Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Small login bugs #1788

Merged
merged 1 commit into from
Dec 20, 2024
Merged

Small login bugs #1788

merged 1 commit into from
Dec 20, 2024

Conversation

ryan-pratt
Copy link
Contributor

@ryan-pratt ryan-pratt commented Dec 19, 2024

Couple minor issues that have been bugging me:

  • If the user somehow goes to /login while they're already authenticated (e.g. from a browser bookmark), they shouldn't be asked for the password again
  • If they ended up on /login with no ?redirect= query param, redirect.startsWith would error (redirect is undefined) and trigger the catch block that erroneously alerted them that they entered an incorrect password

The TODO I left in AppNav is a combination of those two issues. It's not a regression, it's just something that I'm not sure how to fix at the moment. I think AppNav's redirect logic needs to be somewhere else

Copy link

Copy link

codecov bot commented Dec 19, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.58%. Comparing base (620b543) to head (2b9b289).
Report is 7 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1788      +/-   ##
==========================================
+ Coverage   79.56%   79.58%   +0.01%     
==========================================
  Files         517      517              
  Lines       40737    40737              
==========================================
+ Hits        32414    32421       +7     
+ Misses       8323     8316       -7     
Flag Coverage Δ
python 84.31% <ø> (+0.04%) ⬆️
ruby-api 48.64% <ø> (ø)
ruby-backend 82.61% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ryan-pratt ryan-pratt requested a review from jmthomas December 19, 2024 22:29
@@ -64,7 +64,7 @@
<v-row>
<v-btn
type="submit"
@click.prevent="verifyPassword"
@click.prevent="() => verifyPassword()"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does this work since verifyPassword takes 2 parameters?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All js function arguments default to undefined if you don't pass them in. So for when it's called from here, the ||= operator on line 163 will set token, and the ! operator on line 181 will negate undefined to set this.showAlert to true.

This line could be written as @click.prevent="() => verifyPassword(password, false)" (or even verifyPassword(null, false)) but it's unnecessary to be explicit

// Valid relative redirect URL
window.location = decodeURI(redirect)
} else {
window.location = '/'
}
},
verifyPassword: function () {
verifyPassword: function (token, noAlert) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this ever called with noAlert set to false?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's called with undefined as discussed above

this.showAlert = false
Api.post('/openc3-api/auth/verify', {
data: {
token: this.password,
token,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

token key not needed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

data: { token }, is equivalent to data: { token: token }, but reads cleaner imo

@ryan-pratt ryan-pratt merged commit 6e9db63 into main Dec 20, 2024
28 checks passed
@ryan-pratt ryan-pratt deleted the login-redirect branch December 20, 2024 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants