Comments (3)
Hello there,
Yes i found this issue, i didn't PR what I've done about it cause I will need your approval and discuss about the work I've made.
First, I decrypt information in the token which is jwt and you get user information inside this token. The token is actually base64 encoded information and user information are available in the third part of jwt (see code to get info). Inside you can found when the token will expire (by default uaa delivered a token which expired in 30min).
I store this information inside the cf-uaa-guard's cookie (see code) and I check if the session expired from the time I stored in the rootHandler
(see code) if expired I redirect to the logout
handler I've added.
This handler will simply clean data inside the token, put logged
to false and remove user information and finally redirect to the auth
handler (see code).
Finally, it will go back to the current chain and if token can be renewed it will be and if no go back to the login page.
Hope it helps.
from cf-uaa-guard-service.
@ArthurHlt AFAIK, 18F/cloud.gov doesn't use this service anymore, so you shouldn't need their approval to send a PR. FWIW, if what you've done can pass a unit test where the example they described in the second-to-last paragraph cannot be realized, then I would consider the issue closed.
from cf-uaa-guard-service.
Sorry, I've only just seen this since I missed notification of @ArthurHlt 's comment back when he made it. As the person ostensibly in charge around here: Yes, PRs with a test welcome!
from cf-uaa-guard-service.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cf-uaa-guard-service.