search

Keesaco / KeesaFlo

A cloud-based flow cytometry web application
Other
6 stars 0 forks source link

Authentication on all views (Fixes #77) #100

Closed notchris1 closed 10 years ago

notchris1 commented 10 years ago

Quick fix to ensure all requests are from authenticated user. I feel the method used may be clumsy, and am really open to neater solutions.

McCrea commented 10 years ago

If you only request a pagelet (rather than a whole page) what will happen? Since this is a one-page app, actual full page refreshes happen quite infrequently and I'm concerned that this could cause weird behaviour, especially when the request is for a JSON datasource. e.g. if you load the app, then log out of your Google account and then try to view a file, what happens?

notchris1 commented 10 years ago

Okay, this makes sense, honestly it hasn't been given a complete test on deployed yet (Infact I was somewhat abusing the pull request system, to get a review). I shall test as soon as I can (maybe Sunday)

McCrea commented 10 years ago

That’s okay. I suspect the test for whether or not to redirect (i.e. currently just being authenticated) will be replaced with something which uses your named permissions API, but having working code to redirect the client on access denied is useful. On 11 Apr 2014, at 14:23, Christian Wike notifications@github.com wrote:

Okay, this makes sense, honestly it hasn't been given a complete test on deployed yet (Infact I was somewhat abusing the pull request system, to get a review). I shall test as soon as I can (maybe Sunday)

— Reply to this email directly or view it on GitHub.

notchris1 commented 10 years ago

It seems to be functional, Ive deployed to chrisdot, if anyone fancies having a mess, i would like to see it broken

McCrea commented 10 years ago

screen shot 2014-04-13 at 02 00 42 Login -> duplicate -> log out of duplicate -> switch to original -> click home button

(Essentially request a pagelet from the app page when you're no longer logged in.)

I expect the solution to this is to have a JSON response sent out and to check for said JSON response within ksfData/ksfReq.

notchris1 commented 10 years ago

Ahh cool, hmm i don't think know enough to fix this then

McCrea commented 10 years ago

I'll see if I have some time for this next week.

McCrea commented 10 years ago

Is it okay to close this pull request now?

McCrea commented 10 years ago

This issue is now resolved in #131; specifically 4adfca5 and 1e9941a.

McCrea commented 10 years ago

I don't think this pull request serves a purpose any more.