diff options
| author | Aaron LI <aaronly.me@outlook.com> | 2016-11-18 12:50:12 +0800 |
|---|---|---|
| committer | Aaron LI <aaronly.me@outlook.com> | 2016-11-18 12:50:12 +0800 |
| commit | 5805759c264adf96e9feea78a3cd3bfc2871b1de (patch) | |
| tree | db39479e71018ef18613b10e62af8cc816d63af0 /fg21sim | |
| parent | 2abadd1a0fc88b9ac16533a994353b3cb7449451 (diff) | |
| download | fg21sim-5805759c264adf96e9feea78a3cd3bfc2871b1de.tar.bz2 | |
webui: Redirect to login page if not authenticated on POST request
* Remove the authentication requirement on GET operation
* "main.js": Redirect to the login page if POST response 403 forbidden
* "main.js": Use global AJAX events handling instead of `$.ajaxSetup()`
Diffstat (limited to 'fg21sim')
| -rw-r--r-- | fg21sim/webui/handlers/configs.py | 1 | ||||
| -rw-r--r-- | fg21sim/webui/handlers/console.py | 2 | ||||
| -rw-r--r-- | fg21sim/webui/handlers/index.py | 5 | ||||
| -rw-r--r-- | fg21sim/webui/static/js/main.js | 18 |
4 files changed, 14 insertions, 12 deletions
diff --git a/fg21sim/webui/handlers/configs.py b/fg21sim/webui/handlers/configs.py index 9736650..296bd11 100644 --- a/fg21sim/webui/handlers/configs.py +++ b/fg21sim/webui/handlers/configs.py @@ -26,7 +26,6 @@ class ConfigsAJAXHandler(BaseRequestHandler): """Hook for subclass initialization. Called for each request.""" self.configs = self.application.configmanager - @tornado.web.authenticated def get(self): """ Handle the READ-ONLY configuration manipulations. diff --git a/fg21sim/webui/handlers/console.py b/fg21sim/webui/handlers/console.py index 475ccda..91ad075 100644 --- a/fg21sim/webui/handlers/console.py +++ b/fg21sim/webui/handlers/console.py @@ -9,7 +9,6 @@ import logging import time import tornado.ioloop -import tornado.gen from tornado.escape import json_decode, json_encode from .base import BaseRequestHandler @@ -36,7 +35,6 @@ class ConsoleAJAXHandler(BaseRequestHandler): # from another thread, which executes the submitted task. self.io_loop = tornado.ioloop.IOLoop.instance() - @tornado.web.authenticated def get(self): """ Handle the READ-ONLY tasks operations. diff --git a/fg21sim/webui/handlers/index.py b/fg21sim/webui/handlers/index.py index e95c310..b351619 100644 --- a/fg21sim/webui/handlers/index.py +++ b/fg21sim/webui/handlers/index.py @@ -2,11 +2,9 @@ # MIT license """ -Login handler +Index page handler """ -import tornado.web - from .base import BaseRequestHandler @@ -14,6 +12,5 @@ class IndexHandler(BaseRequestHandler): """ Index page handler of the Web UI. """ - @tornado.web.authenticated def get(self): self.render("index.html") diff --git a/fg21sim/webui/static/js/main.js b/fg21sim/webui/static/js/main.js index 27638a7..64b65c1 100644 --- a/fg21sim/webui/static/js/main.js +++ b/fg21sim/webui/static/js/main.js @@ -9,12 +9,19 @@ /** - * jQuery settings + * jQuery AJAX global callbacks using the global AJAX event handler methods + * + * NOTE: + * It is NOT recommended to use `jQuery.ajaxSetup` which will affect ALL calls + * to `jQuery.ajax` or AJAX-based derivatives. */ -jQuery.ajaxSetup({ - error: function (error) { - console.error("AJAX request failed: code:", error.status, - ", reason:", error.statusText); } +$(document).ajaxError(function (event, jqxhr, settings, exception) { + console.error("AJAX request failed: code:", jqxhr.status, + ", reason:", jqxhr.statusText); + if (jqxhr.status === 403) { + // Forbidden error: redirect to login page + window.location.href = "/login"; + } }); @@ -37,6 +44,7 @@ var getCookie = function (name) { return m ? m[1] : undefined; }; + /** * jQuery extension for easier AJAX JSON post * |