• Robert Knight's avatar
    Simplify API authentication in the client · e5af8365
    Robert Knight authored
    In order to make API requests, the client needs to
    fetch a JWT token and then configure 'angular-jwt'
    to provide it on subsequent HTTP requests to
    API endpoints.
    
    This fairly simple task was complicated by
    the inclusion of an emulation of the deprecated
    Mozilla IdentityManager API - see https://developer.mozilla.org/en-US/docs/Web/API/IdentityManager
    
    This commit replaces the identity module with
    a much simpler implementation that only does
    what we actually need at present:
    
     1. Enable the 'angular-jwt' interceptor which
        adds 'Authorization: Bearer <Token>' headers
        to API HTTP requests.
    
     2. Provide the JWT interceptor with a function
        which fetches JWT tokens and caches them.
    
    The new implementation fixes two bugs in the previous
    implementation:
    
     1. Cached API tokens were not invalidated properly when
        signing out (#3083).
    
        (In the old code, 'authPromise' was set to a rejected promise
         after signing out, but 'checkAuthentication()' checked for
         'authPromise' being _null_ when deciding whether to retrieve
         a new token. Consequently API requests made immediately
         after signing in could end up being unauthenticated).
    
     2. The value of $scope.auth.username and session.state.userid
        could get out of sync (#2924).
    
        In the new implementation, $scope.auth.username is always
        updated whenever the USER_CHANGED event is emitted and that
        event is always emitted when session.state.userid changes.
    
    Fixes #3083
    Fixes #2924
    e5af8365
Name
Last commit
Last update
..
annotation-fixtures.js Loading commit data...
annotation-mapper-test.js Loading commit data...
annotation-metadata-test.js Loading commit data...
annotation-sync-test.coffee Loading commit data...
annotation-ui-controller-test.coffee Loading commit data...
annotation-ui-sync-test.coffee Loading commit data...
annotation-ui-test.js Loading commit data...
annotation-viewer-controller-test.coffee Loading commit data...
app-controller-test.js Loading commit data...
auth-test.js Loading commit data...
bootstrap.js Loading commit data...
bridge-test.coffee Loading commit data...
create-group-form-test.js Loading commit data...
cross-frame-test.coffee Loading commit data...
discovery-test.coffee Loading commit data...
drafts-test.js Loading commit data...
features-test.js Loading commit data...
form-respond-test.coffee Loading commit data...
groups-test.js Loading commit data...
host-test.coffee Loading commit data...
installer-controller-test.js Loading commit data...
local-storage-test.coffee Loading commit data...
login-form-test.coffee Loading commit data...
markdown-commands-test.js Loading commit data...
media-embedder-test.js Loading commit data...
permissions-test.coffee Loading commit data...
promise-util.js Loading commit data...
raven-test.js Loading commit data...
retry-util-test.js Loading commit data...
search-filter-test.coffee Loading commit data...
session-test.js Loading commit data...
settings-test.js Loading commit data...
store-test.js Loading commit data...
stream-controller-test.coffee Loading commit data...
streamer-test.js Loading commit data...
tags-test.coffee Loading commit data...
threading-test.coffee Loading commit data...
time-test.js Loading commit data...
unicode-test.coffee Loading commit data...
view-filter-test.coffee Loading commit data...
websocket-test.js Loading commit data...
widget-controller-test.js Loading commit data...