From 636779cb79ba4983bb037d6caf12c0fd99201cbf Mon Sep 17 00:00:00 2001 From: Luc Didry Date: Thu, 4 Jul 2024 09:01:13 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20=E2=80=94=20Fix=20bug=20in=20log?= =?UTF-8?q?in=20view=20when=20having=20an=20expired=20token=20in=20cookie?= =?UTF-8?q?=20(redirect=20loop)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitlab-ci.yml | 11 +++++++++++ CHANGELOG.md | 2 ++ argos/server/exceptions.py | 5 ++++- argos/server/routes/views.py | 2 +- 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d7116d5..31cf6d9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -51,6 +51,17 @@ format: script: - make ruff +release_job: + stage: deploy + image: registry.gitlab.com/gitlab-org/release-cli:latest + rules: + - if: $CI_COMMIT_TAG + script: + - sed -n '/^## '$CI_COMMIT_TAG'/,/^#/p' CHANGELOG.md | sed -e '/^\(#\|$\|Date\)/d' > release.md + release: # See https://docs.gitlab.com/ee/ci/yaml/#release for available properties + tag_name: '$CI_COMMIT_TAG' + description: './release.md' + pages: <<: *pull_cache stage: deploy diff --git a/CHANGELOG.md b/CHANGELOG.md index 98d3724..730ec4d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## [Unreleased] +- 🐛 — Fix bug in login view when having an expired token in cookie (redirect loop) + ## 0.2.1 Date: 2024-06-27 diff --git a/argos/server/exceptions.py b/argos/server/exceptions.py index 0261e98..8fdd39d 100644 --- a/argos/server/exceptions.py +++ b/argos/server/exceptions.py @@ -10,4 +10,7 @@ def auth_exception_handler(request: Request, exc: NotAuthenticatedException): """ Redirect the user to the login page if not logged in """ - return RedirectResponse(url=request.url_for("login_view")) + response = RedirectResponse(url=request.url_for("login_view")) + manager = request.app.state.manager + manager.set_cookie(response, "") + return response diff --git a/argos/server/routes/views.py b/argos/server/routes/views.py index b889e42..ef7d4de 100644 --- a/argos/server/routes/views.py +++ b/argos/server/routes/views.py @@ -29,7 +29,7 @@ SEVERITY_LEVELS = {"ok": 1, "warning": 2, "critical": 3, "unknown": 4} @route.get("/login") async def login_view(request: Request, msg: str | None = None): token = request.cookies.get("access-token") - if token is not None: + if token is not None and token != "": manager = request.app.state.manager user = await manager.get_current_user(token) if user is not None: