projects / arvados-workbench2.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch '16159-logout-request-with-token'
[arvados-workbench2.git] / src / store / auth / auth-middleware.ts
diff --git a/src/store/auth/auth-middleware.ts b/src/store/auth/auth-middleware.ts
index 817ddd2e21a6669ab1589649554ad65b0b8dd2e4..ce7cd5cb6f9ceebd165af5b6ea275d56dc5aa871 100644 (file)
--- a/src/store/auth/auth-middleware.ts
+++ b/src/store/auth/auth-middleware.ts
@@ -12,9 +12,17 @@ import { progressIndicatorActions } from "~/store/progress-indicator/progress-in
 import { WORKBENCH_LOADING_SCREEN } from '~/store/workbench/workbench-actions';
 
 export const authMiddleware = (services: ServiceRepository): Middleware => store => next => action => {
+    // Middleware to update external state (local storage, window
+    // title) to ensure that they stay in sync with redux state.
+
     authActions.match(action, {
-        INIT: ({ user, token }) => {
+        INIT_USER: ({ user, token }) => {
+            // The "next" method passes the action to the next
+            // middleware in the chain, or the reducer.  That means
+            // after next() returns, the action has (presumably) been
+            // applied by the reducer to update the state.
             next(action);
+
             const state: RootState = store.getState();
 
             if (state.auth.apiToken) {
@@ -22,21 +30,32 @@ export const authMiddleware = (services: ServiceRepository): Middleware => store
                 setAuthorizationHeader(services, state.auth.apiToken);
             } else {
                 services.authService.removeApiToken();
+                services.authService.removeSessions();
                 removeAuthorizationHeader(services);
             }
 
             store.dispatch<any>(initSessions(services.authService, state.auth.remoteHostsConfig[state.auth.localCluster], user));
             if (!user.isActive) {
+                // As a special case, if the user is inactive, they
+                // may be able to self-activate using the "activate"
+                // method.  Note, for this to work there can't be any
+                // unsigned user agreements, we assume the API server is just going to
+                // rubber-stamp our activation request.  At some point in the future we'll
+                // want to either add support for displaying/signing user
+                // agreements or get rid of self-activation.
+                // For more details, see:
+                // https://doc.arvados.org/master/admin/user-management.html
+
                 store.dispatch(progressIndicatorActions.START_WORKING(WORKBENCH_LOADING_SCREEN));
                 services.userService.activate(user.uuid).then((user: User) => {
-                    store.dispatch(authActions.INIT({ user, token }));
+                    store.dispatch(authActions.INIT_USER({ user, token }));
                     store.dispatch(progressIndicatorActions.STOP_WORKING(WORKBENCH_LOADING_SCREEN));
                 }).catch(() => {
                     store.dispatch(progressIndicatorActions.STOP_WORKING(WORKBENCH_LOADING_SCREEN));
                 });
             }
         },
-        CONFIG: ({ config }) => {
+        SET_CONFIG: ({ config }) => {
             document.title = `Arvados Workbench (${config.uuidPrefix})`;
             next(action);
         },
@@ -45,10 +64,12 @@ export const authMiddleware = (services: ServiceRepository): Middleware => store
             if (deleteLinkData) {
                 services.linkAccountService.removeAccountToLink();
             }
+            const token = services.authService.getApiToken();
             services.authService.removeApiToken();
+            services.authService.removeSessions();
             services.authService.removeUser();
             removeAuthorizationHeader(services);
-            services.authService.logout();
+            services.authService.logout(token || '');
         },
         default: () => next(action)
     });