[Kimchi-devel] [PATCH V2 5/5] login page prompts error when session timeout

Sheldon shaohef at linux.vnet.ibm.com
Wed Jun 4 15:27:30 UTC 2014


can we ignore session timeout, and just consider the 1/5-4/5 patches for 
this sprint?
On 06/04/2014 01:28 AM, shaohef at linux.vnet.ibm.com wrote:
> From: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
>
> When session timeout, come back to login page with an
> error message.
>
> When session logout, close session directly.
>
> Signed-off-by: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
> ---
>   src/kimchi/auth.py       |  9 +++++++--
>   ui/js/src/kimchi.main.js | 10 +++++++++-
>   ui/pages/login.html.tmpl |  2 ++
>   3 files changed, 18 insertions(+), 3 deletions(-)
>
> diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
> index 9cb40d3..7f98db0 100644
> --- a/src/kimchi/auth.py
> +++ b/src/kimchi/auth.py
> @@ -161,7 +161,7 @@ def check_auth_session():
>                       cherrypy.session.timeout * 60):
>                   cherrypy.session[USER_NAME] = None
>                   cherrypy.lib.sessions.expire()
> -                raise cherrypy.HTTPError(401)
> +                raise cherrypy.HTTPError(401, "sessionTimeout")
>           else:
>               cherrypy.session[REFRESH] = time.time()
>           return True
> @@ -223,7 +223,7 @@ def logout():
>       cherrypy.session[USER_NAME] = None
>       cherrypy.session[REFRESH] = 0
>       cherrypy.session.release_lock()
> -    cherrypy.lib.sessions.expire()
> +    cherrypy.lib.sessions.close()
>
>
>   def has_permission(admin_methods):
> @@ -238,6 +238,7 @@ def has_permission(admin_methods):
>
>   def kimchiauth(admin_methods=None):
>       debug("Entering kimchiauth...")
> +    session_missing = cherrypy.session.missing
>       if check_auth_session():
>           if not has_permission(admin_methods):
>               raise cherrypy.HTTPError(403)
> @@ -252,6 +253,10 @@ def kimchiauth(admin_methods=None):
>       if not template.can_accept('application/json'):
>           redirect_login()
>
> +    # from browser, and it stays on one page.
> +    if session_missing and cherrypy.request.cookie.get("lastPage") is not None:
> +        raise cherrypy.HTTPError(401, "sessionTimeout")
> +
>       if not from_browser():
>           cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=kimchi'
>
> diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js
> index 1d614a5..e245fdd 100644
> --- a/ui/js/src/kimchi.main.js
> +++ b/ui/js/src/kimchi.main.js
> @@ -223,11 +223,19 @@ kimchi.main = function() {
>               }
>
>               if (jqXHR['status'] === 401) {
> +                var html = $.parseHTML(jqXHR['responseText'])
> +                var error = ""
> +                $.each(html, function(i, el) {
> +                    if (el.nodeName == "P"){
> +                        error = el.textContent;
> +                       break;
> +                    }
> +                });
>                   kimchi.user.showUser(false);
>                   kimchi.previousAjax = ajaxSettings;
>                   $(".empty-when-logged-off").empty();
>                   $(".remove-when-logged-off").remove();
> -                document.location.href='login.html';
> +                document.location.href= error == 'sessionTimeout' ? 'login.html/?error=sessionTimeout' : 'login.html';
>                   return;
>               }
>               else if((jqXHR['status'] == 0) && ("error"==jqXHR.statusText)) {
> diff --git a/ui/pages/login.html.tmpl b/ui/pages/login.html.tmpl
> index fc6cee6..4a7c87e 100644
> --- a/ui/pages/login.html.tmpl
> +++ b/ui/pages/login.html.tmpl
> @@ -185,6 +185,8 @@ function setMessage() {
>       var err = "$getVar('data.error', '')";
>       if(err=="userPassWrong")
>           document.getElementById("messUserPass").style.display = "";
> +    if(err=="sessionTimeout")
> +        document.getElementById("messSession").style.display = "";
>   }
>   function init() {
>       setLang();


-- 
Thanks and best regards!

Sheldon Feng(冯少合)<shaohef at linux.vnet.ibm.com>
IBM Linux Technology Center




More information about the Kimchi-devel mailing list