on autho failure trigger logout, which clears localStorage

We don't presently have a way to cleanly distinguish between auth attempts with
query string vs. credentials from localStorage, particularly with respect to
one kind failing vs. the other. This can create confusing behavior when
e.g. copy/pasting an old/wrong URL+token, but then it works when refreshing the
window/tab with URL minus the token.

So, this commit simplifies the situation somewhat by triggering a logout
if there's an auth failure. That will affect all open tabs/windows of the
same browser but not other browsers, e.g. if one has embark-ui open in Chrome
and Firefox.
This commit is contained in:
Michael Bradley, Jr 2018-10-19 19:41:45 -05:00
parent 0ce26e4479
commit 2088624d83
1 changed files with 5 additions and 0 deletions

View File

@ -273,6 +273,10 @@ export function *watchAuthenticateSuccess() {
yield takeEvery(actions.AUTHENTICATE[actions.SUCCESS], saveCredentials); yield takeEvery(actions.AUTHENTICATE[actions.SUCCESS], saveCredentials);
} }
export function *watchAuthenticateFailure() {
yield takeEvery(actions.AUTHENTICATE[actions.FAILURE], logout);
}
export function *watchFetchCredentials() { export function *watchFetchCredentials() {
yield takeEvery(actions.FETCH_CREDENTIALS[actions.REQUEST], fetchCredentials); yield takeEvery(actions.FETCH_CREDENTIALS[actions.REQUEST], fetchCredentials);
} }
@ -518,6 +522,7 @@ export default function *root() {
fork(watchToggleBreakpoint), fork(watchToggleBreakpoint),
fork(watchAuthenticate), fork(watchAuthenticate),
fork(watchAuthenticateSuccess), fork(watchAuthenticateSuccess),
fork(watchAuthenticateFailure),
fork(watchLogout), fork(watchLogout),
fork(watchExplorerSearch), fork(watchExplorerSearch),
fork(watchFetchTheme), fork(watchFetchTheme),