[Kimchi-devel] [PATCH V2 5/5] login page prompts error when session timeout

Wed Jun 4 13:04:52 UTC 2014

On 06/04/2014 07:33 PM, Yu Xin Huo wrote:
> After a further discussion, currently, no way to distinguish the state 
> between "user not login" and "session timeout".
> Currently, when session timeout, user is re-directed to login page, 
> but can not remind user the message "session timeout, please re-login".
how about "no session or session timeout, please login" ?
>
> Shao he will send out a new patch without it.
>
> On 6/4/2014 1:28 AM, shaohef at linux.vnet.ibm.com wrote:
>> From: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
>>
>> When session timeout, come back to login page with an
>> error message.
>>
>> When session logout, close session directly.
>>
>> Signed-off-by: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
>> ---
>> src/kimchi/auth.py | 9 +++++++--
>> ui/js/src/kimchi.main.js | 10 +++++++++-
>> ui/pages/login.html.tmpl | 2 ++
>> 3 files changed, 18 insertions(+), 3 deletions(-)
>>
>> diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
>> index 9cb40d3..7f98db0 100644
>> --- a/src/kimchi/auth.py
>> +++ b/src/kimchi/auth.py
>> @@ -161,7 +161,7 @@ def check_auth_session():
>> cherrypy.session.timeout * 60):
>> cherrypy.session[USER_NAME] = None
>> cherrypy.lib.sessions.expire()
>> - raise cherrypy.HTTPError(401)
>> + raise cherrypy.HTTPError(401, "sessionTimeout")
>> else:
>> cherrypy.session[REFRESH] = time.time()
>> return True
>> @@ -223,7 +223,7 @@ def logout():
>> cherrypy.session[USER_NAME] = None
>> cherrypy.session[REFRESH] = 0
>> cherrypy.session.release_lock()
>> - cherrypy.lib.sessions.expire()
>> + cherrypy.lib.sessions.close()
>>
>>
>> def has_permission(admin_methods):
>> @@ -238,6 +238,7 @@ def has_permission(admin_methods):
>>
>> def kimchiauth(admin_methods=None):
>> debug("Entering kimchiauth...")
>> + session_missing = cherrypy.session.missing
>> if check_auth_session():
>> if not has_permission(admin_methods):
>> raise cherrypy.HTTPError(403)
>> @@ -252,6 +253,10 @@ def kimchiauth(admin_methods=None):
>> if not template.can_accept('application/json'):
>> redirect_login()
>>
>> + # from browser, and it stays on one page.
>> + if session_missing and cherrypy.request.cookie.get("lastPage") is 
>> not None:
>> + raise cherrypy.HTTPError(401, "sessionTimeout")
>> +
>> if not from_browser():
>> cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=kimchi'
>>
>> diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js
>> index 1d614a5..e245fdd 100644
>> --- a/ui/js/src/kimchi.main.js
>> +++ b/ui/js/src/kimchi.main.js
>> @@ -223,11 +223,19 @@ kimchi.main = function() {
>> }
>>
>> if (jqXHR['status'] === 401) {
>> + var html = $.parseHTML(jqXHR['responseText'])
>> + var error = ""
>> + $.each(html, function(i, el) {
>> + if (el.nodeName == "P"){
>> + error = el.textContent;
>> + break;
>> + }
>> + });
>> kimchi.user.showUser(false);
>> kimchi.previousAjax = ajaxSettings;
>> $(".empty-when-logged-off").empty();
>> $(".remove-when-logged-off").remove();
>> - document.location.href='login.html';
>> + document.location.href= error == 'sessionTimeout' ? 
>> 'login.html/?error=sessionTimeout' : 'login.html';
>> return;
>> }
>> else if((jqXHR['status'] == 0) && ("error"==jqXHR.statusText)) {
>> diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl
>> index fc6cee6..4a7c87e 100644
>> --- a/ui/pages/login.html.tmpl
>> +++ b/ui/pages/login.html.tmpl
>> @@ -185,6 +185,8 @@ function setMessage() {
>> var err = "$getVar('data.error', '')";
>> if(err=="userPassWrong")
>> document.getElementById("messUserPass").style.display = "";
>> + if(err=="sessionTimeout")
>> + document.getElementById("messSession").style.display = "";
>> }
>> function init() {
>> setLang();
>
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>


-- 
Thanks and best regards!

Sheldon Feng(冯少合)<shaohef at linux.vnet.ibm.com>
IBM Linux Technology Center