Commit e000d9a3 authored by o's avatar o
Browse files

automatically redirect to login if backend auth expires

parent cebe2410
......@@ -3,6 +3,12 @@ require 'zxcvbn'
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
# Happens when api token times out
rescue_from RestClient::Unauthorized, :with => :catch_unauthorized
def catch_unauthorized
redirect_to '/login'
end
before_action :authorize
before_action :set_locale
......@@ -119,7 +125,7 @@ class ApplicationController < ActionController::Base
end
def update_session_expiry
session[:expires_at] = 15.minutes.from_now.to_i
session[:expires_at] = 60.minutes.from_now.to_i
end
helper_method :update_session_expiry
......
......@@ -74,6 +74,8 @@ module ApiBackend
res
rescue RestClient::BadRequest => e
raise ApiError.new("400", JSON.parse(e.response)['errors'])
rescue RestClient::Unauthorized => e
raise e
rescue => e
raise ApiError.new("#{e}")
end
......
......@@ -5,6 +5,15 @@ require 'jsobfu'
class SessionsController < ApplicationController
include ApiBackend
def destroy_local
reset_user_session
if SamlConfig.idp_sso_logout
redirect_to SamlConfig.idp_sso_logout
else
redirect_to '/login'
end
end
def destroy
reset_user_session
redirect_to '/login'
......
......@@ -39,7 +39,6 @@ class TfaController < ApplicationController
redirect_to tfa_path
end
private
def fetch_existing_2fa
res = api.get_totp_names
......
......@@ -33,7 +33,7 @@
<div class="loginstat">
<% if current_user %>
<%= link_to t(:hello), '/' %> <%= current_user %> (<%= link_to (t :logout), if SamlConfig.idp_sso_logout then SamlConfig.idp_sso_logout else '/logout' end %>)
<%= link_to t(:hello), '/' %> <%= current_user %> (<%= link_to (t :logout), '/logout_local' %>)
<% elsif !@handoff %>
<i><%= t(:main_title) %></i>
<% end %>
......
......@@ -3,6 +3,7 @@ Rails.application.routes.draw do
get '/login', to: 'saml#init'
get '/logout', to: 'sessions#destroy'
get '/logout_local', to: 'sessions#destroy_local'
if !Admin::Enabled
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment