Merge pull request #2653 from JaySoni1/WEB-194-remember-me-on-login-page-doesnt-do-what-its-supposed-to

WEB-194 Remember Me on Login page doesn't do what it's supposed to

Author: gkbishnoi07

src/app/core/authentication/authentication.service.ts

@@ -94,7 +94,9 @@ export class AuthenticationService {
    */
   login(loginContext: LoginContext) {
     this.alertService.alert({ type: 'Authentication Start', message: 'Please wait...' });
-    this.rememberMe = loginContext.remember;
+    // Only allow Remember Me if enabled in config
+    const rememberAllowed = environment.enableRememberMe === true;
+    this.rememberMe = rememberAllowed ? loginContext.remember : false;
     this.storage = this.rememberMe ? localStorage : sessionStorage;
 
     if (environment.oauth.enabled) {
@@ -103,6 +105,7 @@ export class AuthenticationService {
       httpParams = httpParams.set('password', loginContext.password);
       httpParams = httpParams.set('client_id', `${environment.oauth.appId}`);
       httpParams = httpParams.set('grant_type', 'password');
+      httpParams = httpParams.set('remember_me', this.rememberMe ? 'true' : 'false');
       let headers = new HttpHeaders();
       headers = headers.set('Content-Type', 'application/x-www-form-urlencoded');
       return this.http.post(`${environment.oauth.serverUrl}/token`, httpParams.toString(), { headers: headers }).pipe(
@@ -113,7 +116,11 @@ export class AuthenticationService {
       );
     } else {
       return this.http
-        .post('/authentication', { username: loginContext.username, password: loginContext.password })
+        .post('/authentication', {
+          username: loginContext.username,
+          password: loginContext.password,
+          remember: this.rememberMe
+        })
         .pipe(
           map((credentials: Credentials) => {
             this.onLoginSuccess(credentials);
@@ -193,6 +200,9 @@ export class AuthenticationService {
    */
   private onLoginSuccess(credentials: Credentials) {
     this.userLoggedIn = true;
+    // Ensure the rememberMe value is preserved in credentials
+    credentials.rememberMe = this.rememberMe;
+
     if (environment.oauth.enabled) {
       this.authenticationInterceptor.setAuthorizationToken(credentials.accessToken);
     } else {
@@ -304,11 +314,17 @@ export class AuthenticationService {
   private setCredentials(credentials?: Credentials) {
     if (credentials) {
       credentials.rememberMe = this.rememberMe;
+      // Make sure we're using the correct storage based on rememberMe value
+      this.storage = credentials.rememberMe ? localStorage : sessionStorage;
       this.storage.setItem(this.credentialsStorageKey, JSON.stringify(credentials));
     } else {
-      this.storage.removeItem(this.credentialsStorageKey);
-      this.storage.removeItem(this.oAuthTokenDetailsStorageKey);
-      this.storage.removeItem(this.twoFactorAuthenticationTokenStorageKey);
+      // Clear credentials from both storage types to ensure complete logout
+      localStorage.removeItem(this.credentialsStorageKey);
+      sessionStorage.removeItem(this.credentialsStorageKey);
+      localStorage.removeItem(this.oAuthTokenDetailsStorageKey);
+      sessionStorage.removeItem(this.oAuthTokenDetailsStorageKey);
+      localStorage.removeItem(this.twoFactorAuthenticationTokenStorageKey);
+      sessionStorage.removeItem(this.twoFactorAuthenticationTokenStorageKey);
     }
   }
 

src/app/login/login-form/login-form.component.html

@@ -33,7 +33,7 @@
       </mat-error>
     </mat-form-field>
 
-    <mat-checkbox formControlName="remember" class="m-t-10 flex-align-center">{{
+    <mat-checkbox *ngIf="enableRememberMe" formControlName="remember" class="m-t-10 flex-align-center">{{
       'labels.inputs.Remember me' | translate
     }}</mat-checkbox>
 

src/app/login/login-form/login-form.component.ts

@@ -44,6 +44,8 @@ export class LoginFormComponent implements OnInit {
   /** True if loading. */
   loading = false;
   oidcServerEnabled = environment.OIDC.oidcServerEnabled;
+  /** Whether remember me functionality is enabled */
+  enableRememberMe = environment.enableRememberMe === true;
 
   /**
    * @param {FormBuilder} formBuilder Form Builder.

src/environments/environment.prod.ts

@@ -29,6 +29,8 @@ export const environment = {
     serverUrl: loadedEnv['oauthServerUrl'] || '',
     appId: loadedEnv['oauthAppId'] || ''
   },
+  /** Feature flag for Remember Me functionality */
+  enableRememberMe: false,
   warningDialog: {
     title: 'Warning',
     content:

src/environments/environment.ts

@@ -28,6 +28,8 @@ export const environment = {
   apiProvider: loadedEnv.apiProvider || '/fineract-provider/api',
   apiVersion: loadedEnv.apiVersion || '/v1',
   serverUrl: '',
+  /** Feature flag for Remember Me functionality */
+  enableRememberMe: false,
   oauth: {
     enabled: loadedEnv.oauthServerEnabled || false, // For connecting to Mifos X using OAuth2 Authentication change the value to true
     serverUrl: loadedEnv.oauthServerUrl || '',