Mercurial > gemma
changeset 4415:8dde014af77b
session: Remove potential infinite loop of logging out.
When a user is logged in while the session is not available on the server side,
and the user wants to log out, the logout request is started.
When the server refuses to log the user out without a valid token and answers
(correctly) with HTTP 401, the app calls the logout per default, which might end in an
infinite loop.
The logout procedure tests whether the users has a token stored.
If so, the logout is called and the token is removed. In case the
logout was answered with a HTTP 401 the cycle begins anew, but this time
without token the user is treated as effective being logged out.
author | Thomas Junk <thomas.junk@intevation.de> |
---|---|
date | Wed, 18 Sep 2019 11:32:29 +0200 |
parents | b5290f4a35f4 |
children | 5b2023c2c41e |
files | client/src/lib/session.js |
diffstat | 1 files changed, 9 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/client/src/lib/session.js Wed Sep 18 10:37:54 2019 +0200 +++ b/client/src/lib/session.js Wed Sep 18 11:32:29 2019 +0200 @@ -18,25 +18,27 @@ import { displayError } from "@/lib/errors"; const logOff = () => { + const hasToken = localStorage.getItem("token"); + if (!hasToken) return; HTTP.get("/logout", { headers: { "X-Gemma-Auth": localStorage.getItem("token"), "Content-type": "text/xml; charset=UTF-8" } }) - .then(() => { - app.$snotify.clear(); - app.$store.commit("reset"); - app.$store.commit("user/clearAuth"); - app.$router.push("/login"); - unsetLayerConfigs(); - }) .catch(error => { const { status, data } = error.response; displayError({ title: this.$gettext("Backend Error"), message: `${status}: ${data.message || data}` }); + }) + .finally(() => { + app.$snotify.clear(); + app.$store.commit("reset"); + app.$store.commit("user/clearAuth"); + app.$router.push("/login"); + unsetLayerConfigs(); }); };