Make sure the user is properly redirected

master/buildbot/newsfragments/auth.py3.bugfix

@@ -0,0 +1,2 @@
+Fix BasicAuth authentication on py3 and recent browsers. (:bb:issue:`3162`, :bb:issue:`3163`).
+The py3 fix also requires twisted https://github.com/twisted/twisted/pull/773.

master/buildbot/test/unit/test_www_auth.py

@@ -197,7 +197,7 @@ def updateUserInfo(request):
         self.auth.updateUserInfo = mock.Mock(side_effect=updateUserInfo)
 
         res = yield self.render_resource(self.rsrc, b'/auth/login')
-        self.assertEqual(res, b'')
+        self.assertEqual(res, {'redirected': 'h:/a/b/#/'})
         self.assertFalse(self.auth.maybeAutoLogin.called)
         self.auth.updateUserInfo.assert_called_with(mock.ANY)
         self.assertEqual(self.master.session.user_info,
@@ -214,5 +214,5 @@ def setUp(self):
     def test_render(self):
         self.master.session.expire = mock.Mock()
         res = yield self.render_resource(self.rsrc, b'/auth/logout')
-        self.assertEqual(res, b'')
+        self.assertEqual(res, {'redirected': 'h:/a/b/#/'})
         self.master.session.expire.assert_called_with()

master/buildbot/www/auth.py

@@ -176,6 +176,11 @@ def __init__(self, users, **kwargs):
             **kwargs)
 
 
+def _redirect(master, request):
+    url = request.args.get("redirect", ["/"])[0]
+    return resource.Redirect(master.config.buildbotURL + "#" + url)
+
+
 class PreAuthenticatedLoginResource(LoginResource):
     # a LoginResource which is already authenticated via a
     # HTTPAuthSessionWrapper
@@ -189,8 +194,7 @@ def renderLogin(self, request):
         session = request.getSession()
         session.user_info = dict(username=bytes2NativeString(self.username))
         yield self.master.www.auth.updateUserInfo(request)
-        url = request.args.get("redirect", [self.master.config.buildbotURL])[0]
-        raise resource.Redirect(url)
+        raise _redirect(self.master, request)
 
 
 class LogoutResource(resource.Resource):
@@ -199,4 +203,5 @@ def render_GET(self, request):
         session = request.getSession()
         session.expire()
         session.updateSession(request)
-        return b''
+        request.redirect(_redirect(self.master, request).url)
+        return 'b'

www/base/src/app/common/directives/loginbar/loginbar.directive.coffee

@@ -21,15 +21,8 @@ class _loginbar extends Controller('common')
         $scope.password = ""
         $scope.loginCollapsed = 1
         $scope.config = config
+        # as the loginbar is never reloaded, we need to update the redirect
+        # when the hash changes
+        $scope.$watch (-> document.location.hash), ->
+            $scope.redirect = document.location.hash.substr(1)
         _.assign($scope, config.user)
-
-        $scope.logout = ->
-            $http.defaults.headers.common = {}
-            $http
-                method: "GET"
-                url: "#{baseurl}auth/logout"
-            .success (data, status) ->
-                window.location.reload()
-
-        $scope.login = ->
-            document.location = "#{baseurl}auth/login"

www/base/src/app/common/directives/loginbar/loginbar.tpl.jade

@@ -5,7 +5,7 @@ ul.nav.navbar-nav.navbar-right(ng-show="config.auth.name != 'NoAuth'")
             b.caret
         ul.dropdown-menu(uib-dropdown-menu)
             li
-                a(ng-click="login()")
+                a(href="auth/login?redirect={{redirect}}")
                     span(ng-hide="config.auth.oauth2")
                         i.fa.fa-sign-in
                         |  Login
@@ -26,6 +26,6 @@ ul.nav.navbar-nav.navbar-right(ng-show="config.auth.name != 'NoAuth'")
                 span {{ full_name }} {{ email }}
             li.divider
             li
-                a(ng-click="logout()")
+                a(href="auth/logout?redirect={{redirect}}")
                    i.fa.fa-sign-out
                    | Logout