got token");
+            window.location.search = `?token=${token}`;
+        }
+    }
 
-      document.getElementById("token").innerText = token;
+    console.log(token)
 
-      openWebsocket();
+    if (token !== null) {
+        document.getElementById("token").innerText = token;
+        openWebsocket();
     }
   }
 
diff --git a/todo.org b/todo.org
index 940083e..1148ba6 100644
--- a/todo.org
+++ b/todo.org
@@ -2,7 +2,7 @@
 
 * Bugs found 2024-05-01
 ** TODO auto-reconnect of /tracker websocket fails after android has gone to sleep
-** TODO /tracker should remember its token, not constantly open a new one
+** DONE /tracker should remember its token, not constantly open a new one
 either via a cookie or url parameter & redirect
 ** TODO matching of tokens to trip ought not to assume trips are at their start position
 this produces horrible results if the tracker is started towards a trip's end
-- 
cgit v1.2.3