meow icon indicating copy to clipboard operation
meow copied to clipboard

Published 20 hours ago verified publisher icon dailybruin

User logout on all 403 Unauthorized

Open DumboOctopus opened this issue 5 years ago • 1 comments

This will be a robust solution to frontend thinks we are signed in but we are not in backend problem.

Backend:

A lot of the views have the @login_required decorator. This decorator will respond with a 500 if the user is not authenticated. We should change this to 403. having it a 500 is confusing because 500 = Internal server error and can also be caused whenever the code break (syntax error, no attribute error, etc)

Frontend:

Most of our api requests are handled in the same code as our redux state changes. This is in frontend/actions/. If we get status 403, the frontend should dispatch the logout action. Additionally, there are some api requests that are done in onComponentMount. These ones are not done through redux since the entire application does not need the data, only the current component needs it. Anyways, we need to make sure these call the logout action when they recieve a 403

DumboOctopus avatar Jan 17 '20 19:01 DumboOctopus

#306 similar

DumboOctopus avatar Apr 10 '20 01:04 DumboOctopus