Skip to content

fix: Redirect user to login if session is terminated #49208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
skjnldsv merged 2 commits into from
Dec 20, 2024
Merged

fix: Redirect user to login if session is terminated #49208

skjnldsv merged 2 commits into from
Dec 20, 2024

Conversation

@susnux
Copy link
Contributor

@susnux susnux commented Nov 11, 2024
edited
Loading

Summary

If a session timed out or was closed in another tab, then currently the user gets random error messages. This intercepts 401 responses (should only happen if logged out, or the users does something wrong).

If we get a 401, we make sure its because of the session, by checking if the user can access the files app.
If that is also the case we forward the user to the login page and set the redirect URL to the last used URL.

Screen recording

Bildschirmaufnahme_20241111_174951.webm

Checklist

@susnux susnux requested review from a team, Pytal, artonge, julien-nc and nfebe and removed request for a team November 11, 2024 17:26
@susnux
Copy link
Contributor Author

susnux commented Nov 11, 2024

/backport to stable30

@susnux
Copy link
Contributor Author

susnux commented Nov 11, 2024

/backport to stable29

artonge
artonge reviewed Nov 13, 2024
View reviewed changes
Copy link
Contributor

@artonge artonge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be added to the @nextcloud/axios lib?
But is the webdav lib using @nc/axios?

@susnux
Copy link
Contributor Author

susnux commented Nov 13, 2024

Shouldn't this be added to the @nextcloud/axios lib?

No, similar as the other interceptors, this is not a feature developers can opt-in with using nc-axios, but it is a core feature.
Meaning it should work for all requests, even if you just use vanilla JavaScript.

Pytal
Pytal reviewed Nov 13, 2024
View reviewed changes
@susnux susnux requested a review from artonge November 16, 2024 21:01
@susnux susnux force-pushed the fix/forward-user-login-if-no-session branch from 1d1cb05 to 8f5c8e1 Compare November 17, 2024 00:35
@susnux
Copy link
Contributor Author

susnux commented Nov 17, 2024

Tests added.

@susnux @skjnldsv
fix: Redirect user to login if session is terminated
1df2314 
If a session timed out or was closed in another tab,
then currently the user gets random error messages.
This intercepts 401 responses (should only happen if logged out, or the
users does something wrong).

If we get a 401, we make sure its because of the session,
by checking if the user can access the files app.
If that is also the case we forward the user to the login page
and set the redirect URL to the last used URL.

Signed-off-by: Ferdinand Thiessen <[email protected]>
@skjnldsv skjnldsv force-pushed the fix/forward-user-login-if-no-session branch from 8f5c8e1 to 1df2314 Compare December 19, 2024 17:56
@skjnldsv
Copy link
Member

skjnldsv commented Dec 19, 2024

/compile

@nextcloud-command
chore(assets): Recompile assets
29e8bf4 
Signed-off-by: nextcloud-command <[email protected]>
@skjnldsv skjnldsv enabled auto-merge December 19, 2024 21:51
@skjnldsv skjnldsv disabled auto-merge December 20, 2024 12:57
@skjnldsv skjnldsv merged commit 23c83a7 into master Dec 20, 2024
117 of 120 checks passed
@skjnldsv skjnldsv deleted the fix/forward-user-login-if-no-session branch December 20, 2024 12:57
This was referenced Dec 20, 2024
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Jan 7, 2025
Merged
@inet-cologne
Copy link

inet-cologne commented Feb 15, 2025

@susnux , @skjnldsv , @artonge , @Pytal
Hey guys,
may it be that the change made here in #49560 or #49208 produces somehow login problems within Nextcloud files app, Nextcloud Talk app and perhaps causing issues with Calendar subscription synchronising?
Since a couple of days after updating (several instances!!) Nextcloud Server to 30.0.5, problems were occurring that Login fails. These could be fixed by deleting and reinstalling and reconfiguring the apps.
30.0.6 does not fix the situation either but now even reinstallation does not help anymore.
Login with the above mentioned iOS apps are not possible any more!!
Please see issue #50619!

Thanks for checking that!!
Chris

@pierresebastien pierresebastien mentioned this pull request Feb 25, 2025
Closed
@inet-cologne inet-cologne mentioned this pull request Feb 26, 2025
Closed
8 tasks
@inet-cologne
Copy link

inet-cologne commented Feb 26, 2025

@susnux , @skjnldsv , @artonge , @Pytal
Hey guys, could you pleeeease check this?
Thanks a lot!!

@susnux susnux mentioned this pull request Mar 12, 2025
Closed
@jolly-jump
Copy link

jolly-jump commented Apr 29, 2025

@susnux , @skjnldsv , @artonge , @Pytal
Hey guys,

can you please check, if you are experiencing the login problems as well?
There are some github issues and forum-threads that seem to fit.
I did some summary: https://help.nextcloud.com/t/first-login-with-desktop-ios-android-app-fails/223854
I have no clue, why this happens to "us" and not to everyone as it seems.

Thanks!

@jolly-jump
Copy link

jolly-jump commented May 3, 2025

@susnux , @skjnldsv , @artonge , @Pytal Hey guys, could you pleeeease check this? Thanks a lot!!

Hi again,
I figured, that our login-rejection problem might be connected to using LDAP/AD as authenticator.

Can you rule out that your code changes here could lead to login-problem in combination with LDAP/AD? Did you test your changes with such a setting?

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skjnldsv skjnldsv skjnldsv approved these changes

@Pytal Pytal Pytal approved these changes

@julien-nc julien-nc Awaiting requested review from julien-nc

@nfebe nfebe Awaiting requested review from nfebe nfebe is a code owner automatically assigned from nextcloud/server-frontend

@artonge artonge Awaiting requested review from artonge

Assignees

No one assigned

Labels

3. to review Waiting for reviews bug feature: authentication

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: Getting Unexpected error: Invalid response 401 in Files app

8 participants

@susnux @skjnldsv @inet-cologne @jolly-jump @artonge @Pytal @nextcloud-command