• Robert Knight's avatar
    Simplify API authentication in the client · e5af8365
    Robert Knight authored
    In order to make API requests, the client needs to
    fetch a JWT token and then configure 'angular-jwt'
    to provide it on subsequent HTTP requests to
    API endpoints.
    
    This fairly simple task was complicated by
    the inclusion of an emulation of the deprecated
    Mozilla IdentityManager API - see https://developer.mozilla.org/en-US/docs/Web/API/IdentityManager
    
    This commit replaces the identity module with
    a much simpler implementation that only does
    what we actually need at present:
    
     1. Enable the 'angular-jwt' interceptor which
        adds 'Authorization: Bearer <Token>' headers
        to API HTTP requests.
    
     2. Provide the JWT interceptor with a function
        which fetches JWT tokens and caches them.
    
    The new implementation fixes two bugs in the previous
    implementation:
    
     1. Cached API tokens were not invalidated properly when
        signing out (#3083).
    
        (In the old code, 'authPromise' was set to a rejected promise
         after signing out, but 'checkAuthentication()' checked for
         'authPromise' being _null_ when deciding whether to retrieve
         a new token. Consequently API requests made immediately
         after signing in could end up being unauthenticated).
    
     2. The value of $scope.auth.username and session.state.userid
        could get out of sync (#2924).
    
        In the new implementation, $scope.auth.username is always
        updated whenever the USER_CHANGED event is emitted and that
        event is always emitted when session.state.userid changes.
    
    Fixes #3083
    Fixes #2924
    e5af8365
Name
Last commit
Last update
h Loading commit data...
scripts Loading commit data...
.hound.yml Loading commit data...
.jscsrc Loading commit data...
.jshintignore Loading commit data...
.jshintrc Loading commit data...
gulpfile.js Loading commit data...
package.json Loading commit data...