4824239730
If both the keystone token and the session expired, the user was asked to login twice. This is because the token expiration was not checked. When a user had timed out both in session and keystone token validity, the user was asked to log in, then the timestamp was checked, and the user logged out again and asked to log in a second time. We now check both the timestamp and keystone token validity before authentication validity and force back the login page to retrieve a new keystone token, avoiding the timeout race condition between session and token validity which was forcing a dual login. A keystone token expiration is now considered as a session timeout too. Also, a page can start loading while the token is valid, and finish while it's invalid. This was leading to errors during the page loading. We now set a TOKEN_TIMEOUT_MARGIN period in seconds which allows defining a margin before which we consider the token as expired. This is a configurable parameter in the django settings because the time a page takes to render is infra and deployment specific. This margin is preset to ten seconds. Requires: https://review.openstack.org/101556 Closes-Bug: 1308918 Change-Id: I0bf0d079a9dc000c1a30f0e20dcaa03b22d63e51 |
||
---|---|---|
.. | ||
password | ||
user | ||
__init__.py | ||
dashboard.py | ||
models.py |