Change 403 handling to 401 and have a modal dialog (that cannot be removed) display when the user's session has expired. This forces them to reload the page, and thus reset all the state.

This commit is contained in:
Joseph Schorr 2013-11-11 19:26:56 -05:00
parent e2c9c91080
commit b8dc051705
3 changed files with 35 additions and 8 deletions

View file

@ -41,8 +41,8 @@ def api_login_required(f):
if not current_user.is_authenticated(): if not current_user.is_authenticated():
abort(401) abort(401)
if current_user.db_user().organization: if current_user and current_user.db_user() and current_user.db_user().organization:
abort(403) abort(401)
return f(*args, **kwargs) return f(*args, **kwargs)
return decorated_view return decorated_view
@ -82,10 +82,13 @@ def get_logged_in_user():
'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can() 'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can()
} }
if current_user.is_anonymous() or current_user.db_user().organization: if current_user.is_anonymous():
return jsonify({'anonymous': True}) return jsonify({'anonymous': True})
user = current_user.db_user() user = current_user.db_user()
if not user or user.organization:
return jsonify({'anonymous': True})
organizations = model.get_user_organizations(user.username) organizations = model.get_user_organizations(user.username)
return jsonify({ return jsonify({

View file

@ -60,7 +60,7 @@ quayApp = angular.module('quay', ['restangular', 'angularMoment', 'angulartics',
var userService = {} var userService = {}
userService.load = function() { userService.load = function(opt_callback) {
var userFetch = Restangular.one('user/'); var userFetch = Restangular.one('user/');
userFetch.get().then(function(loadedUser) { userFetch.get().then(function(loadedUser) {
userResponse = loadedUser; userResponse = loadedUser;
@ -76,6 +76,10 @@ quayApp = angular.module('quay', ['restangular', 'angularMoment', 'angulartics',
'$created': new Date() '$created': new Date()
}) })
} }
if (opt_callback) {
opt_callback();
}
}); });
}; };
@ -868,11 +872,13 @@ quayApp.directive('ngBlur', function() {
}); });
quayApp.run(['$location', '$rootScope', 'Restangular', 'UserService', function($location, $rootScope, Restangular, UserService) { quayApp.run(['$location', '$rootScope', 'Restangular', 'UserService', function($location, $rootScope, Restangular, UserService) {
Restangular.setResponseInterceptor(function(data, operation, what, url, response, deferred) { Restangular.setErrorInterceptor(function(response) {
if (response.status == 403) { if (response.status == 401) {
UserService.load(); $('#sessionexpiredModal').modal({});
return false;
} }
return data;
return true;
}); });
$rootScope.$on('$routeChangeSuccess', function (event, current, previous) { $rootScope.$on('$routeChangeSuccess', function (event, current, previous) {

View file

@ -30,4 +30,22 @@
{% block body_content %} {% block body_content %}
<div ng-view></div> <div ng-view></div>
<!-- Modal message dialog -->
<div class="modal fade" id="sessionexpiredModal" data-backdrop="static">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h4 class="modal-title">Session Expired</h4>
</div>
<div class="modal-body">
Your user session has expired. Please reload to continue.
</div>
<div class="modal-footer">
</div>
</div><!-- /.modal-content -->
</div><!-- /.modal-dialog -->
</div><!-- /.modal -->
{% endblock %} {% endblock %}