New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only removing session in localStorage upon failed validation when set. #4041

Merged
merged 1 commit into from Jul 28, 2017

Conversation

Projects
None yet
2 participants
@dennisoelkers
Member

dennisoelkers commented Jul 28, 2017

Description

Motivation and Context

Before this change, whenever a session validation attempt failed, the
session data in localStorage was removed. This was leading to a race
condition for automated browser testing, when validation took longer
than visiting the page for the first time to put session data in
localStorage, which was immediately removed by the validation promise
handler.

After this change, session data in localStorage is removed only if
present.

Refs #3634, #3948, #3973.

How Has This Been Tested?

  • Tested using automated browser testing (Graylog2/qa-frontend)
  • Tested using SSO plugin & caddy

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
Only removing session in localStorage when set.
Before this change, whenever a session validation attempt failed, the
session data in localStorage was removed. This was leading to a race
condition for automated browser testing, when validation took longer
than visiting the page for the first time to put session data in
localStorage, which was immediately removed by the validation promise
handler.

After this change, session data in localStorage is removed only if
present.

Refs #3634, #3948, #3973.

@bernd bernd self-assigned this Jul 28, 2017

@bernd bernd added this to the 2.4.0 milestone Jul 28, 2017

@bernd

bernd approved these changes Jul 28, 2017

LGTM 👍

@bernd bernd merged commit f5558dd into master Jul 28, 2017

4 checks passed

ci-web-linter Jenkins build graylog-pr-linter-check 1832 has succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
graylog-project/pr Jenkins build graylog-project-pr-snapshot 344 has succeeded
Details

@bernd bernd deleted the fix-session-invalidation-race-condition branch Jul 28, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment