N21-2136 error handling, adjusted text

controllers/login.js

@@ -492,12 +492,19 @@ router.get('/logout/external/', (req, res, next) => {
 
 	api(req, { version: 'v3' })
 		.post('/logout/external') // async, ignore result
-		.catch((err) => {
-			logger.error('error during logout.', formatError(err));
-		})
 		.then(() => {
 			res.statusCode = 307;
 			res.redirect(redirectUri);
+		})
+		.catch((err) => {
+			logger.error('error during external logout.', formatError(err));
+			req.session.notification = {
+				type: 'danger',
+				message: res.$t('logout.text.externalLogoutFailed', { systemName: res.locals.systemName ?? '' }),
+				statusCode: 500,
+				timeToWait: Configuration.get('LOGIN_BLOCK_TIME'),
+			};
+			res.redirect(req.header('referrer') ?? '/dashboard');
 		});
 });
 

helpers/authentication.js

@@ -102,13 +102,14 @@ const isAuthenticated = (req) => {
 
 const populateCurrentUser = async (req, res) => {
 	async function setExternalSystemFromJwt(decodedJwt) {
-		if (!("systemId" in decodedJwt) && !decodedJwt.systemId) {
+		if (!('systemId' in decodedJwt) && !decodedJwt.systemId) {
 			return;
 		}
 
 		try {
 			const response = await api(req, { version: 'v3' }).get(`/systems/public/${decodedJwt.systemId}`);
-			res.locals.externalSystem = response.alias;
+			res.locals.showExternalLogout = response.alias === 'SANIS';
+			res.locals.systemName = response.displayName;
 		} catch (err) {
 			const metadata = { error: err.toString() };
 			logger.error('Unable to find out the external login system used by user', metadata);
@@ -121,7 +122,6 @@ const populateCurrentUser = async (req, res) => {
 			// eslint-disable-next-line prefer-destructuring
 			payload = (jwt.decode(req.cookies.jwt, { complete: true }) || {}).payload;
 			res.locals.currentPayload = payload;
-			await setExternalSystemFromJwt(payload);
 		} catch (err) {
 			logger.error('Broken JWT / JWT decoding failed', formatError(err));
 			return clearCookie(req, res, { destroySession: true })
@@ -144,6 +144,8 @@ const populateCurrentUser = async (req, res) => {
 	}
 
 	if (payload && payload.userId) {
+		await setExternalSystemFromJwt(payload);
+
 		if (res.locals.currentUser && res.locals.currentSchoolData) {
 			return Promise.resolve(res.locals.currentSchoolData);
 		}

locales/de.json

@@ -2439,9 +2439,7 @@
 			},
 			"tab_label": {
 				"settings": "Einstellungen",
-				"signOut": "Logout",
-				"sanisSignOut": "Logout Bildungscloud",
-				"sanisExternalSignOut": "Logout Bildungscloud & moin.schule"
+				"signOut": "Logout"
 			},
 			"text": {
 				"allActionsThatCreate": "Sämtliche Aktionen, die Daten anlegen oder ändern, sind deaktiviert und nicht sichtbar.",
@@ -2602,6 +2600,11 @@
 			"userAccountDeactivated": "Ihr Konto wurde deaktiviert. Bitte wenden Sie sich an Ihren Schuladministrator."
 		}
 	},
+	"logout": {
+		"text": {
+			"externalLogoutFailed": "Die Abmeldung vom System {{systemName}} ist fehlgeschlagen. Bitte versuchen Sie es erneut oder kontaktieren Sie den Support."
+		}
+	},
 	"messenger": {
 		"button": {
 			"activate": "Aktivieren",

locales/en.json

@@ -2439,9 +2439,7 @@
 			},
 			"tab_label": {
 				"settings": "Settings",
-				"signOut": "Sign out",
-				"sanisSignOut": "Logout Bildungscloud",
-				"sanisExternalSignOut": "Logout Bildungscloud & moin.schule"
+				"signOut": "Sign out"
 			},
 			"text": {
 				"allActionsThatCreate": "All actions that create or change data are deactivated and not visible.",
@@ -2602,6 +2600,11 @@
 			"userAccountDeactivated": "Your account has been deactivated. Please contact your school administrator."
 		}
 	},
+	"logout": {
+		"text": {
+			"externalLogoutFailed": "Logout from {{systemName}} had failed. Please try again or contact support."
+		}
+	},
 	"messenger": {
 		"button": {
 			"activate": "Activate",

locales/es.json

@@ -2439,9 +2439,7 @@
 			},
 			"tab_label": {
 				"settings": "Configuración",
-				"signOut": "Cerrar sesión",
-				"sanisSignOut": "Cerrar sesión Bildungscloud",
-				"sanisExternalSignOut": "Cerrar sesión Bildungscloud & moin.schule"
+				"signOut": "Cerrar sesión"
 			},
 			"text": {
 				"allActionsThatCreate": "Todas las acciones que crean o modifican datos están desactivadas y no son visibles.",
@@ -2602,6 +2600,11 @@
 			"userAccountDeactivated": "Su cuenta ha sido desactivada. Comuníquese con el administrador de su escuela."
 		}
 	},
+	"logout": {
+		"text": {
+			"externalLogoutFailed": "El cierre de sesión del sistema {{systemName}} ha fallado. Inténtalo de nuevo o ponte en contacto con el servicio de asistencia."
+		}
+	},
 	"messenger": {
 		"button": {
 			"activate": "Activar",

locales/uk.json

@@ -1869,6 +1869,11 @@
 			"loginForRegisteredUsers": "Вхід в систему для зареєстрованих користувачів"
 		}
 	},
+	"logout": {
+		"text": {
+			"externalLogoutFailed": "Не вдалося вийти з системи {{SystemName}}. Спробуйте ще раз або зверніться до служби підтримки."
+		}
+	},
 	"teams": {
 		"_team": {
 			"edit": {
@@ -2607,9 +2612,7 @@
 		"loggedin": {
 			"tab_label": {
 				"settings": "Налаштування",
-				"signOut": "Вийти з системи",
-				"sanisSignOut": "Вийти з системи Bildungscloud",
-				"sanisExternalSignOut": "Вийти з системи Bildungscloud & moin.schule"
+				"signOut": "Вийти з системи"
 			},
 			"text": {
 				"allActionsThatCreate": "Усі дії, які створюють або змінюють дані, деактивовані та не показуються.",

views/lib/topbar.hbs

@@ -59,21 +59,22 @@
                   <hr>
                   {{> "user/forms/language" language=@root.userLanguage }}
                   <li><a class="dropdown-item" data-testid="settings" href="/account/" role="menuitem" aria-label="{{$t 'lib.loggedin.tab_label.settings' }}">{{$t "lib.loggedin.tab_label.settings" }}</a></li>
-                  {{#ifeq externalSystem "SANIS"}}
-                    <li><a class="dropdown-item localstorageclear" data-testid="logout-external" href="/logout/external/" role="menuitem" aria-label="{{$t 'lib.loggedin.tab_label.sanisExternalSignOut'}}">{{$t "lib.loggedin.tab_label.sanisExternalSignOut"}}</a></li>
-                    <li><a class="dropdown-item localstorageclear"
-                        data-testid="logout"
-                        role="menuitem"
-                        href= {{#hasConfig "OAUTH2_LOGOUT_URI"}} {{getConfig "OAUTH2_LOGOUT_URI"}} {{else}} "/logout/" {{/hasConfig}}
-                        aria-label="{{$t 'lib.loggedin.tab_label.sanisSignOut'}}">{{$t 'lib.loggedin.tab_label.sanisSignOut'}}</a></li>
-                  {{else}}
-                    <li><a class="dropdown-item localstorageclear"
-                         data-testid="logout"
-                         role="menuitem"
-                         href= {{#hasConfig "OAUTH2_LOGOUT_URI"}} {{getConfig "OAUTH2_LOGOUT_URI"}} {{else}} "/logout/" {{/hasConfig}}
-                         aria-label="{{$t 'lib.loggedin.tab_label.signOut'}}">
-                    {{$t 'lib.loggedin.tab_label.signOut'}}</a></li>
-                  {{/ifeq}}
+                  {{#if showExternalLogout}}
+                      <li><a class="dropdown-item localstorageclear"
+                          data-testid="logout-external"
+                          href="/logout/external/"
+                          role="menuitem"
+                          aria-label="{{$t 'lib.loggedin.tab_label.signOut'}} Bildungscloud & {{ systemName }}">
+                              {{$t 'lib.loggedin.tab_label.signOut'}} Bildungscloud & {{ systemName }}
+                      </a></li>
+                  {{/if}}
+                  <li><a class="dropdown-item localstorageclear"
+                      data-testid="logout"
+                      role="menuitem"
+                      href= {{#hasConfig "OAUTH2_LOGOUT_URI"}} {{getConfig "OAUTH2_LOGOUT_URI"}} {{else}} "/logout/" {{/hasConfig}}
+                      aria-label="{{$t 'lib.loggedin.tab_label.signOut'}}{{#if showExternalLogout}} Bildungscloud{{/if}}">
+                          {{$t 'lib.loggedin.tab_label.signOut'}}{{#if showExternalLogout}} Bildungscloud{{/if}}
+                  </a></li>
               </ul>
           </div>
       </li>