Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redirect to login page when accessing a react page without being logged in #551

Open
Pauleing opened this issue Oct 3, 2024 · 4 comments
Open

Redirect to login page when accessing a react page without being logged in #551

Pauleing opened this issue Oct 3, 2024 · 4 comments
Assignees
@marcanpilami
Labels
packaging react UI
Milestone
3.1

Comments

@Pauleing
Copy link
Collaborator

Pauleing commented Oct 3, 2024

Could be related to #491 , check with @marcanpilami
@Pauleing Pauleing added this to the 3.0 milestone Oct 3, 2024
marcanpilami added a commit that referenced this issue Oct 14, 2024
@marcanpilami
Fixed backend part of #551 - ugly basic auth prompt inside React app
e4b12dd
@marcanpilami
Copy link
Contributor

Unassigning myself, as backend part is done. Backend behavious is now like this:

  • When a query arrives with a certificate, certificate is used for auth.
  • Otherwise, if no session is already open, challenge the query with a normal basic auth only if not coming from an XmlHttpRequest (determined with X-Requested-With header)
  • Otherwise challenge with a basic authentication with the BASICXHR auth schema, which is not supported by browsers and therefore will not create any prompt.

Therefore, the react app must simply catch 401 answers and deal with them accordingly (ask for auth again).

@marcanpilami marcanpilami removed their assignment Oct 14, 2024
@Pauleing Pauleing assigned marcanpilami and unassigned Pauleing Oct 15, 2024
@Pauleing
Copy link
Collaborator Author

@marcanpilami I'm reassigning you since the basic auth prompt is still shown when trying to access a page while being logged out. It works fine when accessing "/" though, thanks.

marcanpilami added a commit that referenced this issue Oct 15, 2024
@marcanpilami
#551 - Added redirect to form authentication for deep links
c22e002 
Note the form does not redirect to the requested URL - annoying.
@marcanpilami
Copy link
Contributor

Added to the policy: all non-ws URL (existing or not) are protected by form authentication . So deep links should now trigger authentication form.

Still annoying: cannot find a way to redirect to requested URL after auth form... should be the default with Shiro, but it always redirects to root.

Pauleing added a commit that referenced this issue Oct 16, 2024
@Pauleing
Redirect to login page if an API call returns a 401 #551
2ed8395
@Pauleing
Copy link
Collaborator Author

@marcanpilami I added the code to catch 401 in API calls and redirect to the auth page, but sadly Shiro blocks the request first and shows the basic auth login. Can you check this part as well?

@Pauleing Pauleing removed their assignment Oct 16, 2024
Pauleing added a commit that referenced this issue Oct 30, 2024
@Pauleing
Redirect to login page if an API call returns a 401 #551
fd296ee
Pauleing added a commit that referenced this issue Nov 6, 2024
@Pauleing
Redirect to login page if an API call returns a 401 #551
cc29aaa
@Pauleing Pauleing modified the milestones: 3.0, 3.1 Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcanpilami marcanpilami

Labels
packaging react UI
Projects
None yet
Milestone
3.1
Development

No branches or pull requests
2 participants
@marcanpilami @Pauleing