You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Florian Motteau (Jira)" <ji...@apache.org> on 2022/05/18 13:30:00 UTC

[jira] [Created] (OFBIZ-12620) Redirect unauthenticated user to login on AJAX calls

Florian Motteau created OFBIZ-12620:
---------------------------------------

             Summary: Redirect unauthenticated user to login on AJAX calls
                 Key: OFBIZ-12620
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12620
             Project: OFBiz
          Issue Type: Improvement
            Reporter: Florian Motteau
         Attachments: image-2022-05-18-14-47-09-659.png

Use case :
 * log in,
 * open a second browser tab (so both tabs are authenticated),
 * in first tab, open a page, where a link opens a modal, the modal content is fetched through AJAX when user clicks the link,
 * log out in second tab,
 * in first tab, click on the link, the AJAX request fires, but returns nothing with a status 200, which result in a white modal without any user feedback.

Example :

`/workeffort/control/EditWorkEffortRates?workEffortId=PrivateDemoEmployee`

!image-2022-05-18-14-47-09-659.png|width=218,height=124!

This patch does 3 things to improve this behavior :
 * return a HTTP status code 401 (Unauthorized) in LoginWorker::checkLogin if user is not authenticated (no more 200),
 * in common-theme, OfbizUtil.js, on AJAX calls handler, if the request fails with a 401 status code, reload current page (so we land on login form instead of being stuck in a blank modal) with a new search param `clickOn` containing the id of the link that triggered the AJAX call,
 * on page load, if `clickOn` search parameter exists, trigger a click event on the link, so the initial modal pops in after a successful login



--
This message was sent by Atlassian Jira
(v8.20.7#820007)