Check login status on page navigations and on publish #413
Assignees
Comments
|
Since this is likely to be a fairly significant effort, I'll put it on the project backlog and request time for it in an upcoming sprint. |
|
This was chosen as an item for the current sprint, so I'm assigning it to myself and starting on it. |
|
After further review, there are higher priority issues that should be addressed in Rosetta before tackling this, specifically some problems that have been recently reported by translators. I'm going to remove the high priority label, but leave the issue assigned to me. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While working with me on #412 @mattpen observed that the Rosetta client code isn't checking login status on page navigations. He said that it should. The issue also relates to how a publication request can be sent to the server with bogus user ID information, probably because the user's session has timed out.
For security reasons, we should probably improve Rosetta's behavior such that it does check login info on a page navigation and on publish requests and, if a user's session has expired, prompt them to re-enter their login credentials before allowing the request.
The text was updated successfully, but these errors were encountered: