Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Implemented
-
Upcoming Branch, 22.01.01
-
None
Description
Use case :
- log in,
- open a second browser tab (so both tabs are authenticated),
- in first tab, open a page, where a link opens a modal, the modal content is fetched through AJAX when user clicks the link,
- log out in second tab,
- in first tab, click on the link, the AJAX request fires, but returns nothing with a status 200, which result in a white modal without any user feedback.
Example :
`/workeffort/control/EditWorkEffortRates?workEffortId=PrivateDemoEmployee`
This patch does 3 things to improve this behavior :
- return a HTTP status code 401 (Unauthorized) in LoginWorker::checkLogin if user is not authenticated (no more 200),
- in common-theme, OfbizUtil.js, on AJAX calls handler, if the request fails with a 401 status code, reload current page (so we land on login form instead of being stuck in a blank modal) with a new search param `clickOn` containing the id of the link that triggered the AJAX call,
- on page load, if `clickOn` search parameter exists, trigger a click event on the link, so the initial modal pops in after a successful login
As a result, il the user tries to open a AJAX-based modal while unauthenticated, here is what happens :
- modal opens,
- user is immediatly redirected to the page he was, which will be filled with login form
- after successful login, page is reloaded (no change here), and the modal is re-opened