EmbeddedChat/packages/react/src/store/userStore.js at 6c3dbe33ec6155eee700270f2e109b83f069ba18 · RocketChat/EmbeddedChat · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import { create } from 'zustand';

const useUserStore = create((set) => ({
  userId: '',
  setUserId: (userId) => {
    set({ userId });
  },
  name: '',
  setName: (name) => {
    set({ name });
  },
  username: '',
  setUsername: (username) => {
    set({ username });
  },
  avatarUrl: '',
  setUserAvatarUrl: (avatarUrl) =>
    set(() => ({
      avatarUrl,
    })),
  isUserAuthenticated: false,
  canSendMsg: true,
  setIsUserAuthenticated: (isUserAuthenticated) =>
    set(() => ({ isUserAuthenticated })),
  setCanSendMsg: (canSendMsg) => set(() => ({ canSendMsg })),
  // SECURITY FIX (Issue #1263): Removed password storage from global state
  // Passwords should never be stored in client-side state (CWE-312)
  // TOTP flow now uses component-level state instead
  emailoruser: null,
  setEmailorUser: (emailoruser) => set(() => ({ emailoruser })),
  roles: [],
  setRoles: (roles) => set((state) => ({ ...state, roles })),
  userPinPermissions: {},
  setUserPinPermissions: (userPinPermissions) =>
    set((state) => ({ ...state, userPinPermissions })),
  viewUserInfoPermissions: {},
  setViewUserInfoPermissions: (viewUserInfoPermissions) =>
    set((state) => ({ ...state, viewUserInfoPermissions })),
  showCurrentUserInfo: false,
  setShowCurrentUserInfo: (showCurrentUserInfo) =>
    set(() => ({ showCurrentUserInfo })),
  currentUser: {},
  setCurrentUser: (currentUser) => set({ currentUser }),
}));

export default useUserStore;