Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ui): add 403 signout handler to new api requests #15426

Merged
merged 1 commit into from
Oct 16, 2019
Merged

feat(ui): add 403 signout handler to new api requests #15426

merged 1 commit into from
Oct 16, 2019

Conversation

hoorayimhelping
Copy link
Contributor

@hoorayimhelping hoorayimhelping commented Oct 15, 2019
edited
Loading

Closes #15312

  • Adds a custom response handler for the new api routes created by oats that immediately logs the user out and returns them to /signin when a 403 is returned from the API
    • upgrades to oats 0.5.0

out

Testing Instructions

  • If you'd like to see which routes use the new api and go through this handler, you can add a log statement here
  • To force 403s from the API (only works on the api calls that use client/index):
    • change authentication_middleware.go to something like this (change the id to match yours, which can be found in the url on home page after you log in to the app)
    • re-build and run: go run ./cmd/influxd --assets-path=ui/build
    • on the sidebar, click settings -> members (log back in, if necessary)
    • you should be sent back to the /signin screen with whatever message you logged in 403 handler.
  • To ensure /me works (this is a little tricky):
    • start the app normally
    • sign in
    • change authentication_middleware.go to check for /api/v2/me
    • re-build and run without reloading and signing back in: go run ./cmd/influxd --assets-path=ui/build
    • wait
    • see the user get logged out
      • if you added a log message in the handler above, you'll see that it doesn't get called. 403s from /me already get kicked back to the /signin screen.

@hoorayimhelping hoorayimhelping requested a review from a team October 15, 2019 21:26
@ghost ghost requested review from ebb-tide and removed request for a team October 15, 2019 21:26
@drdelambre
Copy link
Contributor

before i start looking at this... GREAT PR DESCRIPTION

drdelambre
drdelambre approved these changes Oct 16, 2019
View reviewed changes
Copy link
Contributor

@drdelambre drdelambre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! :shipit:

ebb-tide
ebb-tide approved these changes Oct 16, 2019
View reviewed changes
Copy link
Contributor

@ebb-tide ebb-tide left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

awesome!

ui/src/client/index.ts
@@ -0,0 +1,12 @@
import {setResponseHandler, postSignout} from './generatedRoutes'

setResponseHandler((status, headers, data) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

beautiful!

@hoorayimhelping hoorayimhelping merged commit f842518 into master Oct 16, 2019
@hoorayimhelping hoorayimhelping deleted the bs_bugfix_403_logout branch October 16, 2019 20:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drdelambre drdelambre drdelambre approved these changes

@ebb-tide ebb-tide ebb-tide approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

403s from the API should log out user
3 participants
@hoorayimhelping @drdelambre @ebb-tide