Merge "Handled ajax request crash after session timeout"

2013-09-26 14:54:02 +00:00 · 2013-09-26 14:54:02 +00:00 · 16c7ab1048
commit 16c7ab1048
parent 1d88989b2c 74c2b8ab62
1 changed files with 14 additions and 7 deletions
--- a/horizon/middleware.py
+++ b/horizon/middleware.py
@ -45,6 +45,8 @@ LOG = logging.getLogger(__name__)
 class HorizonMiddleware(object):
    """ The main Horizon middleware class. Required for use of Horizon. """

+    logout_reason = None
+
    def process_request(self, request):
        """ Adds data necessary for Horizon to function to the request. """
        # Activate timezone handling
@ -60,19 +62,18 @@ class HorizonMiddleware(object):

        last_activity = request.session.get('last_activity', None)
        timestamp = datetime.datetime.now()
+        request.horizon = {'dashboard': None,
+                           'panel': None,
+                           'async_messages': []}
        if last_activity and (timestamp - last_activity).seconds > timeout:
            request.session.pop('last_activity')
            response = HttpResponseRedirect(
                '%s?next=%s' % (settings.LOGOUT_URL, request.path))
-            reason = _("Session timed out.")
-            utils.add_logout_reason(request, response, reason)
+            self.logout_reason = _("Session timed out.")
+            utils.add_logout_reason(request, response, self.logout_reason)
            return response
        request.session['last_activity'] = timestamp

-        request.horizon = {'dashboard': None,
-                           'panel': None,
-                           'async_messages': []}
-
    def process_exception(self, request, exception):
        """
        Catches internal Horizon exception classes such as NotAuthorized,
@ -119,7 +120,13 @@ class HorizonMiddleware(object):
                # use django's messages methods here.
                for tag, message, extra_tags in queued_msgs:
                    getattr(django_messages, tag)(request, message, extra_tags)
-                redirect_response = http.HttpResponse()
+                if response['location'].startswith(settings.LOGOUT_URL):
+                    redirect_response = http.HttpResponse(status=401)
+                    if self.logout_reason is not None:
+                        utils.add_logout_reason(
+                            request, redirect_response, self.logout_reason)
+                else:
+                    redirect_response = http.HttpResponse()
                redirect_response['X-Horizon-Location'] = response['location']
                return redirect_response
            if queued_msgs: