MODULENAME,
"open-ils.auth.session.retrieve",
"oilsAuthSessionRetrieve",
- "Pass in the auth token and this retrieves the user object. The auth "
- "timeout is reset when this call is made "
+ "Pass in the auth token and this retrieves the user object. By "
+ "default, the auth timeout is reset when this call is made. If "
+ "a second non-zero parameter is passed, the auth timeout info is "
+ "returned to the caller along with the user object. If a 3rd "
+ "non-zero parameter is passed, the auth timeout will not be reset."
"Returns the user object (password blanked) for the given login session "
- "PARAMS( authToken )", 1, 0 );
+ "PARAMS( authToken[, returnTime[, doNotResetSession]] )", 1, 0 );
osrfAppRegisterMethod(
MODULENAME,
int oilsAuthSessionRetrieve( osrfMethodContext* ctx ) {
OSRF_METHOD_VERIFY_CONTEXT(ctx);
bool returnFull = false;
+ bool noTimeoutReset = false;
const char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0));
const char* rt = jsonObjectGetString(jsonObjectGetIndex(ctx->params, 1));
if(rt && strcmp(rt, "0") != 0)
returnFull = true;
+
+ if (ctx->params->size > 2) {
+ // Avoid resetting the auth session timeout.
+ const char* noReset =
+ jsonObjectGetString(jsonObjectGetIndex(ctx->params, 2));
+ if (noReset && strcmp(noReset, "0") != 0)
+ noTimeoutReset = true;
+ }
}
jsonObject* cacheObj = NULL;
if( authToken ){
// Reset the timeout to keep the session alive
- evt = _oilsAuthResetTimeout(authToken, 0);
+ if (!noTimeoutReset)
+ evt = _oilsAuthResetTimeout(authToken, 0);
if( evt && strcmp(evt->event, OILS_EVENT_SUCCESS) ) {
osrfAppRespondComplete( ctx, oilsEventToJSON( evt )); // can't reset timeout
// For ws_ou or wsid(), see egAuth.user().ws_ou(), etc.
workstation : function() {
return this.ws;
- }
+ },
+
+ // Listen for logout events in other tabs
+ authChannel : new BroadcastChannel('eg.auth')
};
/* Returns a promise, which is resolved if valid
* Does that setting serve a purpose in a browser environment?
*/
service.poll = function() {
- if (!service.authtime()) return;
+
+ if (!service.authChannel.onmessage) {
+ // Now that we have an authtoken, listen for logout events
+ // initiated by other tabs.
+ service.authChannel.onmessage = function(e) {
+ if (e.data.action == 'logout') {
+ $rootScope.$broadcast(
+ 'egAuthExpired', {startedElsewhere : true});
+ }
+ }
+ }
$timeout(
function() {
- if (!service.authtime()) return;
egNet.request(
'open-ils.auth',
- 'open-ils.auth.session.retrieve', service.token())
- .then(function(user) {
+ 'open-ils.auth.session.retrieve',
+ service.token(),
+ 0, // return extra auth details, unneeded here.
+ 1 // avoid extending the auth timeout
+ ).then(function(user) {
if (user && user.classname) { // all good
service.poll();
} else {
- $rootScope.$broadcast('egAuthExpired')
+ // NOTE: we should never get here, since egNet
+ // filters responses for NO_SESSION events.
+ $rootScope.$broadcast('egAuthExpired');
}
})
},
);
}
- service.logout = function() {
+ service.logout = function(broadcast) {
+
+ if (broadcast) {
+ // Tell the other tabs to shut it all down.
+ service.authChannel.postMessage({action : 'logout'});
+ }
+
if (service.token()) {
egNet.request(
'open-ils.auth',
// returns true if we are staying on the current page
// false if we are redirecting to login
- service.expiredAuthHandler = function() {
+ service.expiredAuthHandler = function(data) {
if (lf.isOffline) return true; // Only set by the offline UI
console.debug('egStartup.expiredAuthHandler()');
- egAuth.logout(); // clean up
+
+ // Only notify other tabs the auth session has expired
+ // when this tab was the first tab to know it.
+ var broadcast = !(data && data.startedElsewhere);
+
+ egAuth.logout(broadcast); // clean up
// no need to redirect if we're on the /login page
if ($location.path() == '/login') return true;
projects / evergreen-equinox.git / commitdiff