[FIX][AUTH] Fix Public Access with CAS INPN and other bugs #3360
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
VincentCauchois
force-pushed
the
fix/public-access-with-cas-inpn
branch
2 times, most recently
from
a8b95d9 to
757c928
Compare
|
Nice ! Tu as trouvé la source du problème de l'accès public ? |
VincentCauchois
force-pushed
the
fix/public-access-with-cas-inpn
branch
4 times, most recently
from
82aa6b6 to
204b9fe
Compare
VincentCauchois
changed the title
Oui, à l'aide de breakpoints j'ai fini par voir que ce problème - que tu as relevé dans #3353 - était dû à l'appel de manageUser - GeoNature/frontend/src/app/components/auth/auth.service.ts Lines 61 to 73 in 8fae727 .toPromise(). La ligne suivante, qui s'occupe du chargement des routes des modules et de la redirection après authentification, n'était, par suite, pas exécutée. Toutefois, l'exécution de manageUser aboutissant bien par ailleurs, l'utilisateur était en fait bien logged in, et un second chargement permettait donc d'aboutir correctement à GeoNature en étant authentifié en public.
Il y avait quand même, par ailleurs, beaucoup d'autres anomalies avec l'authentification, comme tu peux le voir sur cette PR, du moins en 2.14.2, et je vais m'occuper de mettre les correctifs nécessaires, dont celui sur |
|
J'ai pris juste la partie de l'accès public, dépoyée en hotfix sur l'instance en question. Et c'est niquel ! |
Christophe-Ramet
requested changes
Feb 6, 2025
Several fixes: - Fix direct public access with query param when INPN CAS authentification is configured - Fix flaky login and logout - ref #3353 - Use AuthGuard rather than UserCasGuard on NavHomeComponent, and remove UserCasGuard definition - Handle the case where a user is no more authentified server-side but still authentified client-side, by calling frontend logout() Chore: - Remove unused Router and AuthService from ModuleService constructor
Fix login and logout for Firefox clients. The library Moment.js is, if not deprecated, at least outdated and not fully functional on every client. For more information, see: https://momentjs.com/docs/#/-project-status/ The current commit replace use of Moment.js with Luxon in `auth.service.ts` to ensure correct functioning of functions: - `isLoggedIn()` - `isLoggedOut()` - `getExpiration()`
Previous implementation of logout(), with routing to login page after asynchronous request to backend /auth/logout endpoint, would not work on every client. Also, while still functional on Chrome clients, the previous implementation was weird as one would get redirected to the login page while possibly not yet fully logged out. This new implementation executes routing to login page after backend logout is done.
VincentCauchois
force-pushed
the
fix/public-access-with-cas-inpn
branch
from
204b9fe to
b4dddd0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Several fixes:
Chore: