search

AtlasOfLivingAustralia / spatial-hub

New spatial portal front end using AngularJS
https://spatial.ala.org.au/
7 stars 16 forks source link

Fix CORS error and authentication missing issue #390

Closed qifeng-bai closed 1 year ago

qifeng-bai commented 3 years ago

SP calls a log service on SS via Ajax, which causes possible CORS error on server

What we found:

In spApp.sj, there is a workaround which embeds the home page of Spatial Service into Spatial Hub. thus UserPrincipal can be shared / passed to SpatialService

var authWorkaround = function (url) if (url) { $("body").append('<div style="display:none"><iframe src="' + url + '"></iframe></div>') }

if ($SH.layersServiceUrl) authWorkaround($SH.layersServiceUrl + "/log");

In this scenario, if we deploy / restart Spatial service without refreshing Spatial Hub, the UserPrincipal may lose.

Having said that, most of our calls to spatial service provides userId / apiKey, which won't have the same issues

qifeng-bai commented 3 years ago

PR: https://github.com/AtlasOfLivingAustralia/spatial-hub/pull/391

nickdos commented 3 years ago

Also needs steps to reproduce error/test.

qifeng-bai commented 3 years ago

@nickdos Run a tool, like "area report", if there is no error output in console related to "logService", then the issue is fixed

nickdos commented 3 years ago

Log in GORM uses userId/sessionId. https://github.com/AtlasOfLivingAustralia/spatial-service/blob/master/grails-app/domain/au/org/ala/spatial/service/Log.groovy

However, our database uses: user_id and session_id as fields

Yes, that is expected - GORM translates the vars from camelCase to underscore automagically.

qifeng-bai commented 3 years ago

PR: https://github.com/AtlasOfLivingAustralia/spatial-hub/pull/395 https://github.com/AtlasOfLivingAustralia/spatial-service/pull/172