Change 403 handling to 401 and have a modal dialog (that cannot be removed) display when the user's session has expired. This forces them to reload the page, and thus reset all the state.
This commit is contained in:
parent
e2c9c91080
commit
b8dc051705
3 changed files with 35 additions and 8 deletions
|
@ -41,8 +41,8 @@ def api_login_required(f):
|
||||||
if not current_user.is_authenticated():
|
if not current_user.is_authenticated():
|
||||||
abort(401)
|
abort(401)
|
||||||
|
|
||||||
if current_user.db_user().organization:
|
if current_user and current_user.db_user() and current_user.db_user().organization:
|
||||||
abort(403)
|
abort(401)
|
||||||
|
|
||||||
return f(*args, **kwargs)
|
return f(*args, **kwargs)
|
||||||
return decorated_view
|
return decorated_view
|
||||||
|
@ -82,10 +82,13 @@ def get_logged_in_user():
|
||||||
'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can()
|
'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can()
|
||||||
}
|
}
|
||||||
|
|
||||||
if current_user.is_anonymous() or current_user.db_user().organization:
|
if current_user.is_anonymous():
|
||||||
return jsonify({'anonymous': True})
|
return jsonify({'anonymous': True})
|
||||||
|
|
||||||
user = current_user.db_user()
|
user = current_user.db_user()
|
||||||
|
if not user or user.organization:
|
||||||
|
return jsonify({'anonymous': True})
|
||||||
|
|
||||||
organizations = model.get_user_organizations(user.username)
|
organizations = model.get_user_organizations(user.username)
|
||||||
|
|
||||||
return jsonify({
|
return jsonify({
|
||||||
|
|
|
@ -60,7 +60,7 @@ quayApp = angular.module('quay', ['restangular', 'angularMoment', 'angulartics',
|
||||||
|
|
||||||
var userService = {}
|
var userService = {}
|
||||||
|
|
||||||
userService.load = function() {
|
userService.load = function(opt_callback) {
|
||||||
var userFetch = Restangular.one('user/');
|
var userFetch = Restangular.one('user/');
|
||||||
userFetch.get().then(function(loadedUser) {
|
userFetch.get().then(function(loadedUser) {
|
||||||
userResponse = loadedUser;
|
userResponse = loadedUser;
|
||||||
|
@ -76,6 +76,10 @@ quayApp = angular.module('quay', ['restangular', 'angularMoment', 'angulartics',
|
||||||
'$created': new Date()
|
'$created': new Date()
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (opt_callback) {
|
||||||
|
opt_callback();
|
||||||
|
}
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -868,11 +872,13 @@ quayApp.directive('ngBlur', function() {
|
||||||
});
|
});
|
||||||
|
|
||||||
quayApp.run(['$location', '$rootScope', 'Restangular', 'UserService', function($location, $rootScope, Restangular, UserService) {
|
quayApp.run(['$location', '$rootScope', 'Restangular', 'UserService', function($location, $rootScope, Restangular, UserService) {
|
||||||
Restangular.setResponseInterceptor(function(data, operation, what, url, response, deferred) {
|
Restangular.setErrorInterceptor(function(response) {
|
||||||
if (response.status == 403) {
|
if (response.status == 401) {
|
||||||
UserService.load();
|
$('#sessionexpiredModal').modal({});
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
return data;
|
|
||||||
|
return true;
|
||||||
});
|
});
|
||||||
|
|
||||||
$rootScope.$on('$routeChangeSuccess', function (event, current, previous) {
|
$rootScope.$on('$routeChangeSuccess', function (event, current, previous) {
|
||||||
|
|
|
@ -30,4 +30,22 @@
|
||||||
|
|
||||||
{% block body_content %}
|
{% block body_content %}
|
||||||
<div ng-view></div>
|
<div ng-view></div>
|
||||||
|
|
||||||
|
|
||||||
|
<!-- Modal message dialog -->
|
||||||
|
<div class="modal fade" id="sessionexpiredModal" data-backdrop="static">
|
||||||
|
<div class="modal-dialog">
|
||||||
|
<div class="modal-content">
|
||||||
|
<div class="modal-header">
|
||||||
|
<h4 class="modal-title">Session Expired</h4>
|
||||||
|
</div>
|
||||||
|
<div class="modal-body">
|
||||||
|
Your user session has expired. Please reload to continue.
|
||||||
|
</div>
|
||||||
|
<div class="modal-footer">
|
||||||
|
</div>
|
||||||
|
</div><!-- /.modal-content -->
|
||||||
|
</div><!-- /.modal-dialog -->
|
||||||
|
</div><!-- /.modal -->
|
||||||
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
Reference in a new issue