Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

401 Unauthorized response to check_session doesn't trigger logout #290

Open
nmcharlton opened this issue Jan 14, 2022 · 2 comments · May be fixed by #358
Open

401 Unauthorized response to check_session doesn't trigger logout #290

nmcharlton opened this issue Jan 14, 2022 · 2 comments · May be fixed by #358
Labels
on hold Awaiting progress on other items before a decision is made size: medium Medium-size issue type: bug Something isn't working

Comments

@nmcharlton
Copy link
Collaborator

When a user's session has expired, the JWT token changes or a developer switches between a local backend and a cloud backend, reloading the dashboard triggers several API calls that return 401 (unauthorized) errors.

This triggers confusing errors in development:
Screenshot 2022-01-14 at 21 09 52
In production, the dashboard appears stuck, with no indication of what's happened:
Screenshot 2022-01-14 at 21 10 12
It should be up to /auth/check_session to check whether the session is still valid, and a 401 response to this should trigger a logout redirect, but this doesn't seem to be working properly.
Other API calls should ideally be paused until check_session has completed.
@nmcharlton nmcharlton added type: bug Something isn't working size: medium Medium-size issue labels Jan 14, 2022
@nmcharlton
Copy link
Collaborator Author

@popietree Do you think you could take a look at this one? Let me know if you have any questions.

@popietree popietree linked a pull request Feb 4, 2022 that will close this issue
Draft
6 tasks
@nmcharlton nmcharlton mentioned this issue Mar 3, 2022
Open
@nmcharlton nmcharlton self-assigned this Apr 2, 2022
@nmcharlton nmcharlton moved this to In Progress in Image Optimisation Apr 3, 2022
@nmcharlton nmcharlton mentioned this issue May 7, 2022
Closed
@nmcharlton nmcharlton removed their assignment May 7, 2022
@nmcharlton
Copy link
Collaborator Author

We're going to hold off fixing this until we've ported to keycloak since lots of session management issues like this will be taken out of our hands.

@nmcharlton nmcharlton added the on hold Awaiting progress on other items before a decision is made label Aug 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
on hold Awaiting progress on other items before a decision is made size: medium Medium-size issue type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(session): check for valid session before API calls popietree/treetracker-admin-client
1 participant
@nmcharlton