🐛 — Fix bug in login view when having an expired token in cookie (redirect loop)

.gitlab-ci.yml

@@ -51,6 +51,17 @@ format:
   script:
     - make ruff
 
+release_job:
+  stage: deploy
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  rules:
+    - if: $CI_COMMIT_TAG
+  script:
+    - sed -n '/^## '$CI_COMMIT_TAG'/,/^#/p' CHANGELOG.md | sed -e '/^\(#\|$\|Date\)/d' > release.md
+  release:                               # See https://docs.gitlab.com/ee/ci/yaml/#release for available properties
+    tag_name: '$CI_COMMIT_TAG'
+    description: './release.md'
+
 pages:
   <<: *pull_cache
   stage: deploy

CHANGELOG.md

@@ -2,6 +2,8 @@
 
 ## [Unreleased]
 
+- 🐛 — Fix bug in login view when having an expired token in cookie (redirect loop)
+
 ## 0.2.1
 
 Date: 2024-06-27

argos/server/exceptions.py

@@ -10,4 +10,7 @@ def auth_exception_handler(request: Request, exc: NotAuthenticatedException):
     """
     Redirect the user to the login page if not logged in
     """
-    return RedirectResponse(url=request.url_for("login_view"))
+    response = RedirectResponse(url=request.url_for("login_view"))
+    manager = request.app.state.manager
+    manager.set_cookie(response, "")
+    return response

argos/server/routes/views.py

@@ -29,7 +29,7 @@ SEVERITY_LEVELS = {"ok": 1, "warning": 2, "critical": 3, "unknown": 4}
 @route.get("/login")
 async def login_view(request: Request, msg: str | None = None):
     token = request.cookies.get("access-token")
-    if token is not None:
+    if token is not None and token != "":
         manager = request.app.state.manager
         user = await manager.get_current_user(token)
         if user is not None: