Univention Bugzilla – Attachment 4542 Details for
Bug 27936
Session-Handling ohne Cookies
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch für Session-Handling ohne Cookies
umc-frontend-js-session-handling.patch (text/plain), 9.90 KB, created by
Alexander Kläser
on 2012-07-16 16:04 CEST
(
hide
)
Description:
Patch für Session-Handling ohne Cookies
Filename:
MIME Type:
Creator:
Alexander Kläser
Created:
2012-07-16 16:04 CEST
Size:
9.90 KB
patch
obsolete
>Index: umc/app.js >=================================================================== >--- umc/app.js (Revision 34049) >+++ umc/app.js (Arbeitskopie) >@@ -91,26 +91,7 @@ > umc.tools.status('overview', umc.tools.isTrue(props.overview)); > } > >- if (props.username && props.password && dojo.isString(props.username) && dojo.isString(props.password)) { >- // username and password are given, try to login directly >- umc.dialog.login().then(dojo.hitch(this, 'onLogin')); >- return; >- } >- >- // check whether we still have a possibly valid cookie >- var sessionCookie = dojo.cookie('UMCSessionId'); >- var usernameCookie = dojo.cookie('UMCUsername'); >- if (undefined !== sessionCookie && usernameCookie !== undefined >- && (!umc.tools.status('username') || umc.tools.status('username') == usernameCookie)) { >- // the following conditions need to be given for an automatic login >- // * session and username need to be set via cookie >- // * if a username is given via the query string, it needs to match the >- // username saved in the cookie >- this.onLogin(dojo.cookie('UMCUsername')); >- } >- else { >- umc.dialog.login().then(dojo.hitch(this, 'onLogin')); >- } >+ umc.dialog.login().then(dojo.hitch(this, 'onLogin')); > }, > > onLogin: function(username) { >@@ -118,11 +99,6 @@ > dojo.cookie('UMCUsername', username, { expires: 100, path: '/' }); > umc.tools.status('username', username); > >- // set the UCR session timeout value >- umc.tools.ucr('umc/http/session/timeout').then( function(res) { >- umc.tools._sessionTimeout = parseInt( res['umc/http/session/timeout'] , 10 ); >- } ); >- > // start the timer for session checking > umc.tools.checkSession(true); > >Index: umc/widgets/Uploader.js >=================================================================== >--- umc/widgets/Uploader.js (Revision 34049) >+++ umc/widgets/Uploader.js (Arbeitskopie) >@@ -175,9 +175,10 @@ > dojo.mixin(params, this.dynamicOptions); > } > } >- // mixin the iframe information >+ // mixin the iframe information and sessionID > dojo.mixin(params, { >- iframe: (this._uploader.uploadType === 'iframe') ? true : false >+ iframe: (this._uploader.uploadType === 'iframe'), >+ 'X-UMC-Session-Id': umc.tools.getSessionId() > }); > this._uploader.upload(params); > this.onUploadStarted(data[0]); >Index: umc/widgets/LoginDialog.js >=================================================================== >--- umc/widgets/LoginDialog.js (Revision 34049) >+++ umc/widgets/LoginDialog.js (Arbeitskopie) >@@ -232,7 +232,9 @@ > this.standby(true); > umc.tools.umcpCommand('auth', { > username: username, >- password: password >+ password: password, >+ // send also the version of the UMC frontend package >+ version: umc.tools.status('version') > }).then(dojo.hitch(this, function(data) { > // disable standby in any case > this.standby(false); >Index: umc/dialog.js >=================================================================== >--- umc/dialog.js (Revision 34049) >+++ umc/dialog.js (Arbeitskopie) >@@ -68,7 +68,8 @@ > // try to authenticate via long polling... i.e., in case of an error try again until it works > this._loginDeferred = umc.tools.umcpCommand('auth', { > username: username, >- password: password >+ password: password, >+ version: umc.tools.status('version') > }, false, undefined, { > message: this._('So far the authentification failed. Continuing nevertheless.'), > noLogin: true >Index: umc/tools.js >=================================================================== >--- umc/tools.js (Revision 34049) >+++ umc/tools.js (Arbeitskopie) >@@ -42,9 +42,8 @@ > })); > dojo.mixin(umc.tools, { > >- // default value for the session timeout >- // it will be replaced by the ucr variable 'umc/http/session/timeout' onLogin >- _sessionTimeout: 300, >+ _sessionID: '', >+ _sessionDuration: 0, > > _status: { > username: null, >@@ -54,7 +53,8 @@ > displayUsername: true, > width: null, > setupGui: false, >- loggingIn: false >+ loggingIn: false, >+ version: '' > }, > > status: function(/*String?*/ key, /*Mixed?*/ value) { >@@ -66,6 +66,7 @@ > // With two parameters, sets the value of the specified key. > // Also contains the properties given > // to `umc.app.start()`. The following properties exist: >+ // * version (String): The version of the UMC frontend package. > // * username (String): The username of the authenticated user. > // * hostname (String): The hostname on which the UMC is running. > // * domainname (String): The domainname on which the UMC is running. >@@ -90,41 +91,40 @@ > return undefined; > }, > >+ getSessionId: function() { >+ return this._sessionID; >+ }, >+ >+ setSession: function(/*String*/ sessionID, /*Integer*/ duration) { >+ // summary: >+ // sets the sessionid and sessiontimeout >+ // sessionID: String >+ // the session id >+ // duration: Integer >+ // the session timeout in milliseconds >+ this._sessionID = sessionID; >+ this._sessionDuration = duration; >+ }, >+ >+ checkSessionActive: function() { >+ return this._sessionID && this._sessionDuration > 0; >+ }, >+ > closeSession: function() { > // summary: >- // Reset the session cookie in order to close the session from the client side. >- dojo.cookie('UMCSessionId', null, { >- expires: -1, >- path: '/' >- }); >+ // Reset the session in order to close the session from the client side. >+ this.setSession('', -1); > }, > >- holdSession: function(/*String?