Changes to user's data in login should be pushed into login cookies without a login/logout

RESOLVED FIXED

Status

RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: kate, Assigned: cade)

Tracking

Details

(Whiteboard: [badges] [july25][webmaker-badges][launch])

Attachments

(5 attachments)

(Reporter)

Description

4 years ago
Perhaps a verify could ping the server every 15 minutes or so to check in changes have been made (admin status, etc)
(Reporter)

Updated

4 years ago
Assignee: jon → kate
(Reporter)

Updated

4 years ago
Whiteboard: [June13][webmaker-badges][launch] → [june13][webmaker-badges][launch]
Status: NEW → ASSIGNED
Whiteboard: [june13][webmaker-badges][launch] → [badges] [june13][webmaker-badges][launch]
(Reporter)

Updated

4 years ago
Whiteboard: [badges] [june13][webmaker-badges][launch] → [badges] [june27][webmaker-badges][launch]
Chris, can you take this on this sprint?
Assignee: kate → cade
(Assignee)

Comment 2

4 years ago
Created attachment 8441598 [details] [review]
https://github.com/mozilla/webmaker-auth/pull/11

Is this kinda what we were looking for?

Basically, it tacks a timestamp onto ever session that's generated, and the verify route checks how old it is. If it's older than a configured time (15 minute default) it is refreshed.

We could potentially add in a param to force a refresh, which might be useful in some situations.
Attachment #8441598 - Flags: feedback?(kate)
Attachment #8441598 - Flags: feedback?(jon)

Comment 3

4 years ago
Comment on attachment 8441598 [details] [review]
https://github.com/mozilla/webmaker-auth/pull/11

the approach looks solid, I'm just wondering about the use of login credentials.
Attachment #8441598 - Flags: feedback?(jon) → feedback+
(Reporter)

Comment 4

4 years ago
Yeah looks good to me
(Reporter)

Updated

4 years ago
Attachment #8441598 - Flags: feedback?(kate) → feedback+
(Assignee)

Comment 5

4 years ago
Comment on attachment 8441598 [details] [review]
https://github.com/mozilla/webmaker-auth/pull/11

Lets move this into code review.
Attachment #8441598 - Flags: review?(jon)

Updated

4 years ago
Attachment #8441598 - Flags: review?(jon) → review-
(Assignee)

Updated

4 years ago
Attachment #8441598 - Flags: review- → review?(jon)
Whiteboard: [badges] [june27][webmaker-badges][launch] → [badges] [july11][webmaker-badges][launch]

Updated

4 years ago
Attachment #8441598 - Flags: review?(jon) → review+

Comment 6

4 years ago
oh wait, one nit: can you add the authLoginUrl to the example server?
Flags: needinfo?(cade)
(Assignee)

Comment 8

4 years ago
we'll need to update apps to use v0.1.2 of webmaker-auth
(Assignee)

Comment 9

4 years ago
Created attachment 8451921 [details] [review]
https://github.com/mozilla/webmaker-auth/pull/13

The Boolean logic around not refreshing if there's no authLoginURL is broken.

it's currently `if(a && !b || c) {}` and should be `if (a && (!b || c)) {}`

the former will execute even if 'a' is falsy, the latter behaves as expected.
Attachment #8451921 - Flags: review?(jon)
(Assignee)

Updated

4 years ago
Attachment #8451921 - Flags: review?(jon) → review?(kate)
(Assignee)

Updated

4 years ago
Attachment #8451907 - Flags: review?(jon) → review?(kate)
(Reporter)

Updated

4 years ago
Attachment #8451907 - Flags: review?(kate) → review+
(Reporter)

Updated

4 years ago
Attachment #8451921 - Flags: review?(kate) → review+
(Reporter)

Comment 11

4 years ago
Comment on attachment 8453140 [details]
Webmaker Auth updates (links to Github PR's)

Everything looks good, make sure you set all those vars on prod and staging config and double check 'em
Attachment #8453140 - Flags: review?(kate) → review+
(Assignee)

Updated

4 years ago
Attachment #8453230 - Flags: review?(kate)
(Reporter)

Updated

4 years ago
Attachment #8453230 - Flags: review?(kate) → review+
Whiteboard: [badges] [july11][webmaker-badges][launch] → [badges] [july25][webmaker-badges][launch]

Updated

4 years ago
Blocks: 979637
(Assignee)

Updated

4 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.