horizon

History

Yves-Gwenael Bourhis 4824239730 Checking session timeout before authentication If both the keystone token and the session expired, the user was asked to login twice. This is because the token expiration was not checked. When a user had timed out both in session and keystone token validity, the user was asked to log in, then the timestamp was checked, and the user logged out again and asked to log in a second time. We now check both the timestamp and keystone token validity before authentication validity and force back the login page to retrieve a new keystone token, avoiding the timeout race condition between session and token validity which was forcing a dual login. A keystone token expiration is now considered as a session timeout too. Also, a page can start loading while the token is valid, and finish while it's invalid. This was leading to errors during the page loading. We now set a TOKEN_TIMEOUT_MARGIN period in seconds which allows defining a margin before which we consider the token as expired. This is a configurable parameter in the django settings because the time a page takes to render is infra and deployment specific. This margin is preset to ten seconds. Requires: https://review.openstack.org/101556 Closes-Bug: 1308918 Change-Id: I0bf0d079a9dc000c1a30f0e20dcaa03b22d63e51	2014-09-25 15:06:19 +02:00
..
__init__.py	Initialize table action buttons for lazy-loaded tabs	2014-08-11 18:01:41 +04:00
backend.py	Checking session timeout before authentication	2014-09-25 15:06:19 +02:00

Yves-Gwenael Bourhis 4824239730 Checking session timeout before authentication

If both the keystone token and the session expired, the user was asked to login
twice. This is because the token expiration was not checked.
When a user had timed out both in session and keystone token validity, the user
was asked to log in, then the timestamp was checked, and the user logged out
again and asked to log in a second time.

We now check both the timestamp and keystone token validity before
authentication validity and force back the login page to retrieve a new
keystone token, avoiding the timeout race condition between session and token
validity which was forcing a dual login. A keystone token expiration is now
considered as a session timeout too.

Also, a page can start loading while the token is valid, and finish while it's
invalid. This was leading to errors during the page loading.
We now set a TOKEN_TIMEOUT_MARGIN period in seconds which allows defining
a margin before which we consider the token as expired.
This is a configurable parameter in the django settings because the time a page
takes to render is infra and deployment specific. This margin is preset to
ten seconds.

Requires: https://review.openstack.org/101556

Closes-Bug: 1308918

Change-Id: I0bf0d079a9dc000c1a30f0e20dcaa03b22d63e51

2014-09-25 15:06:19 +02:00

__init__.py

Initialize table action buttons for lazy-loaded tabs

2014-08-11 18:01:41 +04:00

backend.py

Checking session timeout before authentication

2014-09-25 15:06:19 +02:00