*/ id) { >+ holdSession: function(/*String*/ id) { > // summary: >- // Set the expiration time of the current session cookie in to 24 hours. >+ // Set the expiration time of the current session in to 24 hours. > // id: String > // If specified, the session ID will be set to this value, otherwise the >- // ID will be read from the cookie automatically. >- var date = new Date((new Date()).getTime() + 1000 * 60 * 60 * 24); >- dojo.cookie('UMCSessionId', id || dojo.cookie('UMCSessionId'), { >- expires: date.toUTCString(), >- path: '/' >- }); >+ // ID will not change. >+ this.setSession(id || this._sessionID, 1000 * 60 * 60 * 24); > }, > >- _renewIESession : function() { >- // summary: >- // Reset the Internet Explorer Session. Internet Explorer can not handle max-age cookies. >- // This is required for automatically show the login dialogue when the session is expired. >- if(dojo.isIE !== undefined) { >- var date = new Date((new Date()).getTime() + 1000 * this._sessionTimeout); >- dojo.cookie('UMCSessionId', dojo.cookie('UMCSessionId'), { >- expires: date.toUTCString(), >- path: '/' >- }); >- } >- }, >- > _checkSessionTimer: null, > > checkSession: function(enable) { >@@ -143,7 +143,7 @@ > // create a new timer instance > this._checkSessionTimer = new dojox.timing.Timer(1000); > this._checkSessionTimer.onTick = function() { >- if (!dojo.isString(dojo.cookie('UMCSessionId'))) { >+ if (!umc.tools.checkSessionActive()) { > umc.tools._checkSessionTimer.stop(); > if (umc.tools.status['loggingIn']) { > // login dialog is already running >@@ -156,6 +156,8 @@ > umc.tools._checkSessionTimer.start(); > } > }); >+ } else { >+ umc.tools._sessionDuration -= 1000; > } > }; > } >@@ -170,7 +172,7 @@ > _PollingHandler: function(url, content, finishedDeferred, opts) { > // save the current session ID locally, as the cookie might expire when > // the time and timezone settings are updated >- var _oldSessionID = dojo.cookie('UMCSessionId'); >+ var _oldSessionID = umc.tools.getSessionId(); > > return { > finishedDeferred: finishedDeferred, >@@ -221,12 +223,12 @@ > > sendRequest: function() { > // switch off the automatic check for session timeout... >- // the proble here is as follows, we do not receive a response, >+ // the problem here is as follows, we do not receive a response, > // therefore the cookie is not updated (which is checked for the > // session timeout), however, the server will renew the session > // with each valid request that it receives >- var currentSessionID = dojo.cookie('UMCSessionId'); >- if (!currentSessionID || 'undefined' == currentSessionID) { >+ var currentSessionID = umc.tools.getSessionId(); >+ if (!currentSessionID) { > // restore last valid session ID > currentSessionID = _oldSessionID; > } >@@ -235,18 +237,23 @@ > > // send AJAX command > this._lastRequestTime = (new Date()).getTime(); >- dojo.xhrPost({ >+ var xhrRequest = dojo.xhrPost({ > url: this.url, > preventCache: true, > handleAs: 'json', > headers: { >- 'Content-Type': 'application/json' >+ 'Content-Type': 'application/json', >+ 'X-UMC-Session-Id': umc.tools.getSessionId() > }, > postData: this.content, > timeout: 1000 * this.xhrTimeout >- }).then(dojo.hitch(this, function(data) { >+ }); >+ xhrRequest.then(dojo.hitch(this, function(data) { > // request finished >- umc.tools._renewIESession(); >+ if (xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id')) { >+ // reset the sessionId and sessionTimeout >+ umc.tools.setSession(xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id'), 1000 * parseInt(xhrRequest.ioArgs.xhr.getResponseHeader('X-UMC-Session-Timeout'))); >+ } > this._dialog.hide(); > this._dialog.destroyRecursive(); > this.finishedDeferred.resolve(data); >@@ -349,18 +356,22 @@ > } > else { > // normal AJAX call >- var call = dojo.xhrPost({ >+ var xcall = dojo.xhrPost({ > url: url, > preventCache: true, > handleAs: 'json', > headers: { >- 'Content-Type': 'application/json' >+ 'Content-Type': 'application/json', >+ 'X-UMC-Session-Id': umc.tools.getSessionId() > }, > postData: body > }); > >- call = call.then(function(data) { >- umc.tools._renewIESession(); >+ var call = xcall.then(function(data) { >+ if (xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id')) { >+ // reset the sessionId and sessionTimeout >+ umc.tools.setSession(xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Id'), 1000 * parseInt(xcall.ioArgs.xhr.getResponseHeader('X-UMC-Session-Timeout'))); >+ } > return data; > }); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=4542">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 27936
: 4542