Merge pull request #3065 from himdel/localStorage

miq_token - move API auth from sessionStorage to localStorage
ManageIQ · Dec 21, 2017 · 1461256 · 1461256
2 parents 37d9113 + 8b4a336
commit 1461256
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 9 deletions.
diff --git a/app/assets/javascripts/miq_api.js b/app/assets/javascripts/miq_api.js
@@ -62,7 +62,7 @@
       skipLoginRedirect: true,
     })
     .then(function(response) {
-      sessionStorage.miq_token = response.auth_token;
+      localStorage.miq_token = response.auth_token;
     });
   };
 
@@ -71,15 +71,15 @@
   };
 
   API.logout = function() {
-    if (sessionStorage.miq_token) {
+    if (localStorage.miq_token) {
       API.delete('/api/auth', {
         skipErrors: [401],
         skipLoginRedirect: true,
       });
     }
 
     API.ws_destroy();
-    delete sessionStorage.miq_token;
+    delete localStorage.miq_token;
   };
 
   API.autorenew = function() {
@@ -150,9 +150,9 @@
       o.headers['X-Auth-Skip-Token-Renewal'] = 'true';
     }
 
-    if (sessionStorage.miq_token) {
+    if (localStorage.miq_token) {
       o.headers = o.headers || {};
-      o.headers['X-Auth-Token'] = sessionStorage.miq_token;
+      o.headers['X-Auth-Token'] = localStorage.miq_token;
     }
 
     if (o.headers) {

diff --git a/app/assets/javascripts/miq_application.js b/app/assets/javascripts/miq_application.js
@@ -737,7 +737,7 @@ function miqAjaxAuthSso(url) {
 
   // Note: /dashboard/kerberos_authenticate creates an API token
   //       based on the authenticated external user
-  //       and stores it in sessionStore.miq_token
+  //       and stores it in localStorage.miq_token
 
   miqJqueryRequest(url || '/dashboard/kerberos_authenticate', {
     beforeSend: true,
@@ -751,7 +751,7 @@ function miqAjaxExtAuth(url) {
 
   // Note: /dashboard/external_authenticate creates an API token
   //       based on the authenticated external user
-  //       and stores it in sessionStore.miq_token
+  //       and stores it in localStorage.miq_token
 
   var credentials = {
     login: $('#user_name').val(),

diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
@@ -545,7 +545,7 @@ def authenticate(require_api_token = false)
       miq_api_token = require_api_token ? generate_ui_api_token(user[:name]) : nil
       render :update do |page|
         page << javascript_prologue
-        page << "sessionStorage.miq_token = '#{j_str miq_api_token}';" if miq_api_token
+        page << "localStorage.miq_token = '#{j_str miq_api_token}';" if miq_api_token
         page.redirect_to(validation.url)
       end
     when :fail

diff --git a/app/views/dashboard/saml_login.html.haml b/app/views/dashboard/saml_login.html.haml
@@ -8,7 +8,7 @@
     - if api_auth_token && validation_url
       :javascript
         miqFlashClearSaved();
-        sessionStorage.miq_token = '#{j_str api_auth_token}';
+        localStorage.miq_token = '#{j_str api_auth_token}';
         window.location = '#{j_str validation_url}';
     - else
       :javascript