darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-04-15 14:51:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

return 200 to js instead of 302 when logging in

Browse Source 
the js fetch function is really not designed to work with 302s. when it
receives a 302, it automatically follows it and fetches the next page.
This is awkward because I don't want js to do all this in ajax, I want
the browser to get the new URL so it can load the page.

A better approach is to view the admin endpoint as a more pure API: the
js sends a request for authentication to the admin app, and the admin
app responds with a 200 indicating success, and then a payload of
relevant data with that.

The relevant data in this case is "Which URL should I redirect to", it
might be the user's list of services page, or it might be a page telling
them that their email needs revalidating.
This commit is contained in:
Leo Hemsted
2021-05-25 15:50:14 +01:00
parent c29f87f55d
commit d05f127e41
3 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
app/assets/javascripts/authenticateSecurityKey.js
View File

@@ -33,21 +33,22 @@
});
})
.then(response => {
if (response.status === 403){
if (response.status === 403) {
// flask will have `flash`ed an error message up
window.location.reload();
return;
}
if (!response.ok) {
// probably an internal server error
throw Error(response.statusText);
}
// fetch will already have done the login redirect dance and will at this point be
// referring to the final 200 - hopefully to the `/accounts` url or similar. Set the location
// to trigger a browser navigate to that URL.
window.location.href = response.url;
return response.arrayBuffer()
.then(cbor => {
return Promise.resolve(window.CBOR.decode(cbor));
})
.catch(() => {
throw Error(response.statusText);
})
.then(data => {
window.location = data.redirect_url;
});
})
.catch(error => {
console.error(error);