-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BUG: Error message displayed when session token has expired #3999
Comments
tillprochaska
added
bug
Things that should work, but don’t
ui
Issues related to Aleph’s frontend
labels
Nov 12, 2024
tillprochaska
added a commit
that referenced
this issue
Nov 12, 2024
Fixes #3999. This is related to #3948 in which I fixed the infinite request loop in case requests to the metadata API fail. This works as intended, but has one unintended side effect: We were actually kind of relying on the previous behavior to handle expired session tokens. For context: When a user logs in, the session token is stored. When the session token expires, future API requests using that session token will obviously fail. The UI was previously handling 401 response codes to invalidate the stored session token and display a login popup or redirect to the OAuth service. The change introduced in #3948 also prevented the handling of requests that failed to expired session tokens. I’m not convinced that this way of handling expired session tokens is a good solution as it’s pretty opaque. So with this change, we will keep the newly introduced behavior (which shows an error message and a "Retry" button) in case a request to the metadata API fails, *except* if it failed with a 401 response in which case we still do whatever happened before.
tillprochaska
changed the title
BUG:
BUG: Error message displayed when session token has expired
Nov 12, 2024
tillprochaska
added a commit
that referenced
this issue
Nov 12, 2024
Fixes #3999. This is related to #3948 in which I fixed the infinite request loop in case requests to the metadata API fail. This works as intended, but has one unintended side effect: We were actually kind of relying on the previous behavior to handle expired session tokens. For context: When a user logs in, the session token is stored. When the session token expires, future API requests using that session token will obviously fail. The UI was previously handling 401 response codes to invalidate the stored session token and display a login popup or redirect to the OAuth service. The change introduced in #3948 also prevented the handling of requests that failed to expired session tokens. I’m not convinced that this way of handling expired session tokens is a good solution as it’s pretty opaque. So with this change, we will keep the newly introduced behavior (which shows an error message and a "Retry" button) in case a request to the metadata API fails, *except* if it failed with a 401 response in which case we still do whatever happened before.
tillprochaska
added a commit
that referenced
this issue
Nov 19, 2024
Fixes #3999. This is related to #3948 in which I fixed the infinite request loop in case requests to the metadata API fail. This works as intended, but has one unintended side effect: We were actually kind of relying on the previous behavior to handle expired session tokens. For context: When a user logs in, the session token is stored. When the session token expires, future API requests using that session token will obviously fail. The UI was previously handling 401 response codes to invalidate the stored session token and display a login popup or redirect to the OAuth service. The change introduced in #3948 also prevented the handling of requests that failed to expired session tokens. I’m not convinced that this way of handling expired session tokens is a good solution as it’s pretty opaque. So with this change, we will keep the newly introduced behavior (which shows an error message and a "Retry" button) in case a request to the metadata API fails, *except* if it failed with a 401 response in which case we still do whatever happened before.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When a session token expires, an error message is displayed (see screenshot). After clicking on the "Retry" button the page reloads and the login popup is displayed or a redirect to the OAuth provider happens (depending on configuration)
To Reproduce
Steps to reproduce the behavior:
state
item contains JSON-serialized, including the session token.Expected behavior
When the session token expires, the login popup should be displayed or a redirect to the OAuth provider should happen directly. No error message should be displayed, and the user shouldn’t need to click on the "Retry" button.
Aleph version
4.1.0-rc1
Screenshots
Additional context
The text was updated successfully, but these errors were encountered: