Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUGFIX: Show relogin dialog when remote action results in redirect to login page #3327

Merged
merged 1 commit into from
Jan 12, 2023
Merged

BUGFIX: Show relogin dialog when remote action results in redirect to login page #3327

merged 1 commit into from
Jan 12, 2023

Conversation

grebaldi
Copy link
Contributor

@grebaldi grebaldi commented Jan 10, 2023
edited by Sebobo
Loading

solves: #3320

The Problem

image

When the user is not authenticated, a remote action like "publish" answers with a 303 Redirect. The fetchWithErrorHandling mechanism on the client side however expects a 401 response (which is a reasonable expectation, semantically speaking).

The Solution

At first I thought it'd be best to make the UI API respond with correct status codes, but then I figured that the 303 redirect is actually more desirable in case someone hits the URL directly in the browser.

So I adjusted fetchWithErrorHandling, so that it detects a redirect to the login page and enters the relogin-dialog routine as usual.

The way this works is by looking into the fetch response: If it has been redirected and the target URL ends in "login", fetchWithErrorHandling assumes that this has been a redirect to the Neos login page. This is not quite safe, because in theory the redirect could have been configured differently. But I'm out of ideas as to how a more correct detection mechanism should look like in this case, and as a bugfix this should suffice to fix the problem for >99% of all setups.

@grebaldi grebaldi added the 7.3 label Jan 10, 2023
@grebaldi grebaldi linked an issue Jan 10, 2023 that may be closed by this pull request
BUG: Re-Login Dialog does not appear when sessions are destroyed #3320
Closed
@grebaldi grebaldi force-pushed the bugfix/3320/relogin-on-redirect branch from 80466d3 to 924ef54 Compare January 10, 2023 14:49
Sebobo
Sebobo approved these changes Jan 11, 2023
View reviewed changes
Copy link
Member

@Sebobo Sebobo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx, works as described!

@jonnitto jonnitto merged commit 938af23 into neos:7.3 Jan 12, 2023
@jonnitto jonnitto added the Bug Label to mark the change as bugfix label Feb 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonnitto jonnitto jonnitto approved these changes

@Sebobo Sebobo Sebobo approved these changes

Assignees
No one assigned
Labels
7.3 Bug Label to mark the change as bugfix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

BUG: Re-Login Dialog does not appear when sessions are destroyed
3 participants
@grebaldi @Sebobo @jonnitto