From 5805759c264adf96e9feea78a3cd3bfc2871b1de Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Fri, 18 Nov 2016 12:50:12 +0800 Subject: webui: Redirect to login page if not authenticated on POST request * Remove the authentication requirement on GET operation * "main.js": Redirect to the login page if POST response 403 forbidden * "main.js": Use global AJAX events handling instead of `$.ajaxSetup()` --- fg21sim/webui/handlers/configs.py | 1 - fg21sim/webui/handlers/console.py | 2 -- fg21sim/webui/handlers/index.py | 5 +---- fg21sim/webui/static/js/main.js | 18 +++++++++++++----- 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/fg21sim/webui/handlers/configs.py b/fg21sim/webui/handlers/configs.py index 9736650..296bd11 100644 --- a/fg21sim/webui/handlers/configs.py +++ b/fg21sim/webui/handlers/configs.py @@ -26,7 +26,6 @@ class ConfigsAJAXHandler(BaseRequestHandler): """Hook for subclass initialization. Called for each request.""" self.configs = self.application.configmanager - @tornado.web.authenticated def get(self): """ Handle the READ-ONLY configuration manipulations. diff --git a/fg21sim/webui/handlers/console.py b/fg21sim/webui/handlers/console.py index 475ccda..91ad075 100644 --- a/fg21sim/webui/handlers/console.py +++ b/fg21sim/webui/handlers/console.py @@ -9,7 +9,6 @@ import logging import time import tornado.ioloop -import tornado.gen from tornado.escape import json_decode, json_encode from .base import BaseRequestHandler @@ -36,7 +35,6 @@ class ConsoleAJAXHandler(BaseRequestHandler): # from another thread, which executes the submitted task. self.io_loop = tornado.ioloop.IOLoop.instance() - @tornado.web.authenticated def get(self): """ Handle the READ-ONLY tasks operations. diff --git a/fg21sim/webui/handlers/index.py b/fg21sim/webui/handlers/index.py index e95c310..b351619 100644 --- a/fg21sim/webui/handlers/index.py +++ b/fg21sim/webui/handlers/index.py @@ -2,11 +2,9 @@ # MIT license """ -Login handler +Index page handler """ -import tornado.web - from .base import BaseRequestHandler @@ -14,6 +12,5 @@ class IndexHandler(BaseRequestHandler): """ Index page handler of the Web UI. """ - @tornado.web.authenticated def get(self): self.render("index.html") diff --git a/fg21sim/webui/static/js/main.js b/fg21sim/webui/static/js/main.js index 27638a7..64b65c1 100644 --- a/fg21sim/webui/static/js/main.js +++ b/fg21sim/webui/static/js/main.js @@ -9,12 +9,19 @@ /** - * jQuery settings + * jQuery AJAX global callbacks using the global AJAX event handler methods + * + * NOTE: + * It is NOT recommended to use `jQuery.ajaxSetup` which will affect ALL calls + * to `jQuery.ajax` or AJAX-based derivatives. */ -jQuery.ajaxSetup({ - error: function (error) { - console.error("AJAX request failed: code:", error.status, - ", reason:", error.statusText); } +$(document).ajaxError(function (event, jqxhr, settings, exception) { + console.error("AJAX request failed: code:", jqxhr.status, + ", reason:", jqxhr.statusText); + if (jqxhr.status === 403) { + // Forbidden error: redirect to login page + window.location.href = "/login"; + } }); @@ -37,6 +44,7 @@ var getCookie = function (name) { return m ? m[1] : undefined; }; + /** * jQuery extension for easier AJAX JSON post * -- cgit v1.2.2