[Bug]: some feature fail silently when the session has expired

[laurentj]

What is the bug?

After an amount of time (often 1h) without interacting with Lizmap, the session expired. If the user click on a user interface element that do a request (with XHR..) to the server, the response will be, obviously a 403 error. However, there are often (never?) a message to inform the user he has to identify himself again to continue to use Lizmap.

Steps to reproduce the issue

1. go the map
2. wait one hour or more (or delete the session cookie into the browser)
3. click on a button that do a request in the background
4. nothing is displayed, or there is not the expected behavior.

Versions

At least Lizmap <=3.6

Check Lizmap plugin

• [X] I have done the step just before in the Lizmap QGIS desktop plugin before opening this ticket. Otherwise, my ticket is not considered valid and might get closed.

QGIS server version, only if the section above doesn't mention the QGIS Server version

No response

Operating system

any

Browsers

Firefox

Browsers version

any

Relevant log output

No response

[laurentj]

I suggest to check correctly the http code, each time we are using an xhr. If the code is 403, we should display at least a message indicating to go to the login page.

A better solution may be to open a dialog, asking again the login/password, submit these data with xhr, and if the return is ok, to do again the original xhr. But with this solution, we should think about other authentication methods like our SAML module.