[Kimchi-devel] [PATCH V3 2/5] redirect the URL to login page when session timeout or first login

Aline Manera alinefm at linux.vnet.ibm.com
Mon Jun 9 18:11:15 UTC 2014 

On 06/05/2014 01:10 PM, shaohef at linux.vnet.ibm.com wrote:
> From: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
>
> If the content type is application/json still raise 401 status code.
> And let UI redirect to login page.
>
> or the backe redirects to login page directly.
>
> Signed-off-by: ShaoHe Feng <shaohef at linux.vnet.ibm.com>
> Signed-off-by: Yu Xin Huo <huoyuxin at linux.vnet.ibm.com>
> ---
>   src/kimchi/auth.py       | 11 +++++++++++
>   src/kimchi/config.py.in  |  3 +++
>   src/kimchi/root.py       | 28 +++++++++++++++++++---------
>   ui/js/src/kimchi.main.js |  5 +----
>   4 files changed, 34 insertions(+), 13 deletions(-)
>
> diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
> index dc78ded..a38dbd3 100644
> --- a/src/kimchi/auth.py
> +++ b/src/kimchi/auth.py
> @@ -28,6 +28,7 @@
>   import re
>   import termios
>   import time
> +import urllib2
>
>
>   from kimchi import template
> @@ -41,6 +42,12 @@
>   REFRESH = 'robot-refresh'
>
>
> +def redirect_login():
> +    next_url = urllib2.quote(
> +        cherrypy.request.path_info.encode('utf-8'), safe="")
> +    raise cherrypy.HTTPRedirect("/login.html?next=%s" % next_url, 303)
> +
> +
>   def debug(msg):
>       pass
>       # cherrypy.log.error(msg)
> @@ -234,6 +241,10 @@ def kimchiauth(admin_methods=None):
>               raise cherrypy.HTTPError(403)
>           return
>
> +    # not a REST full request, redirect login page directly
> +    if not template.can_accept('application/json'):
> +        redirect_login()
> +
>       if not from_browser():
>           cherrypy.response.headers['WWW-Authenticate'] = 'Basic realm=kimchi'
>
> diff --git a/src/kimchi/config.py.in b/src/kimchi/config.py.in
> index 0206570..d4cbda0 100644
> --- a/src/kimchi/config.py.in
> +++ b/src/kimchi/config.py.in
> @@ -187,6 +187,9 @@ class KimchiConfig(dict):
>           '/spice.html': {
>               'tools.kimchiauth.on': True
>           },
> +       '/kimchi-ui.html': {
> +            'tools.kimchiauth.on': True
> +        },
>           '/data/screenshots': {
>               'tools.staticdir.on': True,
>               'tools.staticdir.dir': get_screenshot_path(),
> diff --git a/src/kimchi/root.py b/src/kimchi/root.py
> index 8b1d09b..181ab13 100644
> --- a/src/kimchi/root.py
> +++ b/src/kimchi/root.py
> @@ -81,7 +81,7 @@ def get(self):
>       @cherrypy.expose
>       def default(self, page, **kwargs):
>           if page.endswith('.html'):
> -            return template.render(page, None)
> +            return template.render(page, kwargs)
>           raise cherrypy.HTTPError(404)
>
>       @cherrypy.expose
> @@ -110,14 +110,24 @@ def __init__(self, model, dev_env):
>           self.messages = messages
>
>       @cherrypy.expose
> -    def login(self, *args):
> -        params = parse_request()
> -        try:
> -            username = params['username']
> -            password = params['password']
> -        except KeyError, item:
> -            e = MissingParameter('KCHAUTH0003E', {'item': str(item)})
> -            raise cherrypy.HTTPError(400, e.message)

> +    def login(self, *args, **kwargs):
> +        username = kwargs.get('username')
> +        password = kwargs.get('password')
> +        # forms base authentication
> +        if username is not None:
> +            # UI can pass the redirect url by "next" query parameter
> +            next_url = kwargs.get('next', "/")
> +            next_url = type(next_url) is list and next_url[0]
> +            auth.login(username, password)
> +            raise cherrypy.HTTPRedirect(next_url, 303)
> +        else:
> +            try:
> +                params = parse_request()
> +                username = params['username']
> +                password = params['password']
> +            except KeyError, item:
> +                e = MissingParameter('KCHAUTH0003E', {'item': str(item)})
> +                raise cherrypy.HTTPError(400, e.message)

I didn't understand this code.
Why did you get username and password from kwargs and in "else" from 
parse_request()?
Should that info be in a single location?

And if you raise/return, you don't need a "else" it eliminates some 
indentation levels.

>           try:
>               user_info = auth.login(username, password)
> diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js
> index 184029d..2a8f461 100644
> --- a/ui/js/src/kimchi.main.js
> +++ b/ui/js/src/kimchi.main.js
> @@ -227,10 +227,7 @@ kimchi.main = function() {
>                   kimchi.previousAjax = ajaxSettings;
>                   $(".empty-when-logged-off").empty();
>                   $(".remove-when-logged-off").remove();
> -                kimchi.window.open({
> -                    url: 'login-window.html',
> -                    id: 'login-window-wrapper'
> -                });
> +                document.location.href='login.html';
>                   return;
>               }
>               else if((jqXHR['status'] == 0) && ("error"==jqXHR.statusText)) {

More information about the Kimchi-devel mailing list