Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: show error Toastr for intranet users on SPCP forms #1397

Merged
merged 12 commits into from
Mar 18, 2021
Merged

feat: show error Toastr for intranet users on SPCP forms #1397

merged 12 commits into from
Mar 18, 2021

Conversation

mantariksh
Copy link
Contributor

@mantariksh mantariksh commented Mar 17, 2021
edited

Problem

SingPass/CorpPass do not work on the intranet due to an issue with SIS cookies, but nothing in the UI alerts users to this. When they attempt to log in to SingPass/CorpPass, everything seems to be successful, but when they are redirected back to the form, they are not logged in.

Solution

Show a permanent Toastr when users access a SPCP/MyInfo form from the intranet.

Detection of requests from the intranet was implemented by reading in a list of intranet IPs from a static file, which must be transferred into the server.

In addition, the opportunity was taken to log intranet usage for analytics purposes.

Other changes

In the createReqMeta utility function, we use the req.url property to log the URL of the request. However, this does not work well with Express Router, as only the path after the router is logged. This is why e.g. for handleEmailSubmission, meta.url in our logs looks like this:

/5e3ebefa5203c3001108b7ba?captchaResponse=...

Notice that the /v2/submissions/email prefix is missing.

Hence this was changed to use req.baseUrl + req.path, and req.originalUrl was added to capture any query parameters.

Screenshots

image

Tests

  • List of intranet IPs has been SFTPed into production, and INTRANET_IP_LIST_PATH env var has been added in production
  • SingPass, CorpPass and MyInfo forms on intranet show the error Toastr
  • Non-authenticated forms on intranet do not show the error Toastr
  • SingPass, CorpPass, MyInfo and non-authenticated forms on internet do not show the error Toastr

@mantariksh mantariksh force-pushed the feat/intranet-detection branch 2 times, most recently from 55d090c to 81f6115 Compare March 17, 2021 09:55
@mantariksh mantariksh marked this pull request as ready for review March 17, 2021 10:32
karrui
karrui approved these changes Mar 18, 2021
View reviewed changes
Copy link
Contributor

@karrui karrui left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

src/public/modules/forms/base/controllers/submit-form.client.controller.js Show resolved Hide resolved
@mantariksh mantariksh merged commit 95fbbc3 into develop Mar 18, 2021
@karrui karrui mentioned this pull request Mar 23, 2021
Merged
@mantariksh mantariksh deleted the feat/intranet-detection branch April 13, 2021 06:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@karrui karrui karrui approved these changes

@liangyuanruo liangyuanruo Awaiting requested review from liangyuanruo

@tshuli tshuli Awaiting requested review from tshuli

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mantariksh @karrui