Show login popup or redirect to OAuth provider when session token has expired#4000
Merged
tillprochaska merged 1 commit intorelease/4.1.0from Nov 19, 2024
Merged
Conversation
Fixes #3999. This is related to #3948 in which I fixed the infinite request loop in case requests to the metadata API fail. This works as intended, but has one unintended side effect: We were actually kind of relying on the previous behavior to handle expired session tokens. For context: When a user logs in, the session token is stored. When the session token expires, future API requests using that session token will obviously fail. The UI was previously handling 401 response codes to invalidate the stored session token and display a login popup or redirect to the OAuth service. The change introduced in #3948 also prevented the handling of requests that failed to expired session tokens. I’m not convinced that this way of handling expired session tokens is a good solution as it’s pretty opaque. So with this change, we will keep the newly introduced behavior (which shows an error message and a "Retry" button) in case a request to the metadata API fails, *except* if it failed with a 401 response in which case we still do whatever happened before.
tillprochaska
force-pushed
the
fix/3999-ui-session-expired
branch
from
2785307 to
348434c
Compare
tillprochaska
changed the title
stchris
approved these changes
Nov 13, 2024
Contributor
stchris
left a comment
stchris
left a comment
There was a problem hiding this comment.
Works as expected! Thanks for catching and fixing this! 🙏
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #3999.
This is related to #3948 in which I fixed the infinite request loop in case requests to the metadata API fail. This works as intended, but has one unintended side effect: We were actually kind of relying on the previous behavior to handle expired session tokens.
For context: When a user logs in, the session token is stored. When the session token expires, future API requests using that session token will obviously fail. The UI was previously handling 401 response codes to invalidate the stored session token and display a login popup or redirect to the OAuth service.
The change introduced in #3948 also prevented the handling of requests that failed to expired session tokens. I’m not convinced that this way of handling expired session tokens is a good solution as it’s pretty opaque.
So with this change, we will keep the newly introduced behavior (which shows an error message and a "Retry" button) in case a request to the metadata API fails, except if it failed with a 401 response in which case we still do whatever happened before.
How to test this
developbranch or the4.1.0-rc1tag.