Re: [Kimchi-devel] [PATCH V2 5/5] login page prompts error when session timeout

4 Jun 2014

can we ignore session timeout, and just consider the 1/5-4/5 patches for 
this sprint?
On 06/04/2014 01:28 AM, shaohef@linux.vnet.ibm.com wrote:
...
From: ShaoHe Feng <shaohef@linux.vnet.ibm.com>
When session timeout, come back to login page with an
error message.
When session logout, close session directly.
Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com>
---
  src/kimchi/auth.py       |  9 +++++++--
  ui/js/src/kimchi.main.js | 10 +++++++++-
  ui/pages/login.html.tmpl |  2 ++
  3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
index 9cb40d3..7f98db0 100644
--- a/src/kimchi/auth.py
+++ b/src/kimchi/auth.py
@@ -161,7 +161,7 @@ def check_auth_session():
                      cherrypy.session.timeout * 60):
                  cherrypy.session[USER_NAME] = None
                  cherrypy.lib.sessions.expire()
-                raise cherrypy.HTTPError(401)
+                raise cherrypy.HTTPError(401, "sessionTimeout")
          else:
              cherrypy.session[REFRESH] = time.time()
          return True
@@ -223,7 +223,7 @@ def logout():
      cherrypy.session[USER_NAME] = None
      cherrypy.session[REFRESH] = 0
      cherrypy.session.release_lock()
-    cherrypy.lib.sessions.expire()
+    cherrypy.lib.sessions.close()
def has_permission(admin_methods):
@@ -238,6 +238,7 @@ def has_permission(admin_methods):
def kimchiauth(admin_methods=None):
      debug("Entering kimchiauth...")
+    session_missing = cherrypy.session.missing
      if check_auth_session():
          if not has_permission(admin_methods):
              raise cherrypy.HTTPError(403)
@@ -252,6 +253,10 @@ def kimchiauth(admin_methods=None):
      if not template.can_accept('application/json'):
          redirect_login()
+    # from browser, and it stays on one page.
+    if session_missing and cherrypy.request.cookie.get("lastPage") is not None:
+        raise cherrypy.HTTPError(401, "sessionTimeout")
+
      if not from_browser():
          cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=kimchi'
diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js
index 1d614a5..e245fdd 100644
--- a/ui/js/src/kimchi.main.js
+++ b/ui/js/src/kimchi.main.js
@@ -223,11 +223,19 @@ kimchi.main = function() {
              }
if (jqXHR['status'] === 401) {
+                var html = $.parseHTML(jqXHR['responseText'])
+                var error = ""
+                $.each(html, function(i, el) {
+                    if (el.nodeName == "P"){
+                        error = el.textContent;
+                       break;
+                    }
+                });
                  kimchi.user.showUser(false);
                  kimchi.previousAjax = ajaxSettings;
                  $(".empty-when-logged-off").empty();
                  $(".remove-when-logged-off").remove();
-                document.location.href='login.html';
+                document.location.href= error == 'sessionTimeout' ? 'login.html/?error=sessionTimeout' : 'login.html';
                  return;
              }
              else if((jqXHR['status'] == 0) && ("error"==jqXHR.statusText)) {
diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl
index fc6cee6..4a7c87e 100644
--- a/ui/pages/login.html.tmpl
+++ b/ui/pages/login.html.tmpl
@@ -185,6 +185,8 @@ function setMessage() {
      var err = "$getVar('data.error', '')";
      if(err=="userPassWrong")
          document.getElementById("messUserPass").style.display = "";
+    if(err=="sessionTimeout")
+        document.getElementById("messSession").style.display = "";
  }
  function init() {
      setLang();
-- 
Thanks and best regards!

Sheldon Feng(冯少合)<shaohef@linux.vnet.ibm.com>
IBM Linux Technology Center

    